./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/list-properties/list-1.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 8bd4bc60 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx12G -Xms1G -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/list-properties/list-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 283704c20cde057c38dc133107a27c4d033fb1ba ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................. Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx12G -Xms1G -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/list-properties/list-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 283704c20cde057c38dc133107a27c4d033fb1ba ............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................ Execution finished normally Writing output log to file Ultimate.log Result: UNKNOWN: Overapproximated counterexample --- Real Ultimate output --- This is Ultimate 0.1.25-8bd4bc6 [2020-07-29 01:09:51,784 INFO L177 SettingsManager]: Resetting all preferences to default values... [2020-07-29 01:09:51,787 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2020-07-29 01:09:51,807 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2020-07-29 01:09:51,807 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2020-07-29 01:09:51,809 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2020-07-29 01:09:51,812 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2020-07-29 01:09:51,822 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2020-07-29 01:09:51,828 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2020-07-29 01:09:51,832 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2020-07-29 01:09:51,834 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2020-07-29 01:09:51,836 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2020-07-29 01:09:51,836 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2020-07-29 01:09:51,839 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2020-07-29 01:09:51,841 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2020-07-29 01:09:51,842 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2020-07-29 01:09:51,844 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2020-07-29 01:09:51,845 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2020-07-29 01:09:51,849 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2020-07-29 01:09:51,853 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2020-07-29 01:09:51,859 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2020-07-29 01:09:51,864 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2020-07-29 01:09:51,867 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2020-07-29 01:09:51,868 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2020-07-29 01:09:51,871 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2020-07-29 01:09:51,871 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2020-07-29 01:09:51,872 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2020-07-29 01:09:51,874 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2020-07-29 01:09:51,874 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2020-07-29 01:09:51,875 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2020-07-29 01:09:51,876 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2020-07-29 01:09:51,877 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2020-07-29 01:09:51,878 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2020-07-29 01:09:51,879 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2020-07-29 01:09:51,881 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2020-07-29 01:09:51,882 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2020-07-29 01:09:51,883 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2020-07-29 01:09:51,883 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2020-07-29 01:09:51,884 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2020-07-29 01:09:51,885 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2020-07-29 01:09:51,886 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2020-07-29 01:09:51,887 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2020-07-29 01:09:51,924 INFO L113 SettingsManager]: Loading preferences was successful [2020-07-29 01:09:51,927 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2020-07-29 01:09:51,929 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2020-07-29 01:09:51,929 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2020-07-29 01:09:51,930 INFO L138 SettingsManager]: * Use SBE=true [2020-07-29 01:09:51,930 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2020-07-29 01:09:51,930 INFO L138 SettingsManager]: * sizeof long=4 [2020-07-29 01:09:51,931 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2020-07-29 01:09:51,931 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2020-07-29 01:09:51,931 INFO L138 SettingsManager]: * sizeof POINTER=4 [2020-07-29 01:09:51,931 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2020-07-29 01:09:51,932 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2020-07-29 01:09:51,932 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2020-07-29 01:09:51,932 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2020-07-29 01:09:51,933 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2020-07-29 01:09:51,933 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2020-07-29 01:09:51,933 INFO L138 SettingsManager]: * sizeof long double=12 [2020-07-29 01:09:51,933 INFO L138 SettingsManager]: * Use constant arrays=true [2020-07-29 01:09:51,934 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2020-07-29 01:09:51,934 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2020-07-29 01:09:51,934 INFO L138 SettingsManager]: * To the following directory=./dump/ [2020-07-29 01:09:51,934 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2020-07-29 01:09:51,935 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:09:51,935 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2020-07-29 01:09:51,935 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2020-07-29 01:09:51,936 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2020-07-29 01:09:51,936 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2020-07-29 01:09:51,936 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2020-07-29 01:09:51,936 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 283704c20cde057c38dc133107a27c4d033fb1ba [2020-07-29 01:09:52,310 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2020-07-29 01:09:52,325 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2020-07-29 01:09:52,329 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2020-07-29 01:09:52,331 INFO L271 PluginConnector]: Initializing CDTParser... [2020-07-29 01:09:52,334 INFO L275 PluginConnector]: CDTParser initialized [2020-07-29 01:09:52,336 INFO L429 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/list-properties/list-1.i [2020-07-29 01:09:52,424 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/137698901/7df75d1edc844c26b3252d0f2165e304/FLAG9c16c7b03 [2020-07-29 01:09:52,981 INFO L306 CDTParser]: Found 1 translation units. [2020-07-29 01:09:52,982 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/list-properties/list-1.i [2020-07-29 01:09:53,013 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/137698901/7df75d1edc844c26b3252d0f2165e304/FLAG9c16c7b03 [2020-07-29 01:09:53,293 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/137698901/7df75d1edc844c26b3252d0f2165e304 [2020-07-29 01:09:53,297 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2020-07-29 01:09:53,302 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2020-07-29 01:09:53,305 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2020-07-29 01:09:53,306 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2020-07-29 01:09:53,310 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2020-07-29 01:09:53,313 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:53,317 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6fdac70f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53, skipping insertion in model container [2020-07-29 01:09:53,317 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:53,327 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2020-07-29 01:09:53,390 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:09:53,861 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:09:53,873 INFO L203 MainTranslator]: Completed pre-run [2020-07-29 01:09:53,916 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:09:53,980 INFO L208 MainTranslator]: Completed translation [2020-07-29 01:09:53,981 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53 WrapperNode [2020-07-29 01:09:53,981 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2020-07-29 01:09:53,982 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2020-07-29 01:09:53,982 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2020-07-29 01:09:53,983 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2020-07-29 01:09:53,996 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:53,997 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,014 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,014 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,046 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,054 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,057 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... [2020-07-29 01:09:54,065 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2020-07-29 01:09:54,066 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2020-07-29 01:09:54,066 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2020-07-29 01:09:54,066 INFO L275 PluginConnector]: RCFGBuilder initialized [2020-07-29 01:09:54,068 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:09:54,133 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2020-07-29 01:09:54,133 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2020-07-29 01:09:54,134 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_32 [2020-07-29 01:09:54,134 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_64 [2020-07-29 01:09:54,134 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint16_identity [2020-07-29 01:09:54,134 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint32_identity [2020-07-29 01:09:54,135 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint64_identity [2020-07-29 01:09:54,135 INFO L138 BoogieDeclarations]: Found implementation of procedure myexit [2020-07-29 01:09:54,135 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2020-07-29 01:09:54,135 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2020-07-29 01:09:54,136 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2020-07-29 01:09:54,136 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2020-07-29 01:09:54,136 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2020-07-29 01:09:54,136 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2020-07-29 01:09:54,137 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2020-07-29 01:09:54,137 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2020-07-29 01:09:54,137 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2020-07-29 01:09:54,137 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2020-07-29 01:09:54,138 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2020-07-29 01:09:54,138 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2020-07-29 01:09:54,138 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2020-07-29 01:09:54,138 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2020-07-29 01:09:54,139 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2020-07-29 01:09:54,139 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2020-07-29 01:09:54,139 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2020-07-29 01:09:54,139 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2020-07-29 01:09:54,140 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2020-07-29 01:09:54,140 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_32 [2020-07-29 01:09:54,140 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_64 [2020-07-29 01:09:54,140 INFO L130 BoogieDeclarations]: Found specification of procedure __uint16_identity [2020-07-29 01:09:54,140 INFO L130 BoogieDeclarations]: Found specification of procedure __uint32_identity [2020-07-29 01:09:54,141 INFO L130 BoogieDeclarations]: Found specification of procedure __uint64_identity [2020-07-29 01:09:54,141 INFO L130 BoogieDeclarations]: Found specification of procedure select [2020-07-29 01:09:54,141 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2020-07-29 01:09:54,141 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2020-07-29 01:09:54,141 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2020-07-29 01:09:54,142 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2020-07-29 01:09:54,142 INFO L130 BoogieDeclarations]: Found specification of procedure random [2020-07-29 01:09:54,142 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2020-07-29 01:09:54,142 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2020-07-29 01:09:54,143 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2020-07-29 01:09:54,143 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2020-07-29 01:09:54,143 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2020-07-29 01:09:54,143 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2020-07-29 01:09:54,143 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2020-07-29 01:09:54,144 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2020-07-29 01:09:54,144 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2020-07-29 01:09:54,144 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2020-07-29 01:09:54,144 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2020-07-29 01:09:54,144 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2020-07-29 01:09:54,145 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2020-07-29 01:09:54,145 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2020-07-29 01:09:54,145 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2020-07-29 01:09:54,145 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2020-07-29 01:09:54,146 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2020-07-29 01:09:54,146 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2020-07-29 01:09:54,146 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2020-07-29 01:09:54,146 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2020-07-29 01:09:54,146 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2020-07-29 01:09:54,147 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2020-07-29 01:09:54,147 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2020-07-29 01:09:54,147 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2020-07-29 01:09:54,147 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2020-07-29 01:09:54,147 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2020-07-29 