java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerC.xml -s ../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf --traceabstraction.trace.refinement.strategy SIFA_TAIPAN --sifa.abstract.domain CompoundDomain --rcfgbuilder.size.of.a.code.block LoopFreeBlock --sifa.call.summarizer TopInputCallSummarizer --sifa.fluid SizeLimitFluid --sifa.simplification.technique SIMPLIFY_QUICK -i ../../../trunk/examples/svcomp/array-crafted/zero_sum_const_m4.c -------------------------------------------------------------------------------- This is Ultimate 0.1.24-36ac518-m [2019-10-06 23:13:59,511 INFO L177 SettingsManager]: Resetting all preferences to default values... [2019-10-06 23:13:59,513 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2019-10-06 23:13:59,526 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-10-06 23:13:59,526 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-10-06 23:13:59,527 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-10-06 23:13:59,528 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-10-06 23:13:59,530 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2019-10-06 23:13:59,532 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-10-06 23:13:59,533 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-10-06 23:13:59,534 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2019-10-06 23:13:59,535 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-10-06 23:13:59,535 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-10-06 23:13:59,536 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-10-06 23:13:59,537 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-10-06 23:13:59,538 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-10-06 23:13:59,539 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-10-06 23:13:59,540 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-10-06 23:13:59,541 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-10-06 23:13:59,543 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2019-10-06 23:13:59,544 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-10-06 23:13:59,545 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-10-06 23:13:59,546 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2019-10-06 23:13:59,547 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-10-06 23:13:59,549 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-10-06 23:13:59,549 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-10-06 23:13:59,549 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-10-06 23:13:59,550 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2019-10-06 23:13:59,551 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-10-06 23:13:59,552 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2019-10-06 23:13:59,552 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-10-06 23:13:59,553 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2019-10-06 23:13:59,553 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-10-06 23:13:59,554 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2019-10-06 23:13:59,555 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-10-06 23:13:59,555 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2019-10-06 23:13:59,556 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-10-06 23:13:59,556 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-10-06 23:13:59,556 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2019-10-06 23:13:59,559 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2019-10-06 23:13:59,560 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2019-10-06 23:13:59,561 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/default/automizer/svcomp-Reach-32bit-Automizer_Default.epf [2019-10-06 23:13:59,582 INFO L113 SettingsManager]: Loading preferences was successful [2019-10-06 23:13:59,583 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2019-10-06 23:13:59,585 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-10-06 23:13:59,585 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2019-10-06 23:13:59,585 INFO L138 SettingsManager]: * Use SBE=true [2019-10-06 23:13:59,586 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-10-06 23:13:59,586 INFO L138 SettingsManager]: * sizeof long=4 [2019-10-06 23:13:59,586 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2019-10-06 23:13:59,586 INFO L138 SettingsManager]: * sizeof POINTER=4 [2019-10-06 23:13:59,586 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2019-10-06 23:13:59,587 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-10-06 23:13:59,588 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-10-06 23:13:59,588 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-10-06 23:13:59,588 INFO L138 SettingsManager]: * sizeof long double=12 [2019-10-06 23:13:59,589 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2019-10-06 23:13:59,589 INFO L138 SettingsManager]: * Use constant arrays=true [2019-10-06 23:13:59,589 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-10-06 23:13:59,589 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-10-06 23:13:59,589 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-10-06 23:13:59,589 INFO L138 SettingsManager]: * To the following directory=./dump/ [2019-10-06 23:13:59,590 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2019-10-06 23:13:59,590 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:13:59,590 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-10-06 23:13:59,590 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-10-06 23:13:59,591 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-10-06 23:13:59,591 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2019-10-06 23:13:59,591 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-10-06 23:13:59,591 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-10-06 23:13:59,591 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: Trace refinement strategy -> SIFA_TAIPAN Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Abstract Domain -> CompoundDomain Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder: Size of a code block -> LoopFreeBlock Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Call Summarizer -> TopInputCallSummarizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Fluid -> SizeLimitFluid Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.sifa: Simplification Technique -> SIMPLIFY_QUICK [2019-10-06 23:13:59,892 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-10-06 23:13:59,905 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-10-06 23:13:59,908 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-10-06 23:13:59,910 INFO L271 PluginConnector]: Initializing CDTParser... [2019-10-06 23:13:59,910 INFO L275 PluginConnector]: CDTParser initialized [2019-10-06 23:13:59,911 INFO L428 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/svcomp/array-crafted/zero_sum_const_m4.c [2019-10-06 23:13:59,973 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/974dcea0b/d91d142e9e5443669368079b6801fd8f/FLAG71527da32 [2019-10-06 23:14:00,440 INFO L306 CDTParser]: Found 1 translation units. [2019-10-06 23:14:00,441 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/trunk/examples/svcomp/array-crafted/zero_sum_const_m4.c [2019-10-06 23:14:00,450 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/974dcea0b/d91d142e9e5443669368079b6801fd8f/FLAG71527da32 [2019-10-06 23:14:00,813 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/974dcea0b/d91d142e9e5443669368079b6801fd8f [2019-10-06 23:14:00,823 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-10-06 23:14:00,825 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-10-06 23:14:00,826 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2019-10-06 23:14:00,826 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2019-10-06 23:14:00,829 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2019-10-06 23:14:00,830 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:14:00" (1/1) ... [2019-10-06 23:14:00,833 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4c9fb768 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:00, skipping insertion in model container [2019-10-06 23:14:00,834 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.10 11:14:00" (1/1) ... [2019-10-06 23:14:00,841 INFO L142 MainTranslator]: Starting translation in SV-COMP mode [2019-10-06 23:14:00,859 INFO L173 MainTranslator]: Built tables and reachable declarations [2019-10-06 23:14:01,060 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:14:01,073 INFO L188 MainTranslator]: Completed pre-run [2019-10-06 23:14:01,095 INFO L206 PostProcessor]: Analyzing one entry point: main [2019-10-06 23:14:01,111 INFO L192 MainTranslator]: Completed translation [2019-10-06 23:14:01,111 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01 WrapperNode [2019-10-06 23:14:01,111 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2019-10-06 23:14:01,112 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-10-06 23:14:01,112 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-10-06 23:14:01,112 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2019-10-06 23:14:01,204 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,204 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,219 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,219 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,238 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,250 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,254 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... [2019-10-06 23:14:01,259 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-10-06 23:14:01,259 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-10-06 23:14:01,259 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-10-06 23:14:01,260 INFO L275 PluginConnector]: RCFGBuilder initialized [2019-10-06 23:14:01,260 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-10-06 23:14:01,321 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2019-10-06 23:14:01,321 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-10-06 23:14:01,321 INFO L138 BoogieDeclarations]: Found implementation of procedure __VERIFIER_assert [2019-10-06 23:14:01,321 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2019-10-06 23:14:01,322 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2019-10-06 23:14:01,322 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assume [2019-10-06 23:14:01,322 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assert [2019-10-06 23:14:01,322 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_long [2019-10-06 23:14:01,322 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure main [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-10-06 23:14:01,323 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2019-10-06 23:14:01,813 INFO L279 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-10-06 23:14:01,813 INFO L284 CfgBuilder]: Removed 9 assume(true) statements. [2019-10-06 23:14:01,815 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:14:01 BoogieIcfgContainer [2019-10-06 23:14:01,815 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-10-06 23:14:01,816 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-10-06 23:14:01,816 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-10-06 23:14:01,819 INFO L275 PluginConnector]: TraceAbstraction initialized [2019-10-06 23:14:01,820 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.10 11:14:00" (1/3) ... [2019-10-06 23:14:01,820 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6ba19b43 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:14:01, skipping insertion in model container [2019-10-06 23:14:01,821 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.10 11:14:01" (2/3) ... [2019-10-06 23:14:01,821 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6ba19b43 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.10 11:14:01, skipping insertion in model container [2019-10-06 23:14:01,821 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.10 11:14:01" (3/3) ... [2019-10-06 23:14:01,823 INFO L109 eAbstractionObserver]: Analyzing ICFG zero_sum_const_m4.c [2019-10-06 23:14:01,833 INFO L152 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2019-10-06 23:14:01,841 INFO L164 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-10-06 23:14:01,852 INFO L249 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-10-06 23:14:01,877 INFO L373 AbstractCegarLoop]: Interprodecural is true [2019-10-06 23:14:01,877 INFO L374 AbstractCegarLoop]: Hoare is true [2019-10-06 23:14:01,877 INFO L375 AbstractCegarLoop]: Compute interpolants for FPandBP [2019-10-06 23:14:01,878 INFO L376 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-10-06 23:14:01,878 INFO L377 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-10-06 23:14:01,878 INFO L378 AbstractCegarLoop]: Difference is false [2019-10-06 23:14:01,878 INFO L379 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-10-06 23:14:01,879 INFO L383 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-10-06 23:14:01,897 INFO L276 IsEmpty]: Start isEmpty. Operand 26 states. [2019-10-06 23:14:01,903 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2019-10-06 23:14:01,904 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:01,905 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:01,907 INFO L410 AbstractCegarLoop]: === Iteration 1 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:01,912 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:01,912 INFO L82 PathProgramCache]: Analyzing trace with hash -1007897624, now seen corresponding path program 1 times [2019-10-06 23:14:01,919 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:01,919 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:01,920 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:01,920 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:01,920 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:02,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:02,188 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:02,189 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,190 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:14:02,191 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2019-10-06 23:14:02,195 INFO L442 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-10-06 23:14:02,210 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-10-06 23:14:02,212 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2019-10-06 23:14:02,215 INFO L87 Difference]: Start difference. First operand 26 states. Second operand 5 states. [2019-10-06 23:14:02,353 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:02,354 INFO L93 Difference]: Finished difference Result 49 states and 68 transitions. [2019-10-06 23:14:02,355 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2019-10-06 23:14:02,357 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 19 [2019-10-06 23:14:02,358 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:02,370 INFO L225 Difference]: With dead ends: 49 [2019-10-06 23:14:02,370 INFO L226 Difference]: Without dead ends: 28 [2019-10-06 23:14:02,378 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2019-10-06 23:14:02,398 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 28 states. [2019-10-06 23:14:02,427 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 28 to 28. [2019-10-06 23:14:02,429 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 28 states. [2019-10-06 23:14:02,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 28 states to 28 states and 43 transitions. [2019-10-06 23:14:02,435 INFO L78 Accepts]: Start accepts. Automaton has 28 states and 43 transitions. Word has length 19 [2019-10-06 23:14:02,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:02,437 INFO L462 AbstractCegarLoop]: Abstraction has 28 states and 43 transitions. [2019-10-06 23:14:02,437 INFO L463 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-10-06 23:14:02,437 INFO L276 IsEmpty]: Start isEmpty. Operand 28 states and 43 transitions. [2019-10-06 23:14:02,438 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2019-10-06 23:14:02,439 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:02,439 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:02,440 INFO L410 AbstractCegarLoop]: === Iteration 2 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:02,441 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:02,441 INFO L82 PathProgramCache]: Analyzing trace with hash 229580911, now seen corresponding path program 1 times [2019-10-06 23:14:02,441 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:02,442 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,442 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,442 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:02,501 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:02,550 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-10-06 23:14:02,551 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,551 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:14:02,551 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2019-10-06 23:14:02,553 INFO L442 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-10-06 23:14:02,553 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-10-06 23:14:02,556 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:14:02,556 INFO L87 Difference]: Start difference. First operand 28 states and 43 transitions. Second operand 3 states. [2019-10-06 23:14:02,614 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:02,614 INFO L93 Difference]: Finished difference Result 50 states and 80 transitions. [2019-10-06 23:14:02,615 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-10-06 23:14:02,615 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 20 [2019-10-06 23:14:02,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:02,616 INFO L225 Difference]: With dead ends: 50 [2019-10-06 23:14:02,616 INFO L226 Difference]: Without dead ends: 29 [2019-10-06 23:14:02,617 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-10-06 23:14:02,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 29 states. [2019-10-06 23:14:02,624 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 29 to 29. [2019-10-06 23:14:02,625 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 29 states. [2019-10-06 23:14:02,626 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 29 states to 29 states and 44 transitions. [2019-10-06 23:14:02,626 INFO L78 Accepts]: Start accepts. Automaton has 29 states and 44 transitions. Word has length 20 [2019-10-06 23:14:02,627 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:02,627 INFO L462 AbstractCegarLoop]: Abstraction has 29 states and 44 transitions. [2019-10-06 23:14:02,627 INFO L463 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-10-06 23:14:02,627 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 44 transitions. [2019-10-06 23:14:02,628 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2019-10-06 23:14:02,628 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:02,628 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:02,629 INFO L410 AbstractCegarLoop]: === Iteration 3 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:02,629 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:02,630 INFO L82 PathProgramCache]: Analyzing trace with hash 269324722, now seen corresponding path program 1 times [2019-10-06 23:14:02,630 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:02,630 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,631 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,632 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,632 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:02,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:02,704 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2019-10-06 23:14:02,704 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,705 INFO L211 tionRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-10-06 23:14:02,705 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2019-10-06 23:14:02,706 INFO L442 AbstractCegarLoop]: Interpolant automaton has 4 states [2019-10-06 23:14:02,707 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2019-10-06 23:14:02,707 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:14:02,707 INFO L87 Difference]: Start difference. First operand 29 states and 44 transitions. Second operand 4 states. [2019-10-06 23:14:02,799 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:02,799 INFO L93 Difference]: Finished difference Result 48 states and 76 transitions. [2019-10-06 23:14:02,800 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2019-10-06 23:14:02,800 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 21 [2019-10-06 23:14:02,800 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:02,801 INFO L225 Difference]: With dead ends: 48 [2019-10-06 23:14:02,801 INFO L226 Difference]: Without dead ends: 29 [2019-10-06 23:14:02,802 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2019-10-06 23:14:02,803 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 29 states. [2019-10-06 23:14:02,808 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 29 to 29. [2019-10-06 23:14:02,809 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 29 states. [2019-10-06 23:14:02,810 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 29 states to 29 states and 37 transitions. [2019-10-06 23:14:02,810 INFO L78 Accepts]: Start accepts. Automaton has 29 states and 37 transitions. Word has length 21 [2019-10-06 23:14:02,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:02,811 INFO L462 AbstractCegarLoop]: Abstraction has 29 states and 37 transitions. [2019-10-06 23:14:02,811 INFO L463 AbstractCegarLoop]: Interpolant automaton has 4 states. [2019-10-06 23:14:02,811 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 37 transitions. [2019-10-06 23:14:02,812 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2019-10-06 23:14:02,812 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:02,812 INFO L385 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:02,813 INFO L410 AbstractCegarLoop]: === Iteration 4 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:02,813 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:02,813 INFO L82 PathProgramCache]: Analyzing trace with hash -2044994938, now seen corresponding path program 1 times [2019-10-06 23:14:02,814 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:02,814 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,814 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,814 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:02,814 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:02,849 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:02,899 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2019-10-06 23:14:02,900 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:02,900 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:02,900 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:02,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:02,987 INFO L256 TraceCheckSpWp]: Trace formula consists of 142 conjuncts, 4 conjunts are in the unsatisfiable core [2019-10-06 23:14:02,996 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:03,049 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2019-10-06 23:14:03,050 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:03,087 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2019-10-06 23:14:03,087 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:03,115 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:03,115 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:03,121 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:03,128 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:03,129 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:03,347 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:05,091 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:05,156 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:05,162 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:05,163 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:05,163 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,163 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,164 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:05,164 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,165 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,165 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,165 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,166 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:05,166 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,167 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,167 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,168 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,168 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,168 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,169 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:05,170 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:05,170 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,171 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,171 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,171 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:05,656 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:06,053 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:06,055 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:06,056 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4, 11] total 18 [2019-10-06 23:14:06,057 INFO L442 AbstractCegarLoop]: Interpolant automaton has 18 states [2019-10-06 23:14:06,058 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2019-10-06 23:14:06,059 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=51, Invalid=255, Unknown=0, NotChecked=0, Total=306 [2019-10-06 23:14:06,059 INFO L87 Difference]: Start difference. First operand 29 states and 37 transitions. Second operand 18 states. [2019-10-06 23:14:06,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:06,833 INFO L93 Difference]: Finished difference Result 51 states and 67 transitions. [2019-10-06 23:14:06,833 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-10-06 23:14:06,833 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 28 [2019-10-06 23:14:06,834 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:06,834 INFO L225 Difference]: With dead ends: 51 [2019-10-06 23:14:06,834 INFO L226 Difference]: Without dead ends: 30 [2019-10-06 23:14:06,835 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 95 GetRequests, 70 SyntacticMatches, 1 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 156 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=106, Invalid=544, Unknown=0, NotChecked=0, Total=650 [2019-10-06 23:14:06,836 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 30 states. [2019-10-06 23:14:06,843 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 30 to 30. [2019-10-06 23:14:06,843 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 30 states. [2019-10-06 23:14:06,846 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 30 states to 30 states and 38 transitions. [2019-10-06 23:14:06,846 INFO L78 Accepts]: Start accepts. Automaton has 30 states and 38 transitions. Word has length 28 [2019-10-06 23:14:06,846 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:06,847 INFO L462 AbstractCegarLoop]: Abstraction has 30 states and 38 transitions. [2019-10-06 23:14:06,847 INFO L463 AbstractCegarLoop]: Interpolant automaton has 18 states. [2019-10-06 23:14:06,847 INFO L276 IsEmpty]: Start isEmpty. Operand 30 states and 38 transitions. [2019-10-06 23:14:06,849 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2019-10-06 23:14:06,849 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:06,849 INFO L385 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:07,062 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:07,062 INFO L410 AbstractCegarLoop]: === Iteration 5 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:07,063 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:07,063 INFO L82 PathProgramCache]: Analyzing trace with hash 1298290889, now seen corresponding path program 2 times [2019-10-06 23:14:07,063 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:07,063 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:07,064 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:07,064 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:07,064 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:07,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:07,172 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:14:07,172 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:07,172 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:07,173 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:07,243 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2019-10-06 23:14:07,243 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:07,244 INFO L256 TraceCheckSpWp]: Trace formula consists of 146 conjuncts, 4 conjunts are in the unsatisfiable core [2019-10-06 23:14:07,247 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:07,273 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:14:07,273 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:07,296 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:14:07,296 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:07,298 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:07,298 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:07,299 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:07,299 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:07,299 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:07,351 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:08,296 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:08,327 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:08,331 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:08,331 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:08,332 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,332 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,332 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:08,332 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,333 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,333 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,333 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,333 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:08,334 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,334 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,334 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,335 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,335 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,335 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,335 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:08,336 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:08,336 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,336 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,336 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,337 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:08,765 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:09,170 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:09,171 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:09,171 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 5, 5, 11] total 19 [2019-10-06 23:14:09,172 INFO L442 AbstractCegarLoop]: Interpolant automaton has 19 states [2019-10-06 23:14:09,172 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2019-10-06 23:14:09,173 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=286, Unknown=0, NotChecked=0, Total=342 [2019-10-06 23:14:09,173 INFO L87 Difference]: Start difference. First operand 30 states and 38 transitions. Second operand 19 states. [2019-10-06 23:14:10,117 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:14:10,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:10,201 INFO L93 Difference]: Finished difference Result 57 states and 79 transitions. [2019-10-06 23:14:10,201 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2019-10-06 23:14:10,202 INFO L78 Accepts]: Start accepts. Automaton has 19 states. Word has length 29 [2019-10-06 23:14:10,202 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:10,203 INFO L225 Difference]: With dead ends: 57 [2019-10-06 23:14:10,203 INFO L226 Difference]: Without dead ends: 38 [2019-10-06 23:14:10,205 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 71 SyntacticMatches, 3 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 219 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=143, Invalid=727, Unknown=0, NotChecked=0, Total=870 [2019-10-06 23:14:10,206 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2019-10-06 23:14:10,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 38. [2019-10-06 23:14:10,214 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 38 states. [2019-10-06 23:14:10,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 46 transitions. [2019-10-06 23:14:10,216 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 46 transitions. Word has length 29 [2019-10-06 23:14:10,216 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:10,216 INFO L462 AbstractCegarLoop]: Abstraction has 38 states and 46 transitions. [2019-10-06 23:14:10,216 INFO L463 AbstractCegarLoop]: Interpolant automaton has 19 states. [2019-10-06 23:14:10,216 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 46 transitions. [2019-10-06 23:14:10,217 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2019-10-06 23:14:10,218 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:10,218 INFO L385 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:10,428 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:10,429 INFO L410 AbstractCegarLoop]: === Iteration 6 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:10,429 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:10,429 INFO L82 PathProgramCache]: Analyzing trace with hash 1705994344, now seen corresponding path program 3 times [2019-10-06 23:14:10,430 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:10,430 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:10,430 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:10,430 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:10,430 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:10,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:12,235 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 0 proven. 27 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:12,235 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:12,235 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:12,235 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:12,334 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:14:12,334 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:12,336 INFO L256 TraceCheckSpWp]: Trace formula consists of 173 conjuncts, 77 conjunts are in the unsatisfiable core [2019-10-06 23:14:12,344 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:13,345 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 0 proven. 27 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:13,346 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:14,936 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 0 proven. 24 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-10-06 23:14:14,937 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:14,939 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:14,939 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:14,940 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:14,940 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:14,940 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:14,985 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:16,038 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:16,065 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:16,069 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:16,069 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:16,070 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,070 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,070 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:16,070 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,071 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,071 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,071 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,071 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:16,072 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,072 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,072 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,072 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,073 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,073 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,073 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:16,073 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:16,074 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,074 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,074 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:16,074 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:17,024 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:17,667 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:17,668 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:17,668 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [25, 25, 25, 11] total 78 [2019-10-06 23:14:17,669 INFO L442 AbstractCegarLoop]: Interpolant automaton has 78 states [2019-10-06 23:14:17,670 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 78 interpolants. [2019-10-06 23:14:17,672 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=268, Invalid=5738, Unknown=0, NotChecked=0, Total=6006 [2019-10-06 23:14:17,672 INFO L87 Difference]: Start difference. First operand 38 states and 46 transitions. Second operand 78 states. [2019-10-06 23:14:22,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:22,436 INFO L93 Difference]: Finished difference Result 65 states and 80 transitions. [2019-10-06 23:14:22,437 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2019-10-06 23:14:22,437 INFO L78 Accepts]: Start accepts. Automaton has 78 states. Word has length 37 [2019-10-06 23:14:22,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:22,438 INFO L225 Difference]: With dead ends: 65 [2019-10-06 23:14:22,439 INFO L226 Difference]: Without dead ends: 60 [2019-10-06 23:14:22,443 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 54 SyntacticMatches, 11 SemanticMatches, 99 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2878 ImplicationChecksByTransitivity, 8.2s TimeCoverageRelationStatistics Valid=461, Invalid=9639, Unknown=0, NotChecked=0, Total=10100 [2019-10-06 23:14:22,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2019-10-06 23:14:22,453 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 58. [2019-10-06 23:14:22,453 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 58 states. [2019-10-06 23:14:22,454 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 73 transitions. [2019-10-06 23:14:22,454 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 73 transitions. Word has length 37 [2019-10-06 23:14:22,455 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:22,455 INFO L462 AbstractCegarLoop]: Abstraction has 58 states and 73 transitions. [2019-10-06 23:14:22,455 INFO L463 AbstractCegarLoop]: Interpolant automaton has 78 states. [2019-10-06 23:14:22,455 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 73 transitions. [2019-10-06 23:14:22,456 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2019-10-06 23:14:22,456 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:22,457 INFO L385 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:22,660 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:22,661 INFO L410 AbstractCegarLoop]: === Iteration 7 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:22,661 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:22,661 INFO L82 PathProgramCache]: Analyzing trace with hash -1727052881, now seen corresponding path program 4 times [2019-10-06 23:14:22,662 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:22,662 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:22,662 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:22,663 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:22,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:22,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:22,727 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 4 proven. 5 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2019-10-06 23:14:22,727 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:22,728 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:22,728 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:22,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:22,836 INFO L256 TraceCheckSpWp]: Trace formula consists of 191 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:14:22,838 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:22,892 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2019-10-06 23:14:22,892 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:22,928 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 3 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2019-10-06 23:14:22,928 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:22,930 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:22,930 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:22,930 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:22,931 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:22,931 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:22,958 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:14:23,772 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:23,800 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:23,805 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:23,805 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:23,806 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,806 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,806 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:23,806 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,807 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,807 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,807 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,807 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:23,808 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,808 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,808 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,808 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,809 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,809 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,809 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:23,809 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:23,810 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,810 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,810 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:23,810 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:24,653 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:24,653 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 8, 11] total 24 [2019-10-06 23:14:24,655 INFO L442 AbstractCegarLoop]: Interpolant automaton has 24 states [2019-10-06 23:14:24,655 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2019-10-06 23:14:24,656 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=81, Invalid=471, Unknown=0, NotChecked=0, Total=552 [2019-10-06 23:14:24,656 INFO L87 Difference]: Start difference. First operand 58 states and 73 transitions. Second operand 24 states. [2019-10-06 23:14:25,989 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:25,990 INFO L93 Difference]: Finished difference Result 118 states and 155 transitions. [2019-10-06 23:14:25,990 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2019-10-06 23:14:25,990 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 38 [2019-10-06 23:14:25,991 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:25,995 INFO L225 Difference]: With dead ends: 118 [2019-10-06 23:14:25,995 INFO L226 Difference]: Without dead ends: 67 [2019-10-06 23:14:25,996 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 136 GetRequests, 95 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 399 ImplicationChecksByTransitivity, 1.6s TimeCoverageRelationStatistics Valid=219, Invalid=1263, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:14:25,997 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2019-10-06 23:14:26,007 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 64. [2019-10-06 23:14:26,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 64 states. [2019-10-06 23:14:26,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 78 transitions. [2019-10-06 23:14:26,009 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 78 transitions. Word has length 38 [2019-10-06 23:14:26,009 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:26,009 INFO L462 AbstractCegarLoop]: Abstraction has 64 states and 78 transitions. [2019-10-06 23:14:26,009 INFO L463 AbstractCegarLoop]: Interpolant automaton has 24 states. [2019-10-06 23:14:26,010 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 78 transitions. [2019-10-06 23:14:26,011 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2019-10-06 23:14:26,011 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:26,011 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:26,215 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:26,216 INFO L410 AbstractCegarLoop]: === Iteration 8 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:26,216 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:26,216 INFO L82 PathProgramCache]: Analyzing trace with hash 145426994, now seen corresponding path program 5 times [2019-10-06 23:14:26,217 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:26,217 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:26,217 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:26,217 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:26,218 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:26,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:26,296 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 1 proven. 8 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2019-10-06 23:14:26,296 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:26,296 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:26,296 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:26,420 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:14:26,420 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:26,421 INFO L256 TraceCheckSpWp]: Trace formula consists of 195 conjuncts, 8 conjunts are in the unsatisfiable core [2019-10-06 23:14:26,423 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:26,475 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2019-10-06 23:14:26,476 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:26,526 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2019-10-06 23:14:26,527 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:26,528 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:26,528 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:26,529 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:26,529 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:26,529 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:26,560 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:14:27,309 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:27,338 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:27,342 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:27,342 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:27,342 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,343 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,343 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:27,343 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,343 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,344 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,344 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,344 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:27,344 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,345 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,345 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,345 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,345 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,346 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,346 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:27,346 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:27,346 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,347 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,347 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,347 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:27,798 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:28,178 WARN L191 SmtUtils]: Spent 106.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:28,179 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:28,179 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9, 11] total 25 [2019-10-06 23:14:28,180 INFO L442 AbstractCegarLoop]: Interpolant automaton has 25 states [2019-10-06 23:14:28,181 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2019-10-06 23:14:28,181 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=88, Invalid=512, Unknown=0, NotChecked=0, Total=600 [2019-10-06 23:14:28,181 INFO L87 Difference]: Start difference. First operand 64 states and 78 transitions. Second operand 25 states. [2019-10-06 23:14:29,602 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:14:29,677 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:14:29,677 INFO L93 Difference]: Finished difference Result 70 states and 84 transitions. [2019-10-06 23:14:29,677 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2019-10-06 23:14:29,678 INFO L78 Accepts]: Start accepts. Automaton has 25 states. Word has length 39 [2019-10-06 23:14:29,678 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:14:29,679 INFO L225 Difference]: With dead ends: 70 [2019-10-06 23:14:29,679 INFO L226 Difference]: Without dead ends: 47 [2019-10-06 23:14:29,681 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 96 SyntacticMatches, 6 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 1.8s TimeCoverageRelationStatistics Valid=213, Invalid=1269, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:14:29,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 47 states. [2019-10-06 23:14:29,688 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 47 to 47. [2019-10-06 23:14:29,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 47 states. [2019-10-06 23:14:29,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 47 states to 47 states and 55 transitions. [2019-10-06 23:14:29,690 INFO L78 Accepts]: Start accepts. Automaton has 47 states and 55 transitions. Word has length 39 [2019-10-06 23:14:29,690 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:14:29,690 INFO L462 AbstractCegarLoop]: Abstraction has 47 states and 55 transitions. [2019-10-06 23:14:29,690 INFO L463 AbstractCegarLoop]: Interpolant automaton has 25 states. [2019-10-06 23:14:29,690 INFO L276 IsEmpty]: Start isEmpty. Operand 47 states and 55 transitions. [2019-10-06 23:14:29,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2019-10-06 23:14:29,691 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:14:29,692 INFO L385 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:14:29,899 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:29,899 INFO L410 AbstractCegarLoop]: === Iteration 9 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:14:29,900 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:14:29,900 INFO L82 PathProgramCache]: Analyzing trace with hash -119252730, now seen corresponding path program 6 times [2019-10-06 23:14:29,900 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:14:29,900 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:29,901 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:29,901 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:14:29,901 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:14:29,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:14:30,661 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 42 [2019-10-06 23:14:31,440 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 47 [2019-10-06 23:14:31,578 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 44 [2019-10-06 23:14:31,959 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 42 [2019-10-06 23:14:32,105 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 44 [2019-10-06 23:14:32,532 WARN L191 SmtUtils]: Spent 124.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 49 [2019-10-06 23:14:32,693 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 48 [2019-10-06 23:14:33,034 WARN L191 SmtUtils]: Spent 115.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 42 [2019-10-06 23:14:33,192 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 43 [2019-10-06 23:14:34,330 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 54 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:34,331 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:14:34,331 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:14:34,331 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:14:34,471 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:14:34,472 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:14:34,474 WARN L254 TraceCheckSpWp]: Trace formula consists of 217 conjuncts, 111 conjunts are in the unsatisfiable core [2019-10-06 23:14:34,477 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:14:36,514 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 54 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:14:36,515 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:14:39,281 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 48 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-10-06 23:14:39,281 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:14:39,283 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:14:39,283 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:14:39,283 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:14:39,283 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:14:39,284 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:14:39,311 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:14:40,407 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:14:40,442 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:14:40,446 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:14:40,447 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:14:40,447 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,447 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,447 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:14:40,447 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,448 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,448 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,448 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,450 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,451 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,452 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:14:40,452 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:14:40,452 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,452 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,452 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:14:40,453 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:14:41,644 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:14:42,449 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:14:42,450 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:14:42,450 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [39, 34, 33, 11] total 109 [2019-10-06 23:14:42,452 INFO L442 AbstractCegarLoop]: Interpolant automaton has 109 states [2019-10-06 23:14:42,453 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 109 interpolants. [2019-10-06 23:14:42,456 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=527, Invalid=11245, Unknown=0, NotChecked=0, Total=11772 [2019-10-06 23:14:42,456 INFO L87 Difference]: Start difference. First operand 47 states and 55 transitions. Second operand 109 states. [2019-10-06 23:14:43,084 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 105 DAG size of output: 29 [2019-10-06 23:14:43,931 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 54 [2019-10-06 23:14:44,611 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 109 DAG size of output: 51 [2019-10-06 23:14:44,983 WARN L191 SmtUtils]: Spent 156.00 ms on a formula simplification. DAG size of input: 102 DAG size of output: 51 [2019-10-06 23:14:45,547 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 56 [2019-10-06 23:14:46,642 WARN L191 SmtUtils]: Spent 160.00 ms on a formula simplification. DAG size of input: 119 DAG size of output: 58 [2019-10-06 23:14:47,304 WARN L191 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 103 DAG size of output: 56 [2019-10-06 23:14:47,661 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 104 DAG size of output: 57 [2019-10-06 23:14:47,992 WARN L191 SmtUtils]: Spent 147.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 57 [2019-10-06 23:14:49,546 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 129 DAG size of output: 63 [2019-10-06 23:14:49,973 WARN L191 SmtUtils]: Spent 169.00 ms on a formula simplification. DAG size of input: 104 DAG size of output: 58 [2019-10-06 23:14:50,416 WARN L191 SmtUtils]: Spent 142.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 57 [2019-10-06 23:14:50,751 WARN L191 SmtUtils]: Spent 141.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 57 [2019-10-06 23:14:52,261 WARN L191 SmtUtils]: Spent 139.00 ms on a formula simplification. DAG size of input: 99 DAG size of output: 58 [2019-10-06 23:14:52,853 WARN L191 SmtUtils]: Spent 202.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 64 [2019-10-06 23:14:53,281 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 107 DAG size of output: 60 [2019-10-06 23:14:53,711 WARN L191 SmtUtils]: Spent 148.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 59 [2019-10-06 23:14:54,036 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 55 [2019-10-06 23:14:54,286 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 53 [2019-10-06 23:14:54,546 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 52 [2019-10-06 23:14:54,857 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 52 [2019-10-06 23:14:55,251 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 59 [2019-10-06 23:14:55,808 WARN L191 SmtUtils]: Spent 152.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 59 [2019-10-06 23:14:56,245 WARN L191 SmtUtils]: Spent 187.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 62 [2019-10-06 23:14:56,598 WARN L191 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 58 [2019-10-06 23:14:57,058 WARN L191 SmtUtils]: Spent 146.00 ms on a formula simplification. DAG size of input: 131 DAG size of output: 45 [2019-10-06 23:14:57,527 WARN L191 SmtUtils]: Spent 182.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 63 [2019-10-06 23:14:57,858 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 58 [2019-10-06 23:14:58,204 WARN L191 SmtUtils]: Spent 146.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 60 [2019-10-06 23:14:58,554 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 42 [2019-10-06 23:14:58,887 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 58 [2019-10-06 23:15:00,018 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 98 DAG size of output: 61 [2019-10-06 23:15:00,914 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 57 [2019-10-06 23:15:01,862 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 123 DAG size of output: 60 [2019-10-06 23:15:02,455 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 49 [2019-10-06 23:15:03,633 WARN L191 SmtUtils]: Spent 145.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 48 [2019-10-06 23:15:04,148 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 100 DAG size of output: 45 [2019-10-06 23:15:05,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:05,866 INFO L93 Difference]: Finished difference Result 159 states and 200 transitions. [2019-10-06 23:15:05,866 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2019-10-06 23:15:05,866 INFO L78 Accepts]: Start accepts. Automaton has 109 states. Word has length 46 [2019-10-06 23:15:05,867 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:05,870 INFO L225 Difference]: With dead ends: 159 [2019-10-06 23:15:05,870 INFO L226 Difference]: Without dead ends: 154 [2019-10-06 23:15:05,878 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 246 GetRequests, 63 SyntacticMatches, 8 SemanticMatches, 175 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9106 ImplicationChecksByTransitivity, 26.9s TimeCoverageRelationStatistics Valid=2190, Invalid=28962, Unknown=0, NotChecked=0, Total=31152 [2019-10-06 23:15:05,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2019-10-06 23:15:05,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 73. [2019-10-06 23:15:05,898 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 73 states. [2019-10-06 23:15:05,899 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 88 transitions. [2019-10-06 23:15:05,899 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 88 transitions. Word has length 46 [2019-10-06 23:15:05,899 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:05,900 INFO L462 AbstractCegarLoop]: Abstraction has 73 states and 88 transitions. [2019-10-06 23:15:05,900 INFO L463 AbstractCegarLoop]: Interpolant automaton has 109 states. [2019-10-06 23:15:05,900 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 88 transitions. [2019-10-06 23:15:05,901 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2019-10-06 23:15:05,901 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:05,901 INFO L385 BasicCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:06,105 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:06,106 INFO L410 AbstractCegarLoop]: === Iteration 10 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:06,106 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:06,107 INFO L82 PathProgramCache]: Analyzing trace with hash 1270554803, now seen corresponding path program 7 times [2019-10-06 23:15:06,107 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:06,107 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:06,107 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:06,107 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:06,108 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:06,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:06,199 INFO L134 CoverageAnalysis]: Checked inductivity of 58 backedges. 7 proven. 9 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2019-10-06 23:15:06,199 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:06,199 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:06,200 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:06,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:06,373 INFO L256 TraceCheckSpWp]: Trace formula consists of 235 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:15:06,383 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:06,451 INFO L134 CoverageAnalysis]: Checked inductivity of 58 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2019-10-06 23:15:06,452 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:06,507 INFO L134 CoverageAnalysis]: Checked inductivity of 58 backedges. 10 proven. 6 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2019-10-06 23:15:06,507 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:06,509 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:15:06,510 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:06,510 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:06,510 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:06,510 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:06,537 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:15:07,333 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:07,379 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:07,384 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:07,385 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:07,385 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,385 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,386 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:07,386 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,386 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,386 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,387 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,387 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:07,387 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,387 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,388 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,388 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,388 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,388 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,389 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:07,389 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:07,389 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,389 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,390 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:07,390 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:08,361 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:08,362 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 10, 11] total 27 [2019-10-06 23:15:08,363 INFO L442 AbstractCegarLoop]: Interpolant automaton has 27 states [2019-10-06 23:15:08,363 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2019-10-06 23:15:08,364 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=103, Invalid=599, Unknown=0, NotChecked=0, Total=702 [2019-10-06 23:15:08,364 INFO L87 Difference]: Start difference. First operand 73 states and 88 transitions. Second operand 27 states. [2019-10-06 23:15:09,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:09,951 INFO L93 Difference]: Finished difference Result 148 states and 185 transitions. [2019-10-06 23:15:09,952 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2019-10-06 23:15:09,952 INFO L78 Accepts]: Start accepts. Automaton has 27 states. Word has length 47 [2019-10-06 23:15:09,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:09,953 INFO L225 Difference]: With dead ends: 148 [2019-10-06 23:15:09,953 INFO L226 Difference]: Without dead ends: 82 [2019-10-06 23:15:09,955 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 168 GetRequests, 119 SyntacticMatches, 6 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 584 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=289, Invalid=1691, Unknown=0, NotChecked=0, Total=1980 [2019-10-06 23:15:09,955 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2019-10-06 23:15:09,975 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 79. [2019-10-06 23:15:09,975 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 79 states. [2019-10-06 23:15:09,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 93 transitions. [2019-10-06 23:15:09,977 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 93 transitions. Word has length 47 [2019-10-06 23:15:09,977 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:09,977 INFO L462 AbstractCegarLoop]: Abstraction has 79 states and 93 transitions. [2019-10-06 23:15:09,977 INFO L463 AbstractCegarLoop]: Interpolant automaton has 27 states. [2019-10-06 23:15:09,977 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 93 transitions. [2019-10-06 23:15:09,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2019-10-06 23:15:09,978 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:09,978 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:10,179 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:10,180 INFO L410 AbstractCegarLoop]: === Iteration 11 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:10,180 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:10,180 INFO L82 PathProgramCache]: Analyzing trace with hash 160628112, now seen corresponding path program 8 times [2019-10-06 23:15:10,181 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:10,181 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:10,181 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:10,181 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:10,182 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:10,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:10,286 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 3 proven. 13 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2019-10-06 23:15:10,286 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:10,286 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:10,287 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:10,470 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2019-10-06 23:15:10,470 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:15:10,471 INFO L256 TraceCheckSpWp]: Trace formula consists of 239 conjuncts, 10 conjunts are in the unsatisfiable core [2019-10-06 23:15:10,472 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:10,528 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2019-10-06 23:15:10,528 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:10,579 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 6 proven. 10 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2019-10-06 23:15:10,579 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:10,580 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:15:10,580 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:10,581 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:10,581 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:10,581 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:10,609 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:15:11,718 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:11,768 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:11,777 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:11,777 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:11,778 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,778 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,778 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:11,779 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,779 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,779 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,780 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,780 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:11,780 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,781 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,781 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,781 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,781 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,782 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,782 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:11,782 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:11,783 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,783 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,783 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:11,784 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:12,337 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:15:12,711 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:12,712 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 11, 11] total 28 [2019-10-06 23:15:12,713 INFO L442 AbstractCegarLoop]: Interpolant automaton has 28 states [2019-10-06 23:15:12,713 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2019-10-06 23:15:12,713 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=110, Invalid=646, Unknown=0, NotChecked=0, Total=756 [2019-10-06 23:15:12,714 INFO L87 Difference]: Start difference. First operand 79 states and 93 transitions. Second operand 28 states. [2019-10-06 23:15:14,463 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:15:14,545 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:15:14,545 INFO L93 Difference]: Finished difference Result 85 states and 99 transitions. [2019-10-06 23:15:14,546 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2019-10-06 23:15:14,546 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 48 [2019-10-06 23:15:14,546 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:15:14,547 INFO L225 Difference]: With dead ends: 85 [2019-10-06 23:15:14,547 INFO L226 Difference]: Without dead ends: 56 [2019-10-06 23:15:14,548 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 170 GetRequests, 120 SyntacticMatches, 8 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 601 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=266, Invalid=1626, Unknown=0, NotChecked=0, Total=1892 [2019-10-06 23:15:14,549 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2019-10-06 23:15:14,564 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2019-10-06 23:15:14,565 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 56 states. [2019-10-06 23:15:14,565 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 64 transitions. [2019-10-06 23:15:14,566 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 64 transitions. Word has length 48 [2019-10-06 23:15:14,566 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:15:14,566 INFO L462 AbstractCegarLoop]: Abstraction has 56 states and 64 transitions. [2019-10-06 23:15:14,566 INFO L463 AbstractCegarLoop]: Interpolant automaton has 28 states. [2019-10-06 23:15:14,566 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 64 transitions. [2019-10-06 23:15:14,567 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2019-10-06 23:15:14,567 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:15:14,567 INFO L385 BasicCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:15:14,773 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:14,774 INFO L410 AbstractCegarLoop]: === Iteration 12 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:15:14,774 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:15:14,774 INFO L82 PathProgramCache]: Analyzing trace with hash 866036968, now seen corresponding path program 9 times [2019-10-06 23:15:14,774 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:15:14,775 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:14,775 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:14,775 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:15:14,775 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:15:14,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:15:15,667 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 36 [2019-10-06 23:15:15,809 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 41 [2019-10-06 23:15:15,943 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 42 [2019-10-06 23:15:16,146 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 44 [2019-10-06 23:15:16,316 WARN L191 SmtUtils]: Spent 141.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 40 [2019-10-06 23:15:16,636 WARN L191 SmtUtils]: Spent 182.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 46 [2019-10-06 23:15:16,856 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 44 [2019-10-06 23:15:17,047 WARN L191 SmtUtils]: Spent 157.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 47 [2019-10-06 23:15:17,260 WARN L191 SmtUtils]: Spent 179.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 42 [2019-10-06 23:15:17,451 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 42 [2019-10-06 23:15:17,657 WARN L191 SmtUtils]: Spent 171.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 47 [2019-10-06 23:15:17,890 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 45 [2019-10-06 23:15:18,162 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 50 [2019-10-06 23:15:18,374 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 43 [2019-10-06 23:15:18,576 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 41 [2019-10-06 23:15:18,829 WARN L191 SmtUtils]: Spent 202.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 48 [2019-10-06 23:15:19,077 WARN L191 SmtUtils]: Spent 192.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 46 [2019-10-06 23:15:19,354 WARN L191 SmtUtils]: Spent 215.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 55 [2019-10-06 23:15:19,577 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 42 [2019-10-06 23:15:19,814 WARN L191 SmtUtils]: Spent 191.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 45 [2019-10-06 23:15:20,024 WARN L191 SmtUtils]: Spent 160.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 45 [2019-10-06 23:15:20,224 WARN L191 SmtUtils]: Spent 146.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 48 [2019-10-06 23:15:20,424 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 51 [2019-10-06 23:15:20,608 WARN L191 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 46 [2019-10-06 23:15:20,782 WARN L191 SmtUtils]: Spent 132.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 47 [2019-10-06 23:15:21,005 WARN L191 SmtUtils]: Spent 174.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 57 [2019-10-06 23:15:21,199 WARN L191 SmtUtils]: Spent 138.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 46 [2019-10-06 23:15:21,402 WARN L191 SmtUtils]: Spent 148.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 50 [2019-10-06 23:15:21,573 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 45 [2019-10-06 23:15:21,729 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 46 [2019-10-06 23:15:21,896 WARN L191 SmtUtils]: Spent 112.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 41 [2019-10-06 23:15:22,058 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 44 [2019-10-06 23:15:22,232 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 46 [2019-10-06 23:15:22,521 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 41 [2019-10-06 23:15:23,075 INFO L134 CoverageAnalysis]: Checked inductivity of 90 backedges. 1 proven. 89 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:15:23,076 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:15:23,076 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:15:23,076 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:15:23,289 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:15:23,289 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:15:23,292 WARN L254 TraceCheckSpWp]: Trace formula consists of 261 conjuncts, 145 conjunts are in the unsatisfiable core [2019-10-06 23:15:23,296 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:15:26,105 INFO L134 CoverageAnalysis]: Checked inductivity of 90 backedges. 0 proven. 90 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:15:26,106 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:15:31,668 INFO L134 CoverageAnalysis]: Checked inductivity of 90 backedges. 0 proven. 80 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:15:31,668 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:15:31,670 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:15:31,670 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:15:31,670 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:15:31,671 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:15:31,671 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:15:31,690 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:15:32,350 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:15:32,373 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:15:32,375 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:15:32,375 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:15:32,375 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,375 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,376 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,377 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:15:32,378 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:15:33,750 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 25 [2019-10-06 23:15:34,652 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:15:34,652 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [50, 43, 41, 11] total 137 [2019-10-06 23:15:34,653 INFO L442 AbstractCegarLoop]: Interpolant automaton has 137 states [2019-10-06 23:15:34,654 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 137 interpolants. [2019-10-06 23:15:34,656 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=694, Invalid=17938, Unknown=0, NotChecked=0, Total=18632 [2019-10-06 23:15:34,656 INFO L87 Difference]: Start difference. First operand 56 states and 64 transitions. Second operand 137 states. [2019-10-06 23:15:35,453 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 104 DAG size of output: 28 [2019-10-06 23:15:36,848 WARN L191 SmtUtils]: Spent 133.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 64 [2019-10-06 23:15:37,365 WARN L191 SmtUtils]: Spent 142.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 51 [2019-10-06 23:15:37,808 WARN L191 SmtUtils]: Spent 161.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 54 [2019-10-06 23:15:38,390 WARN L191 SmtUtils]: Spent 242.00 ms on a formula simplification. DAG size of input: 155 DAG size of output: 54 [2019-10-06 23:15:38,912 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 120 DAG size of output: 56 [2019-10-06 23:15:39,307 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 57 [2019-10-06 23:15:39,694 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 47 [2019-10-06 23:15:40,435 WARN L191 SmtUtils]: Spent 103.00 ms on a formula simplification. DAG size of input: 111 DAG size of output: 24 [2019-10-06 23:15:40,854 WARN L191 SmtUtils]: Spent 154.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 60 [2019-10-06 23:15:41,236 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 111 DAG size of output: 27 [2019-10-06 23:15:41,641 WARN L191 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 105 DAG size of output: 61 [2019-10-06 23:15:41,950 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 107 DAG size of output: 29 [2019-10-06 23:15:42,439 WARN L191 SmtUtils]: Spent 174.00 ms on a formula simplification. DAG size of input: 126 DAG size of output: 66 [2019-10-06 23:15:42,803 WARN L191 SmtUtils]: Spent 142.00 ms on a formula simplification. DAG size of input: 127 DAG size of output: 27 [2019-10-06 23:15:43,216 WARN L191 SmtUtils]: Spent 127.00 ms on a formula simplification. DAG size of input: 97 DAG size of output: 64 [2019-10-06 23:15:43,503 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 26 [2019-10-06 23:15:43,897 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 62 [2019-10-06 23:15:44,763 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 114 DAG size of output: 68 [2019-10-06 23:15:45,249 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 68 [2019-10-06 23:15:45,760 WARN L191 SmtUtils]: Spent 176.00 ms on a formula simplification. DAG size of input: 135 DAG size of output: 69 [2019-10-06 23:15:46,212 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 99 DAG size of output: 65 [2019-10-06 23:15:46,521 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 63 [2019-10-06 23:15:47,058 WARN L191 SmtUtils]: Spent 160.00 ms on a formula simplification. DAG size of input: 112 DAG size of output: 64 [2019-10-06 23:15:47,759 WARN L191 SmtUtils]: Spent 208.00 ms on a formula simplification. DAG size of input: 121 DAG size of output: 65 [2019-10-06 23:15:48,363 WARN L191 SmtUtils]: Spent 180.00 ms on a formula simplification. DAG size of input: 137 DAG size of output: 66 [2019-10-06 23:15:48,761 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 60 [2019-10-06 23:15:49,167 WARN L191 SmtUtils]: Spent 159.00 ms on a formula simplification. DAG size of input: 107 DAG size of output: 63 [2019-10-06 23:15:49,784 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 67 [2019-10-06 23:15:50,492 WARN L191 SmtUtils]: Spent 209.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 69 [2019-10-06 23:15:51,168 WARN L191 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 128 DAG size of output: 62 [2019-10-06 23:15:51,906 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 112 DAG size of output: 61 [2019-10-06 23:15:52,471 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 62 [2019-10-06 23:15:53,107 WARN L191 SmtUtils]: Spent 229.00 ms on a formula simplification. DAG size of input: 126 DAG size of output: 68 [2019-10-06 23:15:53,842 WARN L191 SmtUtils]: Spent 143.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 67 [2019-10-06 23:15:54,454 WARN L191 SmtUtils]: Spent 142.00 ms on a formula simplification. DAG size of input: 104 DAG size of output: 58 [2019-10-06 23:15:55,123 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 123 DAG size of output: 66 [2019-10-06 23:15:55,890 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 107 DAG size of output: 56 [2019-10-06 23:15:56,614 WARN L191 SmtUtils]: Spent 192.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 54 [2019-10-06 23:15:57,216 WARN L191 SmtUtils]: Spent 171.00 ms on a formula simplification. DAG size of input: 114 DAG size of output: 49 [2019-10-06 23:15:58,079 WARN L191 SmtUtils]: Spent 115.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 49 [2019-10-06 23:16:00,399 WARN L191 SmtUtils]: Spent 147.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 34 [2019-10-06 23:16:00,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:16:00,905 INFO L93 Difference]: Finished difference Result 149 states and 183 transitions. [2019-10-06 23:16:00,906 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 64 states. [2019-10-06 23:16:00,906 INFO L78 Accepts]: Start accepts. Automaton has 137 states. Word has length 55 [2019-10-06 23:16:00,907 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:16:00,908 INFO L225 Difference]: With dead ends: 149 [2019-10-06 23:16:00,908 INFO L226 Difference]: Without dead ends: 111 [2019-10-06 23:16:00,912 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 272 GetRequests, 71 SyntacticMatches, 8 SemanticMatches, 193 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13067 ImplicationChecksByTransitivity, 35.1s TimeCoverageRelationStatistics Valid=1966, Invalid=35864, Unknown=0, NotChecked=0, Total=37830 [2019-10-06 23:16:00,913 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 111 states. [2019-10-06 23:16:00,936 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 111 to 89. [2019-10-06 23:16:00,936 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 89 states. [2019-10-06 23:16:00,937 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 103 transitions. [2019-10-06 23:16:00,937 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 103 transitions. Word has length 55 [2019-10-06 23:16:00,937 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:16:00,938 INFO L462 AbstractCegarLoop]: Abstraction has 89 states and 103 transitions. [2019-10-06 23:16:00,938 INFO L463 AbstractCegarLoop]: Interpolant automaton has 137 states. [2019-10-06 23:16:00,938 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 103 transitions. [2019-10-06 23:16:00,942 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2019-10-06 23:16:00,943 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:16:00,943 INFO L385 BasicCegarLoop]: trace histogram [5, 4, 4, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:16:01,144 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:16:01,145 INFO L410 AbstractCegarLoop]: === Iteration 13 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:16:01,145 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:16:01,145 INFO L82 PathProgramCache]: Analyzing trace with hash 837670837, now seen corresponding path program 10 times [2019-10-06 23:16:01,145 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:16:01,146 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:16:01,146 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:16:01,146 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:16:01,146 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:16:01,167 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:16:01,277 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 11 proven. 14 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2019-10-06 23:16:01,278 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:16:01,278 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:16:01,278 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:16:01,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:16:01,521 INFO L256 TraceCheckSpWp]: Trace formula consists of 279 conjuncts, 12 conjunts are in the unsatisfiable core [2019-10-06 23:16:01,522 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:16:01,604 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2019-10-06 23:16:01,605 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:16:01,680 INFO L134 CoverageAnalysis]: Checked inductivity of 95 backedges. 15 proven. 10 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2019-10-06 23:16:01,680 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:16:01,681 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:16:01,682 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:16:01,682 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:16:01,682 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:16:01,682 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:16:01,701 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:16:02,326 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:16:02,348 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:16:02,353 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:16:02,353 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:16:02,353 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,353 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,354 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (= |#NULL.offset| 0)) (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= 0 (+ ~SIZE~0 2147483648)) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0))) (<= |old(~SIZE~0)| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:16:02,355 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,356 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,356 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,356 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:16:02,840 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 25 [2019-10-06 23:16:03,243 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:16:03,243 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13, 13, 11] total 31 [2019-10-06 23:16:03,244 INFO L442 AbstractCegarLoop]: Interpolant automaton has 31 states [2019-10-06 23:16:03,244 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2019-10-06 23:16:03,245 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=140, Invalid=790, Unknown=0, NotChecked=0, Total=930 [2019-10-06 23:16:03,245 INFO L87 Difference]: Start difference. First operand 89 states and 103 transitions. Second operand 31 states. [2019-10-06 23:16:04,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:16:04,964 INFO L93 Difference]: Finished difference Result 153 states and 177 transitions. [2019-10-06 23:16:04,965 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2019-10-06 23:16:04,965 INFO L78 Accepts]: Start accepts. Automaton has 31 states. Word has length 56 [2019-10-06 23:16:04,965 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:16:04,966 INFO L225 Difference]: With dead ends: 153 [2019-10-06 23:16:04,966 INFO L226 Difference]: Without dead ends: 65 [2019-10-06 23:16:04,967 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 200 GetRequests, 142 SyntacticMatches, 9 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 868 ImplicationChecksByTransitivity, 2.0s TimeCoverageRelationStatistics Valid=376, Invalid=2174, Unknown=0, NotChecked=0, Total=2550 [2019-10-06 23:16:04,968 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2019-10-06 23:16:04,986 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2019-10-06 23:16:04,986 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2019-10-06 23:16:04,987 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 73 transitions. [2019-10-06 23:16:04,987 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 73 transitions. Word has length 56 [2019-10-06 23:16:04,987 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:16:04,987 INFO L462 AbstractCegarLoop]: Abstraction has 65 states and 73 transitions. [2019-10-06 23:16:04,987 INFO L463 AbstractCegarLoop]: Interpolant automaton has 31 states. [2019-10-06 23:16:04,987 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 73 transitions. [2019-10-06 23:16:04,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2019-10-06 23:16:04,988 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:16:04,988 INFO L385 BasicCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:16:05,199 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:16:05,199 INFO L410 AbstractCegarLoop]: === Iteration 14 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:16:05,199 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:16:05,200 INFO L82 PathProgramCache]: Analyzing trace with hash 954320774, now seen corresponding path program 11 times [2019-10-06 23:16:05,200 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:16:05,200 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:16:05,200 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:16:05,201 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:16:05,201 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:16:05,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:16:06,317 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 64 DAG size of output: 47 [2019-10-06 23:16:06,538 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 50 [2019-10-06 23:16:06,787 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 50 [2019-10-06 23:16:07,063 WARN L191 SmtUtils]: Spent 242.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 54 [2019-10-06 23:16:07,301 WARN L191 SmtUtils]: Spent 199.00 ms on a formula simplification. DAG size of input: 62 DAG size of output: 45 [2019-10-06 23:16:07,511 WARN L191 SmtUtils]: Spent 188.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 46 [2019-10-06 23:16:07,806 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 61 [2019-10-06 23:16:08,086 WARN L191 SmtUtils]: Spent 245.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 53 [2019-10-06 23:16:08,375 WARN L191 SmtUtils]: Spent 248.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 53 [2019-10-06 23:16:08,692 WARN L191 SmtUtils]: Spent 271.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 55 [2019-10-06 23:16:08,998 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 50 [2019-10-06 23:16:09,253 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 48 [2019-10-06 23:16:09,507 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 55 [2019-10-06 23:16:09,805 WARN L191 SmtUtils]: Spent 254.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 56 [2019-10-06 23:16:10,103 WARN L191 SmtUtils]: Spent 247.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 55 [2019-10-06 23:16:10,357 WARN L191 SmtUtils]: Spent 203.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 55 [2019-10-06 23:16:10,598 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 52 [2019-10-06 23:16:10,814 WARN L191 SmtUtils]: Spent 175.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 50 [2019-10-06 23:16:11,124 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 67 [2019-10-06 23:16:11,442 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 58 [2019-10-06 23:16:11,776 WARN L191 SmtUtils]: Spent 268.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 55 [2019-10-06 23:16:12,058 WARN L191 SmtUtils]: Spent 215.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 57 [2019-10-06 23:16:12,333 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 52 [2019-10-06 23:16:12,576 WARN L191 SmtUtils]: Spent 196.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 55 [2019-10-06 23:16:12,848 WARN L191 SmtUtils]: Spent 201.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 56 [2019-10-06 23:16:13,121 WARN L191 SmtUtils]: Spent 200.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 56 [2019-10-06 23:16:13,445 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 56 [2019-10-06 23:16:13,766 WARN L191 SmtUtils]: Spent 255.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 56 [2019-10-06 23:16:14,030 WARN L191 SmtUtils]: Spent 187.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 56 [2019-10-06 23:16:14,275 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 54 [2019-10-06 23:16:14,577 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 63 [2019-10-06 23:16:14,856 WARN L191 SmtUtils]: Spent 203.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 54 [2019-10-06 23:16:15,118 WARN L191 SmtUtils]: Spent 184.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 54 [2019-10-06 23:16:15,404 WARN L191 SmtUtils]: Spent 208.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 59 [2019-10-06 23:16:15,649 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 49 [2019-10-06 23:16:15,866 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 49 [2019-10-06 23:16:16,093 WARN L191 SmtUtils]: Spent 147.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 53 [2019-10-06 23:16:16,323 WARN L191 SmtUtils]: Spent 152.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 54 [2019-10-06 23:16:16,534 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 53 [2019-10-06 23:16:16,755 WARN L191 SmtUtils]: Spent 139.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 52 [2019-10-06 23:16:16,951 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 48 [2019-10-06 23:16:17,124 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 47 [2019-10-06 23:16:17,316 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 57 DAG size of output: 48 [2019-10-06 23:16:17,941 INFO L134 CoverageAnalysis]: Checked inductivity of 135 backedges. 3 proven. 132 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:16:17,942 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:16:17,942 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:16:17,942 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 12 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:16:18,214 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-10-06 23:16:18,214 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:16:18,219 WARN L254 TraceCheckSpWp]: Trace formula consists of 318 conjuncts, 186 conjunts are in the unsatisfiable core [2019-10-06 23:16:18,223 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:16:34,485 INFO L134 CoverageAnalysis]: Checked inductivity of 135 backedges. 5 proven. 120 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:16:34,485 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:16:49,254 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification that was a NOOP. DAG size: 122 [2019-10-06 23:16:51,865 WARN L191 SmtUtils]: Spent 207.00 ms on a formula simplification that was a NOOP. DAG size: 126 [2019-10-06 23:16:54,928 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification that was a NOOP. DAG size: 128 [2019-10-06 23:16:58,586 WARN L191 SmtUtils]: Spent 227.00 ms on a formula simplification that was a NOOP. DAG size: 130 [2019-10-06 23:17:12,937 INFO L134 CoverageAnalysis]: Checked inductivity of 135 backedges. 0 proven. 125 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:17:12,937 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:17:12,938 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:17:12,938 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:17:12,939 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:17:12,939 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:17:12,939 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:17:12,960 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:17:13,579 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:17:13,599 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:17:13,602 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:17:13,602 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:17:13,602 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,602 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,602 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:17:13,602 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,602 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,603 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:17:13,604 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:17:16,354 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:17:17,903 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:17:17,904 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:17:17,905 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [59, 52, 50, 11] total 163 [2019-10-06 23:17:17,906 INFO L442 AbstractCegarLoop]: Interpolant automaton has 163 states [2019-10-06 23:17:17,906 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 163 interpolants. [2019-10-06 23:17:17,908 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1170, Invalid=25235, Unknown=1, NotChecked=0, Total=26406 [2019-10-06 23:17:17,908 INFO L87 Difference]: Start difference. First operand 65 states and 73 transitions. Second operand 163 states. [2019-10-06 23:17:20,692 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 303 DAG size of output: 30 [2019-10-06 23:17:21,958 WARN L191 SmtUtils]: Spent 226.00 ms on a formula simplification. DAG size of input: 222 DAG size of output: 47 [2019-10-06 23:17:23,291 WARN L191 SmtUtils]: Spent 110.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 55 [2019-10-06 23:17:24,022 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 58 [2019-10-06 23:17:24,791 WARN L191 SmtUtils]: Spent 155.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 77 [2019-10-06 23:17:26,006 WARN L191 SmtUtils]: Spent 234.00 ms on a formula simplification. DAG size of input: 141 DAG size of output: 64 [2019-10-06 23:17:26,774 WARN L191 SmtUtils]: Spent 221.00 ms on a formula simplification. DAG size of input: 137 DAG size of output: 67 [2019-10-06 23:17:27,575 WARN L191 SmtUtils]: Spent 227.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 65 [2019-10-06 23:17:29,962 WARN L191 SmtUtils]: Spent 671.00 ms on a formula simplification. DAG size of input: 390 DAG size of output: 82 [2019-10-06 23:17:31,663 WARN L191 SmtUtils]: Spent 574.00 ms on a formula simplification. DAG size of input: 274 DAG size of output: 89 [2019-10-06 23:17:32,461 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 99 [2019-10-06 23:17:34,533 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 116 DAG size of output: 78 [2019-10-06 23:17:35,591 WARN L191 SmtUtils]: Spent 176.00 ms on a formula simplification. DAG size of input: 210 DAG size of output: 27 [2019-10-06 23:17:38,111 WARN L191 SmtUtils]: Spent 275.00 ms on a formula simplification. DAG size of input: 163 DAG size of output: 83 [2019-10-06 23:17:39,020 WARN L191 SmtUtils]: Spent 232.00 ms on a formula simplification. DAG size of input: 150 DAG size of output: 89 [2019-10-06 23:17:41,649 WARN L191 SmtUtils]: Spent 881.00 ms on a formula simplification. DAG size of input: 388 DAG size of output: 102 [2019-10-06 23:17:43,905 WARN L191 SmtUtils]: Spent 521.00 ms on a formula simplification. DAG size of input: 285 DAG size of output: 103 [2019-10-06 23:17:44,862 WARN L191 SmtUtils]: Spent 243.00 ms on a formula simplification. DAG size of input: 126 DAG size of output: 110 [2019-10-06 23:17:50,938 WARN L191 SmtUtils]: Spent 191.00 ms on a formula simplification. DAG size of input: 130 DAG size of output: 94 [2019-10-06 23:17:52,063 WARN L191 SmtUtils]: Spent 271.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 102 [2019-10-06 23:17:53,085 WARN L191 SmtUtils]: Spent 224.00 ms on a formula simplification. DAG size of input: 138 DAG size of output: 98 [2019-10-06 23:17:55,545 WARN L191 SmtUtils]: Spent 680.00 ms on a formula simplification. DAG size of input: 351 DAG size of output: 108 [2019-10-06 23:17:57,510 WARN L191 SmtUtils]: Spent 574.00 ms on a formula simplification. DAG size of input: 293 DAG size of output: 112 [2019-10-06 23:17:58,608 WARN L191 SmtUtils]: Spent 224.00 ms on a formula simplification. DAG size of input: 133 DAG size of output: 117 [2019-10-06 23:18:12,427 WARN L191 SmtUtils]: Spent 274.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 107 [2019-10-06 23:18:13,935 WARN L191 SmtUtils]: Spent 262.00 ms on a formula simplification. DAG size of input: 151 DAG size of output: 103 [2019-10-06 23:18:15,298 WARN L191 SmtUtils]: Spent 256.00 ms on a formula simplification. DAG size of input: 159 DAG size of output: 108 [2019-10-06 23:18:18,155 WARN L191 SmtUtils]: Spent 865.00 ms on a formula simplification. DAG size of input: 391 DAG size of output: 120 [2019-10-06 23:18:20,265 WARN L191 SmtUtils]: Spent 582.00 ms on a formula simplification. DAG size of input: 304 DAG size of output: 121 [2019-10-06 23:18:21,669 WARN L191 SmtUtils]: Spent 286.00 ms on a formula simplification. DAG size of input: 144 DAG size of output: 132 [2019-10-06 23:18:28,620 WARN L191 SmtUtils]: Spent 201.00 ms on a formula simplification. DAG size of input: 130 DAG size of output: 117 [2019-10-06 23:18:30,423 WARN L191 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 164 DAG size of output: 123 [2019-10-06 23:18:32,090 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 161 DAG size of output: 119 [2019-10-06 23:18:33,819 WARN L191 SmtUtils]: Spent 361.00 ms on a formula simplification. DAG size of input: 200 DAG size of output: 125 [2019-10-06 23:18:37,147 WARN L191 SmtUtils]: Spent 718.00 ms on a formula simplification. DAG size of input: 314 DAG size of output: 132 [2019-10-06 23:18:38,698 WARN L191 SmtUtils]: Spent 248.00 ms on a formula simplification. DAG size of input: 152 DAG size of output: 136 [2019-10-06 23:18:40,607 WARN L191 SmtUtils]: Spent 319.00 ms on a formula simplification. DAG size of input: 187 DAG size of output: 107 [2019-10-06 23:18:41,978 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification. DAG size of input: 178 DAG size of output: 112 [2019-10-06 23:18:44,825 WARN L191 SmtUtils]: Spent 768.00 ms on a formula simplification. DAG size of input: 418 DAG size of output: 120 [2019-10-06 23:18:47,137 WARN L191 SmtUtils]: Spent 654.00 ms on a formula simplification. DAG size of input: 309 DAG size of output: 122 [2019-10-06 23:18:48,493 WARN L191 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 145 DAG size of output: 129 [2019-10-06 23:18:50,134 WARN L191 SmtUtils]: Spent 301.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 94 [2019-10-06 23:18:51,227 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 157 DAG size of output: 98 [2019-10-06 23:18:52,481 WARN L191 SmtUtils]: Spent 327.00 ms on a formula simplification. DAG size of input: 194 DAG size of output: 108 [2019-10-06 23:18:54,428 WARN L191 SmtUtils]: Spent 505.00 ms on a formula simplification. DAG size of input: 293 DAG size of output: 108 [2019-10-06 23:18:55,471 WARN L191 SmtUtils]: Spent 240.00 ms on a formula simplification. DAG size of input: 138 DAG size of output: 120 [2019-10-06 23:18:57,045 WARN L191 SmtUtils]: Spent 198.00 ms on a formula simplification. DAG size of input: 123 DAG size of output: 80 [2019-10-06 23:18:59,234 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 150 DAG size of output: 88 [2019-10-06 23:19:00,660 WARN L191 SmtUtils]: Spent 226.00 ms on a formula simplification. DAG size of input: 147 DAG size of output: 88 [2019-10-06 23:19:01,717 WARN L191 SmtUtils]: Spent 304.00 ms on a formula simplification. DAG size of input: 179 DAG size of output: 91 [2019-10-06 23:19:03,521 WARN L191 SmtUtils]: Spent 642.00 ms on a formula simplification. DAG size of input: 283 DAG size of output: 86 [2019-10-06 23:19:07,031 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:19:07,032 INFO L93 Difference]: Finished difference Result 121 states and 143 transitions. [2019-10-06 23:19:07,032 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 70 states. [2019-10-06 23:19:07,032 INFO L78 Accepts]: Start accepts. Automaton has 163 states. Word has length 64 [2019-10-06 23:19:07,033 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:19:07,034 INFO L225 Difference]: With dead ends: 121 [2019-10-06 23:19:07,034 INFO L226 Difference]: Without dead ends: 116 [2019-10-06 23:19:07,037 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 312 GetRequests, 79 SyntacticMatches, 10 SemanticMatches, 223 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15946 ImplicationChecksByTransitivity, 155.8s TimeCoverageRelationStatistics Valid=3089, Invalid=47305, Unknown=6, NotChecked=0, Total=50400 [2019-10-06 23:19:07,037 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2019-10-06 23:19:07,062 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 103. [2019-10-06 23:19:07,063 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 103 states. [2019-10-06 23:19:07,063 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 118 transitions. [2019-10-06 23:19:07,064 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 118 transitions. Word has length 64 [2019-10-06 23:19:07,064 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:19:07,064 INFO L462 AbstractCegarLoop]: Abstraction has 103 states and 118 transitions. [2019-10-06 23:19:07,064 INFO L463 AbstractCegarLoop]: Interpolant automaton has 163 states. [2019-10-06 23:19:07,064 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 118 transitions. [2019-10-06 23:19:07,065 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2019-10-06 23:19:07,065 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:19:07,066 INFO L385 BasicCegarLoop]: trace histogram [6, 5, 5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:19:07,270 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:07,270 INFO L410 AbstractCegarLoop]: === Iteration 15 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:19:07,271 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:19:07,271 INFO L82 PathProgramCache]: Analyzing trace with hash 2055225459, now seen corresponding path program 12 times [2019-10-06 23:19:07,271 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:19:07,271 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:07,271 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:07,272 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:07,272 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:19:07,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:19:07,439 INFO L134 CoverageAnalysis]: Checked inductivity of 141 backedges. 16 proven. 20 refuted. 0 times theorem prover too weak. 105 trivial. 0 not checked. [2019-10-06 23:19:07,439 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:07,439 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:19:07,440 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 13 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 13 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:07,780 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:19:07,781 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:19:07,782 INFO L256 TraceCheckSpWp]: Trace formula consists of 310 conjuncts, 14 conjunts are in the unsatisfiable core [2019-10-06 23:19:07,785 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:19:07,895 INFO L134 CoverageAnalysis]: Checked inductivity of 141 backedges. 21 proven. 15 refuted. 0 times theorem prover too weak. 105 trivial. 0 not checked. [2019-10-06 23:19:07,895 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:19:07,977 INFO L134 CoverageAnalysis]: Checked inductivity of 141 backedges. 21 proven. 15 refuted. 0 times theorem prover too weak. 105 trivial. 0 not checked. [2019-10-06 23:19:07,978 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:19:07,979 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:19:07,979 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:19:07,980 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:19:07,980 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:19:07,981 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:19:08,001 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:19:08,789 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:19:08,809 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:19:08,811 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:19:08,811 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:19:08,812 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,813 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,814 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:19:08,814 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:09,373 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:19:09,797 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:19:09,797 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:19:09,798 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14, 14, 11] total 33 [2019-10-06 23:19:09,799 INFO L442 AbstractCegarLoop]: Interpolant automaton has 33 states [2019-10-06 23:19:09,799 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2019-10-06 23:19:09,799 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=159, Invalid=897, Unknown=0, NotChecked=0, Total=1056 [2019-10-06 23:19:09,800 INFO L87 Difference]: Start difference. First operand 103 states and 118 transitions. Second operand 33 states. [2019-10-06 23:19:12,021 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:19:12,021 INFO L93 Difference]: Finished difference Result 208 states and 245 transitions. [2019-10-06 23:19:12,022 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2019-10-06 23:19:12,022 INFO L78 Accepts]: Start accepts. Automaton has 33 states. Word has length 65 [2019-10-06 23:19:12,022 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:19:12,023 INFO L225 Difference]: With dead ends: 208 [2019-10-06 23:19:12,023 INFO L226 Difference]: Without dead ends: 112 [2019-10-06 23:19:12,024 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 232 GetRequests, 167 SyntacticMatches, 10 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1041 ImplicationChecksByTransitivity, 2.4s TimeCoverageRelationStatistics Valid=468, Invalid=2724, Unknown=0, NotChecked=0, Total=3192 [2019-10-06 23:19:12,024 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 112 states. [2019-10-06 23:19:12,059 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 112 to 109. [2019-10-06 23:19:12,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 109 states. [2019-10-06 23:19:12,060 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 123 transitions. [2019-10-06 23:19:12,060 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 123 transitions. Word has length 65 [2019-10-06 23:19:12,061 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:19:12,061 INFO L462 AbstractCegarLoop]: Abstraction has 109 states and 123 transitions. [2019-10-06 23:19:12,061 INFO L463 AbstractCegarLoop]: Interpolant automaton has 33 states. [2019-10-06 23:19:12,061 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 123 transitions. [2019-10-06 23:19:12,061 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2019-10-06 23:19:12,061 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:19:12,061 INFO L385 BasicCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:19:12,262 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:12,263 INFO L410 AbstractCegarLoop]: === Iteration 16 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:19:12,263 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:19:12,263 INFO L82 PathProgramCache]: Analyzing trace with hash 145719312, now seen corresponding path program 13 times [2019-10-06 23:19:12,263 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:19:12,264 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:12,264 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:12,264 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:12,264 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:19:12,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:19:12,413 INFO L134 CoverageAnalysis]: Checked inductivity of 147 backedges. 10 proven. 26 refuted. 0 times theorem prover too weak. 111 trivial. 0 not checked. [2019-10-06 23:19:12,413 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:12,413 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:19:12,413 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 14 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 14 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:12,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:19:12,721 INFO L256 TraceCheckSpWp]: Trace formula consists of 327 conjuncts, 14 conjunts are in the unsatisfiable core [2019-10-06 23:19:12,722 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:19:12,805 INFO L134 CoverageAnalysis]: Checked inductivity of 147 backedges. 15 proven. 21 refuted. 0 times theorem prover too weak. 111 trivial. 0 not checked. [2019-10-06 23:19:12,805 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:19:12,897 INFO L134 CoverageAnalysis]: Checked inductivity of 147 backedges. 15 proven. 21 refuted. 0 times theorem prover too weak. 111 trivial. 0 not checked. [2019-10-06 23:19:12,897 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:19:12,898 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:19:12,899 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:19:12,899 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:19:12,899 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:19:12,899 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:19:12,921 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:19:13,508 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:19:13,535 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:19:13,538 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:19:13,538 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:19:13,538 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,538 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,538 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:19:13,538 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,538 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,539 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:19:13,540 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,541 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,541 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:19:13,541 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:19:14,031 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:19:14,438 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:19:14,439 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:19:14,439 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 15, 15, 11] total 34 [2019-10-06 23:19:14,439 INFO L442 AbstractCegarLoop]: Interpolant automaton has 34 states [2019-10-06 23:19:14,440 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2019-10-06 23:19:14,440 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=166, Invalid=956, Unknown=0, NotChecked=0, Total=1122 [2019-10-06 23:19:14,440 INFO L87 Difference]: Start difference. First operand 109 states and 123 transitions. Second operand 34 states. [2019-10-06 23:19:16,849 WARN L191 SmtUtils]: Spent 105.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:19:16,935 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:19:16,935 INFO L93 Difference]: Finished difference Result 115 states and 129 transitions. [2019-10-06 23:19:16,935 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2019-10-06 23:19:16,936 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 66 [2019-10-06 23:19:16,936 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:19:16,937 INFO L225 Difference]: With dead ends: 115 [2019-10-06 23:19:16,937 INFO L226 Difference]: Without dead ends: 74 [2019-10-06 23:19:16,938 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 232 GetRequests, 168 SyntacticMatches, 12 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1004 ImplicationChecksByTransitivity, 2.4s TimeCoverageRelationStatistics Valid=399, Invalid=2463, Unknown=0, NotChecked=0, Total=2862 [2019-10-06 23:19:16,938 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2019-10-06 23:19:16,956 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 74. [2019-10-06 23:19:16,956 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 74 states. [2019-10-06 23:19:16,957 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 82 transitions. [2019-10-06 23:19:16,957 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 82 transitions. Word has length 66 [2019-10-06 23:19:16,957 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:19:16,957 INFO L462 AbstractCegarLoop]: Abstraction has 74 states and 82 transitions. [2019-10-06 23:19:16,957 INFO L463 AbstractCegarLoop]: Interpolant automaton has 34 states. [2019-10-06 23:19:16,957 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 82 transitions. [2019-10-06 23:19:16,958 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2019-10-06 23:19:16,958 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:19:16,958 INFO L385 BasicCegarLoop]: trace histogram [6, 6, 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:19:17,158 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:17,159 INFO L410 AbstractCegarLoop]: === Iteration 17 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:19:17,159 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:19:17,160 INFO L82 PathProgramCache]: Analyzing trace with hash -654671512, now seen corresponding path program 14 times [2019-10-06 23:19:17,160 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:19:17,160 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:17,160 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:17,160 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:19:17,161 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:19:17,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:19:17,885 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 34 [2019-10-06 23:19:18,013 WARN L191 SmtUtils]: Spent 112.00 ms on a formula simplification. DAG size of input: 55 DAG size of output: 38 [2019-10-06 23:19:18,148 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 41 [2019-10-06 23:19:18,309 WARN L191 SmtUtils]: Spent 138.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 45 [2019-10-06 23:19:18,498 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 50 [2019-10-06 23:19:18,674 WARN L191 SmtUtils]: Spent 149.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 50 [2019-10-06 23:19:18,871 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 51 [2019-10-06 23:19:19,067 WARN L191 SmtUtils]: Spent 158.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 51 [2019-10-06 23:19:19,353 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 54 [2019-10-06 23:19:19,639 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 50 [2019-10-06 23:19:19,805 WARN L191 SmtUtils]: Spent 137.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 51 [2019-10-06 23:19:20,018 WARN L191 SmtUtils]: Spent 177.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 52 [2019-10-06 23:19:20,221 WARN L191 SmtUtils]: Spent 165.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 52 [2019-10-06 23:19:20,414 WARN L191 SmtUtils]: Spent 154.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 54 [2019-10-06 23:19:20,625 WARN L191 SmtUtils]: Spent 164.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 56 [2019-10-06 23:19:20,841 WARN L191 SmtUtils]: Spent 166.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 59 [2019-10-06 23:19:21,034 WARN L191 SmtUtils]: Spent 148.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 55 [2019-10-06 23:19:21,239 WARN L191 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 56 [2019-10-06 23:19:21,538 WARN L191 SmtUtils]: Spent 257.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 66 [2019-10-06 23:19:21,831 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 67 [2019-10-06 23:19:22,131 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 64 [2019-10-06 23:19:22,412 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 63 [2019-10-06 23:19:22,688 WARN L191 SmtUtils]: Spent 220.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 64 [2019-10-06 23:19:22,941 WARN L191 SmtUtils]: Spent 188.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 54 [2019-10-06 23:19:23,154 WARN L191 SmtUtils]: Spent 174.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 52 [2019-10-06 23:19:23,466 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 67 [2019-10-06 23:19:23,782 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 64 [2019-10-06 23:19:24,077 WARN L191 SmtUtils]: Spent 234.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 62 [2019-10-06 23:19:24,390 WARN L191 SmtUtils]: Spent 243.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 67 [2019-10-06 23:19:24,713 WARN L191 SmtUtils]: Spent 222.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 60 [2019-10-06 23:19:24,984 WARN L191 SmtUtils]: Spent 204.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 55 [2019-10-06 23:19:25,230 WARN L191 SmtUtils]: Spent 194.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 53 [2019-10-06 23:19:25,573 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 71 [2019-10-06 23:19:25,904 WARN L191 SmtUtils]: Spent 267.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 64 [2019-10-06 23:19:26,284 WARN L191 SmtUtils]: Spent 237.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 62 [2019-10-06 23:19:26,572 WARN L191 SmtUtils]: Spent 212.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 58 [2019-10-06 23:19:26,839 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 52 [2019-10-06 23:19:27,142 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 52 [2019-10-06 23:19:27,388 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 52 [2019-10-06 23:19:27,643 WARN L191 SmtUtils]: Spent 182.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 54 [2019-10-06 23:19:27,883 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 54 [2019-10-06 23:19:28,140 WARN L191 SmtUtils]: Spent 173.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 59 [2019-10-06 23:19:28,370 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 54 [2019-10-06 23:19:28,657 WARN L191 SmtUtils]: Spent 176.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 56 [2019-10-06 23:19:28,917 WARN L191 SmtUtils]: Spent 178.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 57 [2019-10-06 23:19:29,177 WARN L191 SmtUtils]: Spent 177.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 55 [2019-10-06 23:19:29,440 WARN L191 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 60 [2019-10-06 23:19:29,709 WARN L191 SmtUtils]: Spent 168.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 59 [2019-10-06 23:19:29,958 WARN L191 SmtUtils]: Spent 149.00 ms on a formula simplification. DAG size of input: 65 DAG size of output: 54 [2019-10-06 23:19:30,161 WARN L191 SmtUtils]: Spent 153.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 54 [2019-10-06 23:19:30,379 WARN L191 SmtUtils]: Spent 144.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 51 [2019-10-06 23:19:30,573 WARN L191 SmtUtils]: Spent 115.00 ms on a formula simplification. DAG size of input: 59 DAG size of output: 45 [2019-10-06 23:19:30,751 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 52 DAG size of output: 41 [2019-10-06 23:19:31,301 INFO L134 CoverageAnalysis]: Checked inductivity of 189 backedges. 6 proven. 183 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:19:31,301 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:19:31,301 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:19:31,301 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 15 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 15 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:19:31,663 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-10-06 23:19:31,663 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:19:31,671 WARN L254 TraceCheckSpWp]: Trace formula consists of 362 conjuncts, 218 conjunts are in the unsatisfiable core [2019-10-06 23:19:31,674 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:19:44,606 INFO L134 CoverageAnalysis]: Checked inductivity of 189 backedges. 6 proven. 168 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:19:44,607 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:20:04,225 WARN L191 SmtUtils]: Spent 216.00 ms on a formula simplification that was a NOOP. DAG size: 128 [2019-10-06 23:20:07,232 WARN L191 SmtUtils]: Spent 225.00 ms on a formula simplification that was a NOOP. DAG size: 132 [2019-10-06 23:20:10,809 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification that was a NOOP. DAG size: 134 [2019-10-06 23:20:14,909 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification that was a NOOP. DAG size: 136 [2019-10-06 23:20:19,643 WARN L191 SmtUtils]: Spent 237.00 ms on a formula simplification that was a NOOP. DAG size: 138 [2019-10-06 23:20:40,060 INFO L134 CoverageAnalysis]: Checked inductivity of 189 backedges. 0 proven. 174 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:20:40,060 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:20:40,061 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:20:40,061 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:20:40,062 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:20:40,062 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:20:40,062 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:20:40,086 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:20:40,812 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:20:40,837 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:20:40,844 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:20:40,845 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:20:40,845 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,845 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,845 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:20:40,845 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,846 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:20:40,847 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:20:40,848 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,848 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,848 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:20:40,848 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:20:43,659 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:20:45,428 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:20:45,429 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:20:45,429 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [65, 60, 58, 11] total 185 [2019-10-06 23:20:45,430 INFO L442 AbstractCegarLoop]: Interpolant automaton has 185 states [2019-10-06 23:20:45,431 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 185 interpolants. [2019-10-06 23:20:45,432 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1755, Invalid=32285, Unknown=0, NotChecked=0, Total=34040 [2019-10-06 23:20:45,432 INFO L87 Difference]: Start difference. First operand 74 states and 82 transitions. Second operand 185 states. [2019-10-06 23:20:48,613 WARN L191 SmtUtils]: Spent 435.00 ms on a formula simplification. DAG size of input: 317 DAG size of output: 27 [2019-10-06 23:20:49,974 WARN L191 SmtUtils]: Spent 212.00 ms on a formula simplification. DAG size of input: 234 DAG size of output: 47 [2019-10-06 23:20:52,432 WARN L191 SmtUtils]: Spent 113.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 58 [2019-10-06 23:20:53,241 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 63 [2019-10-06 23:20:54,226 WARN L191 SmtUtils]: Spent 186.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 85 [2019-10-06 23:20:55,565 WARN L191 SmtUtils]: Spent 175.00 ms on a formula simplification. DAG size of input: 114 DAG size of output: 66 [2019-10-06 23:20:56,420 WARN L191 SmtUtils]: Spent 234.00 ms on a formula simplification. DAG size of input: 128 DAG size of output: 74 [2019-10-06 23:20:57,250 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 119 DAG size of output: 76 [2019-10-06 23:20:58,168 WARN L191 SmtUtils]: Spent 257.00 ms on a formula simplification. DAG size of input: 143 DAG size of output: 74 [2019-10-06 23:21:00,752 WARN L191 SmtUtils]: Spent 550.00 ms on a formula simplification. DAG size of input: 384 DAG size of output: 91 [2019-10-06 23:21:02,465 WARN L191 SmtUtils]: Spent 403.00 ms on a formula simplification. DAG size of input: 271 DAG size of output: 92 [2019-10-06 23:21:03,346 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 114 DAG size of output: 104 [2019-10-06 23:21:05,047 WARN L191 SmtUtils]: Spent 140.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 84 [2019-10-06 23:21:06,187 WARN L191 SmtUtils]: Spent 150.00 ms on a formula simplification. DAG size of input: 224 DAG size of output: 27 [2019-10-06 23:21:07,020 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 119 DAG size of output: 92 [2019-10-06 23:21:09,434 WARN L191 SmtUtils]: Spent 193.00 ms on a formula simplification. DAG size of input: 119 DAG size of output: 92 [2019-10-06 23:21:10,219 WARN L191 SmtUtils]: Spent 160.00 ms on a formula simplification. DAG size of input: 109 DAG size of output: 95 [2019-10-06 23:21:11,199 WARN L191 SmtUtils]: Spent 270.00 ms on a formula simplification. DAG size of input: 140 DAG size of output: 113 [2019-10-06 23:21:12,940 WARN L191 SmtUtils]: Spent 391.00 ms on a formula simplification. DAG size of input: 268 DAG size of output: 113 [2019-10-06 23:21:13,953 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 130 DAG size of output: 117 [2019-10-06 23:21:16,543 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 141 DAG size of output: 103 [2019-10-06 23:21:17,546 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 129 DAG size of output: 108 [2019-10-06 23:21:18,486 WARN L191 SmtUtils]: Spent 217.00 ms on a formula simplification. DAG size of input: 132 DAG size of output: 109 [2019-10-06 23:21:19,413 WARN L191 SmtUtils]: Spent 240.00 ms on a formula simplification. DAG size of input: 129 DAG size of output: 108 [2019-10-06 23:21:20,517 WARN L191 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 138 DAG size of output: 121 [2019-10-06 23:21:22,527 WARN L191 SmtUtils]: Spent 448.00 ms on a formula simplification. DAG size of input: 296 DAG size of output: 127 [2019-10-06 23:21:23,697 WARN L191 SmtUtils]: Spent 274.00 ms on a formula simplification. DAG size of input: 140 DAG size of output: 131 [2019-10-06 23:21:26,493 WARN L191 SmtUtils]: Spent 300.00 ms on a formula simplification. DAG size of input: 147 DAG size of output: 109 [2019-10-06 23:21:27,849 WARN L191 SmtUtils]: Spent 248.00 ms on a formula simplification. DAG size of input: 138 DAG size of output: 117 [2019-10-06 23:21:28,937 WARN L191 SmtUtils]: Spent 222.00 ms on a formula simplification. DAG size of input: 135 DAG size of output: 113 [2019-10-06 23:21:30,042 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 135 DAG size of output: 115 [2019-10-06 23:21:31,334 WARN L191 SmtUtils]: Spent 364.00 ms on a formula simplification. DAG size of input: 175 DAG size of output: 128 [2019-10-06 23:21:33,704 WARN L191 SmtUtils]: Spent 472.00 ms on a formula simplification. DAG size of input: 298 DAG size of output: 135 [2019-10-06 23:21:34,885 WARN L191 SmtUtils]: Spent 269.00 ms on a formula simplification. DAG size of input: 149 DAG size of output: 134 [2019-10-06 23:21:36,976 WARN L191 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 132 DAG size of output: 117 [2019-10-06 23:21:38,453 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 149 DAG size of output: 125 [2019-10-06 23:21:39,636 WARN L191 SmtUtils]: Spent 257.00 ms on a formula simplification. DAG size of input: 147 DAG size of output: 126 [2019-10-06 23:21:40,713 WARN L191 SmtUtils]: Spent 218.00 ms on a formula simplification. DAG size of input: 147 DAG size of output: 127 [2019-10-06 23:21:42,009 WARN L191 SmtUtils]: Spent 327.00 ms on a formula simplification. DAG size of input: 154 DAG size of output: 139 [2019-10-06 23:21:44,995 WARN L191 SmtUtils]: Spent 480.00 ms on a formula simplification. DAG size of input: 308 DAG size of output: 145 [2019-10-06 23:21:46,344 WARN L191 SmtUtils]: Spent 320.00 ms on a formula simplification. DAG size of input: 159 DAG size of output: 150 [2019-10-06 23:21:48,370 WARN L191 SmtUtils]: Spent 305.00 ms on a formula simplification. DAG size of input: 173 DAG size of output: 119 [2019-10-06 23:21:49,673 WARN L191 SmtUtils]: Spent 384.00 ms on a formula simplification. DAG size of input: 161 DAG size of output: 120 [2019-10-06 23:21:50,717 WARN L191 SmtUtils]: Spent 258.00 ms on a formula simplification. DAG size of input: 142 DAG size of output: 122 [2019-10-06 23:21:52,418 WARN L191 SmtUtils]: Spent 392.00 ms on a formula simplification. DAG size of input: 205 DAG size of output: 128 [2019-10-06 23:21:54,779 WARN L191 SmtUtils]: Spent 515.00 ms on a formula simplification. DAG size of input: 299 DAG size of output: 136 [2019-10-06 23:21:56,031 WARN L191 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 149 DAG size of output: 136 [2019-10-06 23:21:57,721 WARN L191 SmtUtils]: Spent 272.00 ms on a formula simplification. DAG size of input: 155 DAG size of output: 109 [2019-10-06 23:21:58,813 WARN L191 SmtUtils]: Spent 256.00 ms on a formula simplification. DAG size of input: 143 DAG size of output: 104 [2019-10-06 23:21:59,797 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 145 DAG size of output: 100 [2019-10-06 23:22:00,935 WARN L191 SmtUtils]: Spent 315.00 ms on a formula simplification. DAG size of input: 169 DAG size of output: 115 [2019-10-06 23:22:02,896 WARN L191 SmtUtils]: Spent 414.00 ms on a formula simplification. DAG size of input: 290 DAG size of output: 122 [2019-10-06 23:22:03,963 WARN L191 SmtUtils]: Spent 228.00 ms on a formula simplification. DAG size of input: 135 DAG size of output: 122 [2019-10-06 23:22:05,112 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 86 [2019-10-06 23:22:06,398 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 151 DAG size of output: 96 [2019-10-06 23:22:07,392 WARN L191 SmtUtils]: Spent 226.00 ms on a formula simplification. DAG size of input: 132 DAG size of output: 88 [2019-10-06 23:22:08,422 WARN L191 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 157 DAG size of output: 89 [2019-10-06 23:22:09,536 WARN L191 SmtUtils]: Spent 322.00 ms on a formula simplification. DAG size of input: 175 DAG size of output: 99 [2019-10-06 23:22:11,257 WARN L191 SmtUtils]: Spent 370.00 ms on a formula simplification. DAG size of input: 283 DAG size of output: 95 [2019-10-06 23:22:12,038 WARN L191 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 77 [2019-10-06 23:22:12,941 WARN L191 SmtUtils]: Spent 122.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 57 [2019-10-06 23:22:15,828 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:22:15,828 INFO L93 Difference]: Finished difference Result 137 states and 159 transitions. [2019-10-06 23:22:15,828 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 79 states. [2019-10-06 23:22:15,828 INFO L78 Accepts]: Start accepts. Automaton has 185 states. Word has length 73 [2019-10-06 23:22:15,829 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:22:15,830 INFO L225 Difference]: With dead ends: 137 [2019-10-06 23:22:15,830 INFO L226 Difference]: Without dead ends: 132 [2019-10-06 23:22:15,833 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 357 GetRequests, 90 SyntacticMatches, 13 SemanticMatches, 254 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21929 ImplicationChecksByTransitivity, 147.0s TimeCoverageRelationStatistics Valid=4163, Invalid=61117, Unknown=0, NotChecked=0, Total=65280 [2019-10-06 23:22:15,833 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2019-10-06 23:22:15,867 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 118. [2019-10-06 23:22:15,868 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 118 states. [2019-10-06 23:22:15,868 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 133 transitions. [2019-10-06 23:22:15,868 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 133 transitions. Word has length 73 [2019-10-06 23:22:15,869 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:22:15,869 INFO L462 AbstractCegarLoop]: Abstraction has 118 states and 133 transitions. [2019-10-06 23:22:15,869 INFO L463 AbstractCegarLoop]: Interpolant automaton has 185 states. [2019-10-06 23:22:15,869 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 133 transitions. [2019-10-06 23:22:15,869 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2019-10-06 23:22:15,870 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:22:15,870 INFO L385 BasicCegarLoop]: trace histogram [7, 6, 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:22:16,074 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:16,075 INFO L410 AbstractCegarLoop]: === Iteration 18 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:22:16,075 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:22:16,075 INFO L82 PathProgramCache]: Analyzing trace with hash -1705006545, now seen corresponding path program 15 times [2019-10-06 23:22:16,076 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:22:16,076 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:16,076 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:16,076 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:16,076 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:22:16,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:22:16,202 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 22 proven. 27 refuted. 0 times theorem prover too weak. 147 trivial. 0 not checked. [2019-10-06 23:22:16,202 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:16,202 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:22:16,202 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 16 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 16 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:16,559 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:22:16,560 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:22:16,561 INFO L256 TraceCheckSpWp]: Trace formula consists of 354 conjuncts, 16 conjunts are in the unsatisfiable core [2019-10-06 23:22:16,564 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:22:16,702 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 28 proven. 21 refuted. 0 times theorem prover too weak. 147 trivial. 0 not checked. [2019-10-06 23:22:16,702 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:22:16,782 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 28 proven. 21 refuted. 0 times theorem prover too weak. 147 trivial. 0 not checked. [2019-10-06 23:22:16,783 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:22:16,784 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:22:16,784 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:22:16,785 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:22:16,785 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:22:16,785 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:22:16,813 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:22:17,417 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:22:17,445 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:22:17,447 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:22:17,447 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:22:17,447 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,447 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,448 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= 0 |old(~SIZE~0)|) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:22:17,449 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:18,012 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:22:18,442 WARN L191 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:22:18,443 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:22:18,443 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 16, 16, 11] total 36 [2019-10-06 23:22:18,444 INFO L442 AbstractCegarLoop]: Interpolant automaton has 36 states [2019-10-06 23:22:18,444 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2019-10-06 23:22:18,444 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=193, Invalid=1067, Unknown=0, NotChecked=0, Total=1260 [2019-10-06 23:22:18,445 INFO L87 Difference]: Start difference. First operand 118 states and 133 transitions. Second operand 36 states. [2019-10-06 23:22:20,994 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:22:20,994 INFO L93 Difference]: Finished difference Result 238 states and 275 transitions. [2019-10-06 23:22:20,995 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2019-10-06 23:22:20,995 INFO L78 Accepts]: Start accepts. Automaton has 36 states. Word has length 74 [2019-10-06 23:22:20,996 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:22:20,997 INFO L225 Difference]: With dead ends: 238 [2019-10-06 23:22:20,997 INFO L226 Difference]: Without dead ends: 127 [2019-10-06 23:22:20,998 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 264 GetRequests, 191 SyntacticMatches, 12 SemanticMatches, 61 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1313 ImplicationChecksByTransitivity, 2.6s TimeCoverageRelationStatistics Valid=577, Invalid=3329, Unknown=0, NotChecked=0, Total=3906 [2019-10-06 23:22:20,998 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2019-10-06 23:22:21,029 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 124. [2019-10-06 23:22:21,029 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 124 states. [2019-10-06 23:22:21,030 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 138 transitions. [2019-10-06 23:22:21,030 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 138 transitions. Word has length 74 [2019-10-06 23:22:21,030 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:22:21,030 INFO L462 AbstractCegarLoop]: Abstraction has 124 states and 138 transitions. [2019-10-06 23:22:21,030 INFO L463 AbstractCegarLoop]: Interpolant automaton has 36 states. [2019-10-06 23:22:21,030 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 138 transitions. [2019-10-06 23:22:21,031 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 76 [2019-10-06 23:22:21,031 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:22:21,031 INFO L385 BasicCegarLoop]: trace histogram [7, 7, 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:22:21,232 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:21,232 INFO L410 AbstractCegarLoop]: === Iteration 19 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:22:21,233 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:22:21,233 INFO L82 PathProgramCache]: Analyzing trace with hash 1961995058, now seen corresponding path program 16 times [2019-10-06 23:22:21,233 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:22:21,233 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:21,233 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:21,234 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:21,234 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:22:21,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:22:21,390 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 15 proven. 34 refuted. 0 times theorem prover too weak. 154 trivial. 0 not checked. [2019-10-06 23:22:21,391 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:21,391 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:22:21,391 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 17 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 17 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:21,760 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:22:21,762 INFO L256 TraceCheckSpWp]: Trace formula consists of 371 conjuncts, 16 conjunts are in the unsatisfiable core [2019-10-06 23:22:21,766 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:22:21,892 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 21 proven. 28 refuted. 0 times theorem prover too weak. 154 trivial. 0 not checked. [2019-10-06 23:22:21,892 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:22:22,035 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 21 proven. 28 refuted. 0 times theorem prover too weak. 154 trivial. 0 not checked. [2019-10-06 23:22:22,036 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:22:22,036 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:22:22,037 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:22:22,037 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:22:22,037 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:22:22,037 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:22:22,067 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 30 for LOIs [2019-10-06 23:22:22,696 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:22:22,716 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:22:22,719 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:22:22,719 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:22:22,719 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,719 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,719 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,720 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,721 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,721 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:22:22,729 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:22:22,729 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,729 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,729 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:22:22,729 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:22:23,222 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:22:23,635 WARN L191 SmtUtils]: Spent 111.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:22:23,635 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:22:23,636 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 17, 17, 11] total 37 [2019-10-06 23:22:23,636 INFO L442 AbstractCegarLoop]: Interpolant automaton has 37 states [2019-10-06 23:22:23,637 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2019-10-06 23:22:23,637 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=200, Invalid=1132, Unknown=0, NotChecked=0, Total=1332 [2019-10-06 23:22:23,637 INFO L87 Difference]: Start difference. First operand 124 states and 138 transitions. Second operand 37 states. [2019-10-06 23:22:26,263 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:22:26,347 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:22:26,347 INFO L93 Difference]: Finished difference Result 130 states and 144 transitions. [2019-10-06 23:22:26,347 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2019-10-06 23:22:26,347 INFO L78 Accepts]: Start accepts. Automaton has 37 states. Word has length 75 [2019-10-06 23:22:26,348 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:22:26,349 INFO L225 Difference]: With dead ends: 130 [2019-10-06 23:22:26,349 INFO L226 Difference]: Without dead ends: 83 [2019-10-06 23:22:26,349 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 263 GetRequests, 192 SyntacticMatches, 14 SemanticMatches, 57 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1240 ImplicationChecksByTransitivity, 2.7s TimeCoverageRelationStatistics Valid=479, Invalid=2943, Unknown=0, NotChecked=0, Total=3422 [2019-10-06 23:22:26,350 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2019-10-06 23:22:26,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2019-10-06 23:22:26,369 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 83 states. [2019-10-06 23:22:26,370 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 91 transitions. [2019-10-06 23:22:26,370 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 91 transitions. Word has length 75 [2019-10-06 23:22:26,370 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:22:26,370 INFO L462 AbstractCegarLoop]: Abstraction has 83 states and 91 transitions. [2019-10-06 23:22:26,370 INFO L463 AbstractCegarLoop]: Interpolant automaton has 37 states. [2019-10-06 23:22:26,371 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 91 transitions. [2019-10-06 23:22:26,371 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 83 [2019-10-06 23:22:26,371 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:22:26,372 INFO L385 BasicCegarLoop]: trace histogram [7, 7, 7, 7, 7, 7, 7, 7, 7, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:22:26,575 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:26,576 INFO L410 AbstractCegarLoop]: === Iteration 20 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:22:26,576 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:22:26,576 INFO L82 PathProgramCache]: Analyzing trace with hash -766237178, now seen corresponding path program 17 times [2019-10-06 23:22:26,576 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:22:26,577 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:26,577 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:26,577 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:22:26,577 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:22:26,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:22:27,539 WARN L191 SmtUtils]: Spent 104.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 37 [2019-10-06 23:22:27,677 WARN L191 SmtUtils]: Spent 114.00 ms on a formula simplification. DAG size of input: 53 DAG size of output: 41 [2019-10-06 23:22:27,839 WARN L191 SmtUtils]: Spent 111.00 ms on a formula simplification. DAG size of input: 56 DAG size of output: 43 [2019-10-06 23:22:27,986 WARN L191 SmtUtils]: Spent 119.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 45 [2019-10-06 23:22:28,190 WARN L191 SmtUtils]: Spent 175.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 52 [2019-10-06 23:22:28,401 WARN L191 SmtUtils]: Spent 181.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 54 [2019-10-06 23:22:28,614 WARN L191 SmtUtils]: Spent 179.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 57 [2019-10-06 23:22:28,887 WARN L191 SmtUtils]: Spent 232.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 56 [2019-10-06 23:22:29,204 WARN L191 SmtUtils]: Spent 273.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 59 [2019-10-06 23:22:29,499 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 62 [2019-10-06 23:22:29,786 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 56 [2019-10-06 23:22:30,020 WARN L191 SmtUtils]: Spent 207.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 53 [2019-10-06 23:22:30,331 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 62 [2019-10-06 23:22:30,672 WARN L191 SmtUtils]: Spent 296.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 60 [2019-10-06 23:22:31,021 WARN L191 SmtUtils]: Spent 290.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 62 [2019-10-06 23:22:31,338 WARN L191 SmtUtils]: Spent 256.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 60 [2019-10-06 23:22:31,685 WARN L191 SmtUtils]: Spent 281.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 62 [2019-10-06 23:22:32,050 WARN L191 SmtUtils]: Spent 305.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 62 [2019-10-06 23:22:32,359 WARN L191 SmtUtils]: Spent 250.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 57 [2019-10-06 23:22:32,595 WARN L191 SmtUtils]: Spent 200.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 54 [2019-10-06 23:22:32,875 WARN L191 SmtUtils]: Spent 228.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 62 [2019-10-06 23:22:33,227 WARN L191 SmtUtils]: Spent 286.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 60 [2019-10-06 23:22:33,599 WARN L191 SmtUtils]: Spent 306.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 64 [2019-10-06 23:22:33,944 WARN L191 SmtUtils]: Spent 275.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 62 [2019-10-06 23:22:34,302 WARN L191 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 62 [2019-10-06 23:22:34,657 WARN L191 SmtUtils]: Spent 290.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 65 [2019-10-06 23:22:35,017 WARN L191 SmtUtils]: Spent 281.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 59 [2019-10-06 23:22:35,308 WARN L191 SmtUtils]: Spent 244.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 55 [2019-10-06 23:22:35,627 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 68 [2019-10-06 23:22:35,934 WARN L191 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 86 DAG size of output: 69 [2019-10-06 23:22:36,275 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 62 [2019-10-06 23:22:36,626 WARN L191 SmtUtils]: Spent 266.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 60 [2019-10-06 23:22:36,995 WARN L191 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 61 [2019-10-06 23:22:37,379 WARN L191 SmtUtils]: Spent 286.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 63 [2019-10-06 23:22:37,727 WARN L191 SmtUtils]: Spent 255.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 58 [2019-10-06 23:22:38,010 WARN L191 SmtUtils]: Spent 237.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 55 [2019-10-06 23:22:38,343 WARN L191 SmtUtils]: Spent 265.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 62 [2019-10-06 23:22:38,689 WARN L191 SmtUtils]: Spent 276.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 62 [2019-10-06 23:22:38,973 WARN L191 SmtUtils]: Spent 205.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 60 [2019-10-06 23:22:39,377 WARN L191 SmtUtils]: Spent 318.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 69 [2019-10-06 23:22:39,726 WARN L191 SmtUtils]: Spent 258.00 ms on a formula simplification. DAG size of input: 85 DAG size of output: 61 [2019-10-06 23:22:40,071 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 62 [2019-10-06 23:22:40,417 WARN L191 SmtUtils]: Spent 260.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 58 [2019-10-06 23:22:40,857 WARN L191 SmtUtils]: Spent 268.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 65 [2019-10-06 23:22:41,170 WARN L191 SmtUtils]: Spent 205.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 64 [2019-10-06 23:22:41,493 WARN L191 SmtUtils]: Spent 210.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 65 [2019-10-06 23:22:41,866 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 66 [2019-10-06 23:22:42,176 WARN L191 SmtUtils]: Spent 192.00 ms on a formula simplification. DAG size of input: 87 DAG size of output: 64 [2019-10-06 23:22:42,552 WARN L191 SmtUtils]: Spent 276.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 68 [2019-10-06 23:22:42,874 WARN L191 SmtUtils]: Spent 211.00 ms on a formula simplification. DAG size of input: 71 DAG size of output: 60 [2019-10-06 23:22:43,195 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 58 [2019-10-06 23:22:43,475 WARN L191 SmtUtils]: Spent 169.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 58 [2019-10-06 23:22:43,752 WARN L191 SmtUtils]: Spent 172.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 62 [2019-10-06 23:22:44,036 WARN L191 SmtUtils]: Spent 170.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 59 [2019-10-06 23:22:44,316 WARN L191 SmtUtils]: Spent 163.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 61 [2019-10-06 23:22:44,615 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 63 [2019-10-06 23:22:44,866 WARN L191 SmtUtils]: Spent 138.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 59 [2019-10-06 23:22:45,038 WARN L191 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 70 DAG size of output: 57 [2019-10-06 23:22:45,263 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 58 [2019-10-06 23:22:45,485 WARN L191 SmtUtils]: Spent 122.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 53 [2019-10-06 23:22:46,493 INFO L134 CoverageAnalysis]: Checked inductivity of 252 backedges. 10 proven. 242 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:22:46,493 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:22:46,493 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:22:46,493 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 18 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 18 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:22:46,927 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 5 check-sat command(s) [2019-10-06 23:22:46,927 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:22:46,932 WARN L254 TraceCheckSpWp]: Trace formula consists of 406 conjuncts, 254 conjunts are in the unsatisfiable core [2019-10-06 23:22:46,936 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:23:06,615 WARN L191 SmtUtils]: Spent 118.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 32 [2019-10-06 23:23:07,418 INFO L134 CoverageAnalysis]: Checked inductivity of 252 backedges. 12 proven. 225 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-10-06 23:23:07,418 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:23:31,297 WARN L191 SmtUtils]: Spent 112.00 ms on a formula simplification that was a NOOP. DAG size: 134 [2019-10-06 23:23:32,429 WARN L191 SmtUtils]: Spent 121.00 ms on a formula simplification that was a NOOP. DAG size: 140 [2019-10-06 23:23:33,372 WARN L191 SmtUtils]: Spent 123.00 ms on a formula simplification that was a NOOP. DAG size: 143 [2019-10-06 23:23:37,519 WARN L191 SmtUtils]: Spent 262.00 ms on a formula simplification that was a NOOP. DAG size: 155 [2019-10-06 23:23:41,953 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification that was a NOOP. DAG size: 159 [2019-10-06 23:23:47,022 WARN L191 SmtUtils]: Spent 273.00 ms on a formula simplification that was a NOOP. DAG size: 161 [2019-10-06 23:23:52,763 WARN L191 SmtUtils]: Spent 283.00 ms on a formula simplification that was a NOOP. DAG size: 163 [2019-10-06 23:23:59,107 WARN L191 SmtUtils]: Spent 296.00 ms on a formula simplification that was a NOOP. DAG size: 165 [2019-10-06 23:24:30,799 INFO L134 CoverageAnalysis]: Checked inductivity of 252 backedges. 0 proven. 242 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-10-06 23:24:30,799 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:24:30,800 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:24:30,800 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:24:30,800 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:24:30,801 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:24:30,801 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:24:30,824 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:24:31,609 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:24:31,654 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:24:31,659 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:24:31,659 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:24:31,660 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,660 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,660 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:24:31,661 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,661 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= ~SIZE~0 2147483647) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,661 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,661 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,662 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:24:31,663 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,664 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,665 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,665 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,668 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,668 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,669 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:24:31,669 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:24:31,669 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,669 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,670 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:24:31,670 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:24:35,534 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:24:37,594 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:24:37,596 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:24:37,596 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [75, 69, 68, 11] total 214 [2019-10-06 23:24:37,597 INFO L442 AbstractCegarLoop]: Interpolant automaton has 214 states [2019-10-06 23:24:37,598 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 214 interpolants. [2019-10-06 23:24:37,599 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=2373, Invalid=43208, Unknown=1, NotChecked=0, Total=45582 [2019-10-06 23:24:37,599 INFO L87 Difference]: Start difference. First operand 83 states and 91 transitions. Second operand 214 states. [2019-10-06 23:24:41,692 WARN L191 SmtUtils]: Spent 313.00 ms on a formula simplification. DAG size of input: 334 DAG size of output: 30 [2019-10-06 23:24:43,765 WARN L191 SmtUtils]: Spent 504.00 ms on a formula simplification. DAG size of input: 246 DAG size of output: 130 [2019-10-06 23:24:47,185 WARN L191 SmtUtils]: Spent 107.00 ms on a formula simplification. DAG size of input: 67 DAG size of output: 59 [2019-10-06 23:24:48,337 WARN L191 SmtUtils]: Spent 130.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 64 [2019-10-06 23:24:49,588 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 68 [2019-10-06 23:24:51,054 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 101 DAG size of output: 90 [2019-10-06 23:24:53,072 WARN L191 SmtUtils]: Spent 298.00 ms on a formula simplification. DAG size of input: 153 DAG size of output: 70 [2019-10-06 23:24:54,207 WARN L191 SmtUtils]: Spent 270.00 ms on a formula simplification. DAG size of input: 162 DAG size of output: 72 [2019-10-06 23:24:55,335 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 161 DAG size of output: 77 [2019-10-06 23:24:56,518 WARN L191 SmtUtils]: Spent 262.00 ms on a formula simplification. DAG size of input: 166 DAG size of output: 79 [2019-10-06 23:24:57,856 WARN L191 SmtUtils]: Spent 339.00 ms on a formula simplification. DAG size of input: 175 DAG size of output: 99 [2019-10-06 23:24:59,378 WARN L191 SmtUtils]: Spent 349.00 ms on a formula simplification. DAG size of input: 213 DAG size of output: 96 [2019-10-06 23:25:02,365 WARN L191 SmtUtils]: Spent 1.15 s on a formula simplification. DAG size of input: 311 DAG size of output: 166 [2019-10-06 23:25:03,627 WARN L191 SmtUtils]: Spent 209.00 ms on a formula simplification. DAG size of input: 125 DAG size of output: 108 [2019-10-06 23:25:05,347 WARN L191 SmtUtils]: Spent 158.00 ms on a formula simplification. DAG size of input: 108 DAG size of output: 90 [2019-10-06 23:25:07,632 WARN L191 SmtUtils]: Spent 869.00 ms on a formula simplification. DAG size of input: 241 DAG size of output: 162 [2019-10-06 23:25:08,811 WARN L191 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 179 DAG size of output: 97 [2019-10-06 23:25:10,159 WARN L191 SmtUtils]: Spent 268.00 ms on a formula simplification. DAG size of input: 176 DAG size of output: 99 [2019-10-06 23:25:11,451 WARN L191 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 176 DAG size of output: 99 [2019-10-06 23:25:14,069 WARN L191 SmtUtils]: Spent 490.00 ms on a formula simplification. DAG size of input: 372 DAG size of output: 115 [2019-10-06 23:25:17,825 WARN L191 SmtUtils]: Spent 856.00 ms on a formula simplification. DAG size of input: 404 DAG size of output: 114 [2019-10-06 23:25:20,738 WARN L191 SmtUtils]: Spent 930.00 ms on a formula simplification. DAG size of input: 325 DAG size of output: 174 [2019-10-06 23:25:22,093 WARN L191 SmtUtils]: Spent 243.00 ms on a formula simplification. DAG size of input: 143 DAG size of output: 120 [2019-10-06 23:25:23,531 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 124 DAG size of output: 106 [2019-10-06 23:25:24,948 WARN L191 SmtUtils]: Spent 270.00 ms on a formula simplification. DAG size of input: 177 DAG size of output: 110 [2019-10-06 23:25:26,241 WARN L191 SmtUtils]: Spent 248.00 ms on a formula simplification. DAG size of input: 159 DAG size of output: 112 [2019-10-06 23:25:27,477 WARN L191 SmtUtils]: Spent 241.00 ms on a formula simplification. DAG size of input: 160 DAG size of output: 111 [2019-10-06 23:25:28,890 WARN L191 SmtUtils]: Spent 331.00 ms on a formula simplification. DAG size of input: 165 DAG size of output: 121 [2019-10-06 23:25:30,646 WARN L191 SmtUtils]: Spent 349.00 ms on a formula simplification. DAG size of input: 181 DAG size of output: 124 [2019-10-06 23:25:34,312 WARN L191 SmtUtils]: Spent 1.17 s on a formula simplification. DAG size of input: 337 DAG size of output: 195 [2019-10-06 23:25:35,961 WARN L191 SmtUtils]: Spent 319.00 ms on a formula simplification. DAG size of input: 158 DAG size of output: 133 [2019-10-06 23:25:37,076 WARN L191 SmtUtils]: Spent 186.00 ms on a formula simplification. DAG size of input: 135 DAG size of output: 121 [2019-10-06 23:25:39,123 WARN L191 SmtUtils]: Spent 286.00 ms on a formula simplification. DAG size of input: 184 DAG size of output: 120 [2019-10-06 23:25:40,766 WARN L191 SmtUtils]: Spent 292.00 ms on a formula simplification. DAG size of input: 190 DAG size of output: 125 [2019-10-06 23:25:42,315 WARN L191 SmtUtils]: Spent 314.00 ms on a formula simplification. DAG size of input: 186 DAG size of output: 131 [2019-10-06 23:25:44,572 WARN L191 SmtUtils]: Spent 403.00 ms on a formula simplification. DAG size of input: 188 DAG size of output: 140 [2019-10-06 23:25:48,795 WARN L191 SmtUtils]: Spent 937.00 ms on a formula simplification. DAG size of input: 445 DAG size of output: 135 [2019-10-06 23:25:52,209 WARN L191 SmtUtils]: Spent 1.12 s on a formula simplification. DAG size of input: 347 DAG size of output: 200 [2019-10-06 23:25:53,943 WARN L191 SmtUtils]: Spent 304.00 ms on a formula simplification. DAG size of input: 163 DAG size of output: 150 [2019-10-06 23:25:55,206 WARN L191 SmtUtils]: Spent 230.00 ms on a formula simplification. DAG size of input: 145 DAG size of output: 132 [2019-10-06 23:25:57,352 WARN L191 SmtUtils]: Spent 360.00 ms on a formula simplification. DAG size of input: 214 DAG size of output: 132 [2019-10-06 23:25:59,303 WARN L191 SmtUtils]: Spent 342.00 ms on a formula simplification. DAG size of input: 211 DAG size of output: 132 [2019-10-06 23:26:01,081 WARN L191 SmtUtils]: Spent 355.00 ms on a formula simplification. DAG size of input: 213 DAG size of output: 137 [2019-10-06 23:26:04,407 WARN L191 SmtUtils]: Spent 782.00 ms on a formula simplification. DAG size of input: 417 DAG size of output: 143 [2019-10-06 23:26:08,856 WARN L191 SmtUtils]: Spent 1.00 s on a formula simplification. DAG size of input: 460 DAG size of output: 147 [2019-10-06 23:26:12,516 WARN L191 SmtUtils]: Spent 1.23 s on a formula simplification. DAG size of input: 357 DAG size of output: 212 [2019-10-06 23:26:14,472 WARN L191 SmtUtils]: Spent 378.00 ms on a formula simplification. DAG size of input: 181 DAG size of output: 156 [2019-10-06 23:26:17,401 WARN L191 SmtUtils]: Spent 284.00 ms on a formula simplification. DAG size of input: 197 DAG size of output: 121 [2019-10-06 23:26:18,973 WARN L191 SmtUtils]: Spent 298.00 ms on a formula simplification. DAG size of input: 184 DAG size of output: 126 [2019-10-06 23:26:20,417 WARN L191 SmtUtils]: Spent 316.00 ms on a formula simplification. DAG size of input: 189 DAG size of output: 129 [2019-10-06 23:26:22,259 WARN L191 SmtUtils]: Spent 342.00 ms on a formula simplification. DAG size of input: 190 DAG size of output: 133 [2019-10-06 23:26:24,261 WARN L191 SmtUtils]: Spent 383.00 ms on a formula simplification. DAG size of input: 212 DAG size of output: 136 [2019-10-06 23:26:28,064 WARN L191 SmtUtils]: Spent 1.55 s on a formula simplification. DAG size of input: 351 DAG size of output: 202 [2019-10-06 23:26:29,783 WARN L191 SmtUtils]: Spent 292.00 ms on a formula simplification. DAG size of input: 166 DAG size of output: 143 [2019-10-06 23:26:32,219 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 190 DAG size of output: 108 [2019-10-06 23:26:33,790 WARN L191 SmtUtils]: Spent 316.00 ms on a formula simplification. DAG size of input: 188 DAG size of output: 112 [2019-10-06 23:26:35,303 WARN L191 SmtUtils]: Spent 341.00 ms on a formula simplification. DAG size of input: 184 DAG size of output: 111 [2019-10-06 23:26:36,858 WARN L191 SmtUtils]: Spent 374.00 ms on a formula simplification. DAG size of input: 188 DAG size of output: 124 [2019-10-06 23:26:38,663 WARN L191 SmtUtils]: Spent 426.00 ms on a formula simplification. DAG size of input: 220 DAG size of output: 129 [2019-10-06 23:26:41,235 WARN L191 SmtUtils]: Spent 523.00 ms on a formula simplification. DAG size of input: 335 DAG size of output: 130 [2019-10-06 23:26:42,896 WARN L191 SmtUtils]: Spent 242.00 ms on a formula simplification. DAG size of input: 149 DAG size of output: 131 [2019-10-06 23:26:43,905 WARN L191 SmtUtils]: Spent 186.00 ms on a formula simplification. DAG size of input: 110 DAG size of output: 93 [2019-10-06 23:26:45,782 WARN L191 SmtUtils]: Spent 284.00 ms on a formula simplification. DAG size of input: 185 DAG size of output: 99 [2019-10-06 23:26:47,151 WARN L191 SmtUtils]: Spent 272.00 ms on a formula simplification. DAG size of input: 174 DAG size of output: 96 [2019-10-06 23:26:48,378 WARN L191 SmtUtils]: Spent 237.00 ms on a formula simplification. DAG size of input: 166 DAG size of output: 87 [2019-10-06 23:26:49,690 WARN L191 SmtUtils]: Spent 305.00 ms on a formula simplification. DAG size of input: 169 DAG size of output: 102 [2019-10-06 23:26:51,250 WARN L191 SmtUtils]: Spent 338.00 ms on a formula simplification. DAG size of input: 201 DAG size of output: 101 [2019-10-06 23:26:53,742 WARN L191 SmtUtils]: Spent 605.00 ms on a formula simplification. DAG size of input: 326 DAG size of output: 101 [2019-10-06 23:26:54,767 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 77 [2019-10-06 23:26:55,933 WARN L191 SmtUtils]: Spent 133.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 59 [2019-10-06 23:26:59,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:26:59,305 INFO L93 Difference]: Finished difference Result 153 states and 175 transitions. [2019-10-06 23:26:59,305 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 88 states. [2019-10-06 23:26:59,306 INFO L78 Accepts]: Start accepts. Automaton has 214 states. Word has length 82 [2019-10-06 23:26:59,306 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:26:59,308 INFO L225 Difference]: With dead ends: 153 [2019-10-06 23:26:59,308 INFO L226 Difference]: Without dead ends: 148 [2019-10-06 23:26:59,311 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 402 GetRequests, 98 SyntacticMatches, 12 SemanticMatches, 292 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30846 ImplicationChecksByTransitivity, 224.2s TimeCoverageRelationStatistics Valid=5926, Invalid=80215, Unknown=1, NotChecked=0, Total=86142 [2019-10-06 23:26:59,311 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2019-10-06 23:26:59,359 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 133. [2019-10-06 23:26:59,359 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 133 states. [2019-10-06 23:26:59,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 133 states to 133 states and 148 transitions. [2019-10-06 23:26:59,360 INFO L78 Accepts]: Start accepts. Automaton has 133 states and 148 transitions. Word has length 82 [2019-10-06 23:26:59,360 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:26:59,360 INFO L462 AbstractCegarLoop]: Abstraction has 133 states and 148 transitions. [2019-10-06 23:26:59,360 INFO L463 AbstractCegarLoop]: Interpolant automaton has 214 states. [2019-10-06 23:26:59,360 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 148 transitions. [2019-10-06 23:26:59,361 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2019-10-06 23:26:59,361 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:26:59,361 INFO L385 BasicCegarLoop]: trace histogram [8, 7, 7, 7, 7, 7, 7, 7, 7, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:26:59,566 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 18 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:26:59,566 INFO L410 AbstractCegarLoop]: === Iteration 21 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:26:59,567 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:26:59,567 INFO L82 PathProgramCache]: Analyzing trace with hash -451706829, now seen corresponding path program 18 times [2019-10-06 23:26:59,567 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:26:59,567 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:26:59,568 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:26:59,568 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:26:59,568 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:26:59,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:26:59,734 INFO L134 CoverageAnalysis]: Checked inductivity of 260 backedges. 29 proven. 35 refuted. 0 times theorem prover too weak. 196 trivial. 0 not checked. [2019-10-06 23:26:59,735 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:26:59,735 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:26:59,735 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 19 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 19 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:27:00,177 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-10-06 23:27:00,177 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:27:00,178 INFO L256 TraceCheckSpWp]: Trace formula consists of 398 conjuncts, 18 conjunts are in the unsatisfiable core [2019-10-06 23:27:00,180 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:27:00,329 INFO L134 CoverageAnalysis]: Checked inductivity of 260 backedges. 36 proven. 28 refuted. 0 times theorem prover too weak. 196 trivial. 0 not checked. [2019-10-06 23:27:00,329 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:27:00,428 INFO L134 CoverageAnalysis]: Checked inductivity of 260 backedges. 36 proven. 28 refuted. 0 times theorem prover too weak. 196 trivial. 0 not checked. [2019-10-06 23:27:00,429 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:27:00,429 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:27:00,430 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:27:00,430 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:27:00,430 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:27:00,430 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:27:00,451 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:27:01,049 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:27:01,081 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:27:01,083 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:27:01,083 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:27:01,084 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,084 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,084 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:27:01,084 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,084 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,085 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (<= |#NULL.offset| 0) (= 0 (select |old(#valid)| 0)) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,086 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,087 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,087 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:01,668 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:27:02,114 WARN L191 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:27:02,115 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:27:02,115 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 18, 18, 11] total 39 [2019-10-06 23:27:02,116 INFO L442 AbstractCegarLoop]: Interpolant automaton has 39 states [2019-10-06 23:27:02,116 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2019-10-06 23:27:02,116 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=231, Invalid=1251, Unknown=0, NotChecked=0, Total=1482 [2019-10-06 23:27:02,116 INFO L87 Difference]: Start difference. First operand 133 states and 148 transitions. Second operand 39 states. [2019-10-06 23:27:05,051 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:27:05,051 INFO L93 Difference]: Finished difference Result 268 states and 305 transitions. [2019-10-06 23:27:05,052 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2019-10-06 23:27:05,052 INFO L78 Accepts]: Start accepts. Automaton has 39 states. Word has length 83 [2019-10-06 23:27:05,053 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:27:05,053 INFO L225 Difference]: With dead ends: 268 [2019-10-06 23:27:05,054 INFO L226 Difference]: Without dead ends: 142 [2019-10-06 23:27:05,054 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 296 GetRequests, 215 SyntacticMatches, 14 SemanticMatches, 67 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1614 ImplicationChecksByTransitivity, 2.9s TimeCoverageRelationStatistics Valid=699, Invalid=3993, Unknown=0, NotChecked=0, Total=4692 [2019-10-06 23:27:05,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 142 states. [2019-10-06 23:27:05,101 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 142 to 139. [2019-10-06 23:27:05,101 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 139 states. [2019-10-06 23:27:05,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 139 states to 139 states and 153 transitions. [2019-10-06 23:27:05,102 INFO L78 Accepts]: Start accepts. Automaton has 139 states and 153 transitions. Word has length 83 [2019-10-06 23:27:05,102 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:27:05,102 INFO L462 AbstractCegarLoop]: Abstraction has 139 states and 153 transitions. [2019-10-06 23:27:05,103 INFO L463 AbstractCegarLoop]: Interpolant automaton has 39 states. [2019-10-06 23:27:05,103 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 153 transitions. [2019-10-06 23:27:05,103 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2019-10-06 23:27:05,103 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:27:05,104 INFO L385 BasicCegarLoop]: trace histogram [8, 8, 7, 7, 7, 7, 7, 7, 7, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:27:05,308 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 19 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:27:05,308 INFO L410 AbstractCegarLoop]: === Iteration 22 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:27:05,309 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:27:05,309 INFO L82 PathProgramCache]: Analyzing trace with hash -183569776, now seen corresponding path program 19 times [2019-10-06 23:27:05,309 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:27:05,309 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:27:05,310 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:27:05,310 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:27:05,310 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:27:05,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:27:05,617 INFO L134 CoverageAnalysis]: Checked inductivity of 268 backedges. 21 proven. 43 refuted. 0 times theorem prover too weak. 204 trivial. 0 not checked. [2019-10-06 23:27:05,618 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:27:05,618 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:27:05,618 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 20 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 20 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:27:06,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:27:06,075 INFO L256 TraceCheckSpWp]: Trace formula consists of 415 conjuncts, 18 conjunts are in the unsatisfiable core [2019-10-06 23:27:06,078 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2019-10-06 23:27:06,203 INFO L134 CoverageAnalysis]: Checked inductivity of 268 backedges. 28 proven. 36 refuted. 0 times theorem prover too weak. 204 trivial. 0 not checked. [2019-10-06 23:27:06,204 INFO L322 TraceCheckSpWp]: Computing backward predicates... [2019-10-06 23:27:06,329 INFO L134 CoverageAnalysis]: Checked inductivity of 268 backedges. 28 proven. 36 refuted. 0 times theorem prover too weak. 204 trivial. 0 not checked. [2019-10-06 23:27:06,329 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2019-10-06 23:27:06,330 INFO L162 IcfgInterpreter]: Started Sifa with 20 locations of interest [2019-10-06 23:27:06,330 INFO L169 IcfgInterpreter]: Building call graph [2019-10-06 23:27:06,330 INFO L174 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2019-10-06 23:27:06,331 INFO L179 IcfgInterpreter]: Starting interpretation [2019-10-06 23:27:06,331 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2019-10-06 23:27:06,351 INFO L199 IcfgInterpreter]: Interpreting procedure main with input of size 32 for LOIs [2019-10-06 23:27:06,990 INFO L199 IcfgInterpreter]: Interpreting procedure __VERIFIER_assert with input of size 23 for LOIs [2019-10-06 23:27:07,012 INFO L199 IcfgInterpreter]: Interpreting procedure ULTIMATE.init with input of size 16 for LOIs [2019-10-06 23:27:07,015 INFO L183 IcfgInterpreter]: Interpretation finished [2019-10-06 23:27:07,015 INFO L191 IcfgInterpreter]: Final predicates for locations of interest are: [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L3-1 satisfy 400#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L25-3 satisfy 114#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initENTRY satisfy 409#(and (= |old(#NULL.base)| |#NULL.base|) (= |#valid| |old(#valid)|) (= ~MAX~0 |old(~MAX~0)|) (= |#NULL.offset| |old(#NULL.offset)|) (= |old(~SIZE~0)| ~SIZE~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L60-4 satisfy 385#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (not (< main_~i~0 ~SIZE~0)) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 1 main_~i~0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L14 satisfy 38#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (<= ~SIZE~0 2147483647) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L60-3 satisfy 380#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,015 INFO L193 IcfgInterpreter]: Reachable states at location L50-3 satisfy 304#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location L3 satisfy 395#(and (or (and (<= __VERIFIER_assert_~cond 0) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond)) (and (<= 1 __VERIFIER_assert_~cond) (<= 1 |__VERIFIER_assert_#in~cond|) (<= __VERIFIER_assert_~cond 1) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)))) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location L40-3 satisfy 228#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location L-1 satisfy 23#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= 0 (select |#valid| 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location L30-3 satisfy 152#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location mainENTRY satisfy 33#(and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 (select |old(#valid)| 0)) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= |#valid| |old(#valid)|) (<= |old(~SIZE~0)| 0) (<= 0 ~SIZE~0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= |old(#length)| |#length|) (<= ~SIZE~0 0) (= |old(~SIZE~0)| ~SIZE~0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.initEXIT satisfy 414#(and (<= ~MAX~0 100000) (= 0 |#NULL.base|) (<= |#NULL.base| 0) (= ~SIZE~0 0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#valid| (store |old(#valid)| 0 0)) (<= 0 ~SIZE~0) (= |#NULL.offset| 0) (<= ~SIZE~0 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location L20-3 satisfy 76#(and (or (and (<= ~MAX~0 100000) (= |old(~SIZE~0)| 0) (<= |main_#t~malloc2.offset| 0) (<= 0 main_~i~0) (= 0 |#NULL.base|) (<= 0 main_~sum~0) (< ~SIZE~0 ~MAX~0) (< 1 ~SIZE~0) (= 0 |main_#t~malloc2.offset|) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#valid| (store |old(#valid)| |main_#t~malloc2.base| 1)) (<= 0 |#NULL.offset|) (<= main_~sum~0 0) (= main_~sum~0 0) (= main_~a~0.offset |main_#t~malloc2.offset|) (<= ~SIZE~0 2147483647) (< |#StackHeapBarrier| |main_#t~malloc2.base|) (= (store |old(#length)| |main_#t~malloc2.base| (* 4 ~SIZE~0)) |#length|) (<= ~SIZE~0 100000) (not (= |main_#t~malloc2.base| 0)) (<= |#NULL.base| 0) (<= 0 (+ ~SIZE~0 2147483648)) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |main_#t~malloc2.offset|) (<= main_~i~0 0) (= 0 (select |old(#valid)| 0)) (<= |#NULL.offset| 0) (<= 0 |old(~SIZE~0)|) (= (select |old(#valid)| |main_#t~malloc2.base|) 0) (= |main_#t~malloc2.base| main_~a~0.base) (<= |old(~SIZE~0)| 0) (= |#memory_int| |old(#memory_int)|) (= |#NULL.offset| 0) (= main_~i~0 0)) (and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= 0 main_~sum~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= main_~sum~0 0) (= main_~sum~0 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0))) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location ULTIMATE.startENTRY satisfy 6#true [2019-10-06 23:27:07,016 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertENTRY satisfy 390#(and (or (and (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0)) (and (<= 1 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 1))) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= |#NULL.offset| 0) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= 100000 ~MAX~0)))) [2019-10-06 23:27:07,017 INFO L193 IcfgInterpreter]: Reachable states at location L55-3 satisfy 342#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,017 INFO L193 IcfgInterpreter]: Reachable states at location L45-3 satisfy 266#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,017 INFO L193 IcfgInterpreter]: Reachable states at location __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION satisfy 405#(and (<= __VERIFIER_assert_~cond 0) (or (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 1) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond)) (and (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= ~SIZE~0 100000) (= |__VERIFIER_assert_#in~cond| 0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= 0 |#NULL.base|) (= ~MAX~0 100000) (= 0 __VERIFIER_assert_~cond) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (= |#NULL.offset| 0) (= |__VERIFIER_assert_#in~cond| __VERIFIER_assert_~cond))) (<= 0 |__VERIFIER_assert_#in~cond|) (<= |__VERIFIER_assert_#in~cond| 0) (<= 0 __VERIFIER_assert_~cond) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,017 INFO L193 IcfgInterpreter]: Reachable states at location L35-3 satisfy 190#(and (= |old(~SIZE~0)| 0) (= |#NULL.base| 0) (<= ~MAX~0 100000) (<= |main_#t~malloc2.offset| 0) (<= ~SIZE~0 100000) (<= 0 main_~i~0) (<= |#NULL.base| 0) (<= 1 ~SIZE~0) (<= main_~a~0.offset 0) (<= 0 main_~a~0.offset) (<= 0 |#NULL.base|) (= |main_#t~malloc2.offset| 0) (= ~MAX~0 100000) (<= 0 |main_#t~malloc2.offset|) (<= 0 |old(~SIZE~0)|) (<= 0 |#NULL.offset|) (<= |#NULL.offset| 0) (<= |old(~SIZE~0)| 0) (= |#NULL.offset| 0) (<= 100000 ~MAX~0)) [2019-10-06 23:27:07,531 WARN L191 SmtUtils]: Spent 108.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 26 [2019-10-06 23:27:07,953 WARN L191 SmtUtils]: Spent 102.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 21 [2019-10-06 23:27:07,953 INFO L211 tionRefinementEngine]: Constructing automaton from 0 perfect and 4 imperfect interpolant sequences. [2019-10-06 23:27:07,954 INFO L224 tionRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 19, 19, 11] total 40 [2019-10-06 23:27:07,954 INFO L442 AbstractCegarLoop]: Interpolant automaton has 40 states [2019-10-06 23:27:07,955 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 40 interpolants. [2019-10-06 23:27:07,955 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=238, Invalid=1322, Unknown=0, NotChecked=0, Total=1560 [2019-10-06 23:27:07,955 INFO L87 Difference]: Start difference. First operand 139 states and 153 transitions. Second operand 40 states. [2019-10-06 23:27:11,200 WARN L191 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 35 DAG size of output: 34 [2019-10-06 23:27:11,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-10-06 23:27:11,297 INFO L93 Difference]: Finished difference Result 145 states and 159 transitions. [2019-10-06 23:27:11,300 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2019-10-06 23:27:11,300 INFO L78 Accepts]: Start accepts. Automaton has 40 states. Word has length 84 [2019-10-06 23:27:11,300 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-10-06 23:27:11,301 INFO L225 Difference]: With dead ends: 145 [2019-10-06 23:27:11,301 INFO L226 Difference]: Without dead ends: 92 [2019-10-06 23:27:11,301 INFO L606 BasicCegarLoop]: 0 DeclaredPredicates, 294 GetRequests, 216 SyntacticMatches, 16 SemanticMatches, 62 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1499 ImplicationChecksByTransitivity, 3.0s TimeCoverageRelationStatistics Valid=568, Invalid=3464, Unknown=0, NotChecked=0, Total=4032 [2019-10-06 23:27:11,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2019-10-06 23:27:11,331 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 92. [2019-10-06 23:27:11,331 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 92 states. [2019-10-06 23:27:11,332 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 100 transitions. [2019-10-06 23:27:11,332 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 100 transitions. Word has length 84 [2019-10-06 23:27:11,332 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-10-06 23:27:11,333 INFO L462 AbstractCegarLoop]: Abstraction has 92 states and 100 transitions. [2019-10-06 23:27:11,333 INFO L463 AbstractCegarLoop]: Interpolant automaton has 40 states. [2019-10-06 23:27:11,333 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 100 transitions. [2019-10-06 23:27:11,333 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2019-10-06 23:27:11,333 INFO L377 BasicCegarLoop]: Found error trace [2019-10-06 23:27:11,333 INFO L385 BasicCegarLoop]: trace histogram [8, 8, 8, 8, 8, 8, 8, 8, 8, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2019-10-06 23:27:11,534 WARN L499 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 20 z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:27:11,534 INFO L410 AbstractCegarLoop]: === Iteration 23 === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2019-10-06 23:27:11,535 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-10-06 23:27:11,535 INFO L82 PathProgramCache]: Analyzing trace with hash -1711086104, now seen corresponding path program 20 times [2019-10-06 23:27:11,535 INFO L150 tionRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2019-10-06 23:27:11,535 INFO L231 tionRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:27:11,536 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:27:11,536 INFO L117 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-10-06 23:27:11,536 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-10-06 23:27:11,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-10-06 23:27:12,537 WARN L191 SmtUtils]: Spent 123.00 ms on a formula simplification. DAG size of input: 66 DAG size of output: 36 [2019-10-06 23:27:12,741 WARN L191 SmtUtils]: Spent 165.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 40 [2019-10-06 23:27:12,897 WARN L191 SmtUtils]: Spent 125.00 ms on a formula simplification. DAG size of input: 60 DAG size of output: 45 [2019-10-06 23:27:13,061 WARN L191 SmtUtils]: Spent 138.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 47 [2019-10-06 23:27:13,310 WARN L191 SmtUtils]: Spent 202.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 49 [2019-10-06 23:27:13,669 WARN L191 SmtUtils]: Spent 308.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 54 [2019-10-06 23:27:13,929 WARN L191 SmtUtils]: Spent 211.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 58 [2019-10-06 23:27:14,229 WARN L191 SmtUtils]: Spent 252.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 60 [2019-10-06 23:27:14,463 WARN L191 SmtUtils]: Spent 190.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 60 [2019-10-06 23:27:14,707 WARN L191 SmtUtils]: Spent 197.00 ms on a formula simplification. DAG size of input: 75 DAG size of output: 60 [2019-10-06 23:27:14,944 WARN L191 SmtUtils]: Spent 188.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 63 [2019-10-06 23:27:15,191 WARN L191 SmtUtils]: Spent 197.00 ms on a formula simplification. DAG size of input: 77 DAG size of output: 67 [2019-10-06 23:27:15,429 WARN L191 SmtUtils]: Spent 183.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 62 [2019-10-06 23:27:15,623 WARN L191 SmtUtils]: Spent 162.00 ms on a formula simplification. DAG size of input: 72 DAG size of output: 58 [2019-10-06 23:27:15,949 WARN L191 SmtUtils]: Spent 285.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 73 [2019-10-06 23:27:16,217 WARN L191 SmtUtils]: Spent 223.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 61 [2019-10-06 23:27:16,504 WARN L191 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 64 [2019-10-06 23:27:16,795 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 66 [2019-10-06 23:27:17,101 WARN L191 SmtUtils]: Spent 246.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 67 [2019-10-06 23:27:17,421 WARN L191 SmtUtils]: Spent 250.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 68 [2019-10-06 23:27:17,748 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 71 [2019-10-06 23:27:18,068 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 66 [2019-10-06 23:27:18,307 WARN L191 SmtUtils]: Spent 178.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 60 [2019-10-06 23:27:18,595 WARN L191 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 61 [2019-10-06 23:27:18,883 WARN L191 SmtUtils]: Spent 236.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 63 [2019-10-06 23:27:19,190 WARN L191 SmtUtils]: Spent 244.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 65 [2019-10-06 23:27:19,511 WARN L191 SmtUtils]: Spent 256.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 63 [2019-10-06 23:27:19,835 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 66 [2019-10-06 23:27:20,159 WARN L191 SmtUtils]: Spent 243.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 67 [2019-10-06 23:27:20,504 WARN L191 SmtUtils]: Spent 264.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 71 [2019-10-06 23:27:20,826 WARN L191 SmtUtils]: Spent 246.00 ms on a formula simplification. DAG size of input: 82 DAG size of output: 66 [2019-10-06 23:27:21,056 WARN L191 SmtUtils]: Spent 185.00 ms on a formula simplification. DAG size of input: 78 DAG size of output: 60 [2019-10-06 23:27:21,461 WARN L191 SmtUtils]: Spent 345.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 82 [2019-10-06 23:27:21,844 WARN L191 SmtUtils]: Spent 318.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 72 [2019-10-06 23:27:22,245 WARN L191 SmtUtils]: Spent 332.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 72 [2019-10-06 23:27:22,605 WARN L191 SmtUtils]: Spent 286.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 71 [2019-10-06 23:27:22,962 WARN L191 SmtUtils]: Spent 276.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 67 [2019-10-06 23:27:23,337 WARN L191 SmtUtils]: Spent 275.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 74 [2019-10-06 23:27:23,675 WARN L191 SmtUtils]: Spent 253.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 70 [2019-10-06 23:27:24,001 WARN L191 SmtUtils]: Spent 238.00 ms on a formula simplification. DAG size of input: 81 DAG size of output: 64 [2019-10-06 23:27:24,254 WARN L191 SmtUtils]: Spent 199.00 ms on a formula simplification. DAG size of input: 79 DAG size of output: 60 [2019-10-06 23:27:24,687 WARN L191 SmtUtils]: Spent 362.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 83 [2019-10-06 23:27:25,115 WARN L191 SmtUtils]: Spent 355.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 80 [2019-10-06 23:27:25,560 WARN L191 SmtUtils]: Spent 353.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 85 [2019-10-06 23:27:25,936 WARN L191 SmtUtils]: Spent 281.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 74 [2019-10-06 23:27:26,332 WARN L191 SmtUtils]: Spent 298.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 69 [2019-10-06 23:27:26,721 WARN L191 SmtUtils]: Spent 284.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 72 [2019-10-06 23:27:27,102 WARN L191 SmtUtils]: Spent 275.00 ms on a formula simplification. DAG size of input: 92 DAG size of output: 72 [2019-10-06 23:27:27,458 WARN L191 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 84 DAG size of output: 66 [2019-10-06 23:27:27,911 WARN L191 SmtUtils]: Spent 309.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 75 [2019-10-06 23:27:28,306 WARN L191 SmtUtils]: Spent 301.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 75 [2019-10-06 23:27:28,701 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 96 DAG size of output: 75 [2019-10-06 23:27:29,111 WARN L191 SmtUtils]: Spent 288.00 ms on a formula simplification. DAG size of input: 96 DAG size of output: 79 [2019-10-06 23:27:29,462 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 95 DAG size of output: 67 [2019-10-06 23:27:29,797 WARN L191 SmtUtils]: Spent 221.00 ms on a formula simplification. DAG size of input: 94 DAG size of output: 70 [2019-10-06 23:27:30,172 WARN L191 SmtUtils]: Spent 263.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 76 [2019-10-06 23:27:30,685 WARN L191 SmtUtils]: Spent 298.00 ms on a formula simplification. DAG size of input: 91 DAG size of output: 78 [2019-10-06 23:27:31,039 WARN L191 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 93 DAG size of output: 73 [2019-10-06 23:27:31,358 WARN L191 SmtUtils]: Spent 195.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 63 [2019-10-06 23:27:31,681 WARN L191 SmtUtils]: Spent 196.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 63 [2019-10-06 23:27:32,004 WARN L191 SmtUtils]: Spent 200.00 ms on a formula simplification. DAG size of input: 89 DAG size of output: 64 [2019-10-06 23:27:32,335 WARN L191 SmtUtils]: Spent 201.00 ms on a formula simplification. DAG size of input: 90 DAG size of output: 67 [2019-10-06 23:27:32,652 WARN L191 SmtUtils]: Spent 201.00 ms on a formula simplification. DAG size of input: 83 DAG size of output: 69 [2019-10-06 23:27:32,955 WARN L191 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 76 DAG size of output: 65 [2019-10-06 23:27:33,203 WARN L191 SmtUtils]: Spent 129.00 ms on a formula simplification. DAG size of input: 73 DAG size of output: 54 [2019-10-06 23:27:33,409 WARN L191 SmtUtils]: Spent 117.00 ms on a formula simplification. DAG size of input: 68 DAG size of output: 50 [2019-10-06 23:27:33,613 WARN L191 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 63 DAG size of output: 46 [2019-10-06 23:27:34,592 INFO L134 CoverageAnalysis]: Checked inductivity of 324 backedges. 15 proven. 309 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-10-06 23:27:34,592 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2019-10-06 23:27:34,593 INFO L286 tionRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019-10-06 23:27:34,593 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 21 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 21 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2019-10-06 23:27:35,104 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 5 check-sat command(s) [2019-10-06 23:27:35,104 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-10-06 23:27:35,110 WARN L254 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 295 conjunts are in the unsatisfiable core [2019-10-06 23:27:35,113 INFO L279 TraceCheckSpWp]: Computing forward predicates...