01:09:54,148 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2020-07-29 01:09:54,148 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2020-07-29 01:09:54,148 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2020-07-29 01:09:54,148 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2020-07-29 01:09:54,148 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2020-07-29 01:09:54,149 INFO L130 BoogieDeclarations]: Found specification of procedure free [2020-07-29 01:09:54,149 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2020-07-29 01:09:54,149 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2020-07-29 01:09:54,149 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2020-07-29 01:09:54,150 INFO L130 BoogieDeclarations]: Found specification of procedure aligned_alloc [2020-07-29 01:09:54,150 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2020-07-29 01:09:54,150 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2020-07-29 01:09:54,150 INFO L130 BoogieDeclarations]: Found specification of procedure at_quick_exit [2020-07-29 01:09:54,150 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2020-07-29 01:09:54,151 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2020-07-29 01:09:54,151 INFO L130 BoogieDeclarations]: Found specification of procedure quick_exit [2020-07-29 01:09:54,151 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2020-07-29 01:09:54,151 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2020-07-29 01:09:54,152 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2020-07-29 01:09:54,152 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2020-07-29 01:09:54,152 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2020-07-29 01:09:54,152 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2020-07-29 01:09:54,152 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2020-07-29 01:09:54,153 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2020-07-29 01:09:54,153 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2020-07-29 01:09:54,153 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2020-07-29 01:09:54,153 INFO L130 BoogieDeclarations]: Found specification of procedure system [2020-07-29 01:09:54,153 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2020-07-29 01:09:54,154 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2020-07-29 01:09:54,154 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2020-07-29 01:09:54,154 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2020-07-29 01:09:54,154 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2020-07-29 01:09:54,154 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2020-07-29 01:09:54,155 INFO L130 BoogieDeclarations]: Found specification of procedure div [2020-07-29 01:09:54,155 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2020-07-29 01:09:54,155 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2020-07-29 01:09:54,155 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2020-07-29 01:09:54,155 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2020-07-29 01:09:54,156 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2020-07-29 01:09:54,156 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2020-07-29 01:09:54,156 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2020-07-29 01:09:54,156 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2020-07-29 01:09:54,156 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2020-07-29 01:09:54,157 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2020-07-29 01:09:54,157 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2020-07-29 01:09:54,157 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2020-07-29 01:09:54,157 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2020-07-29 01:09:54,157 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2020-07-29 01:09:54,158 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2020-07-29 01:09:54,158 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2020-07-29 01:09:54,158 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2020-07-29 01:09:54,158 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2020-07-29 01:09:54,158 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2020-07-29 01:09:54,159 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2020-07-29 01:09:54,159 INFO L130 BoogieDeclarations]: Found specification of procedure myexit [2020-07-29 01:09:54,159 INFO L130 BoogieDeclarations]: Found specification of procedure main [2020-07-29 01:09:54,159 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2020-07-29 01:09:54,159 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2020-07-29 01:09:54,160 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2020-07-29 01:09:54,160 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2020-07-29 01:09:54,160 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2020-07-29 01:09:54,160 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2020-07-29 01:09:54,160 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2020-07-29 01:09:54,161 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2020-07-29 01:09:54,511 INFO L728 $ProcedureCfgBuilder]: dead code at ProgramPoint myexitFINAL: assume true; [2020-07-29 01:09:54,972 INFO L290 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2020-07-29 01:09:54,973 INFO L295 CfgBuilder]: Removed 4 assume(true) statements. [2020-07-29 01:09:54,981 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:09:54 BoogieIcfgContainer [2020-07-29 01:09:54,985 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2020-07-29 01:09:54,987 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2020-07-29 01:09:54,987 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2020-07-29 01:09:54,991 INFO L275 PluginConnector]: TraceAbstraction initialized [2020-07-29 01:09:54,991 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 29.07 01:09:53" (1/3) ... [2020-07-29 01:09:54,992 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@50c791c2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:09:54, skipping insertion in model container [2020-07-29 01:09:54,992 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:09:53" (2/3) ... [2020-07-29 01:09:54,994 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@50c791c2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:09:54, skipping insertion in model container [2020-07-29 01:09:54,995 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:09:54" (3/3) ... [2020-07-29 01:09:54,997 INFO L109 eAbstractionObserver]: Analyzing ICFG list-1.i [2020-07-29 01:09:55,009 INFO L157 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2020-07-29 01:09:55,021 INFO L169 ceAbstractionStarter]: Appying trace abstraction to program that has 26 error locations. [2020-07-29 01:09:55,041 INFO L251 AbstractCegarLoop]: Starting to check reachability of 26 error locations. [2020-07-29 01:09:55,065 INFO L375 AbstractCegarLoop]: Interprodecural is true [2020-07-29 01:09:55,066 INFO L376 AbstractCegarLoop]: Hoare is false [2020-07-29 01:09:55,066 INFO L377 AbstractCegarLoop]: Compute interpolants for FPandBP [2020-07-29 01:09:55,066 INFO L378 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2020-07-29 01:09:55,067 INFO L379 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2020-07-29 01:09:55,067 INFO L380 AbstractCegarLoop]: Difference is false [2020-07-29 01:09:55,067 INFO L381 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2020-07-29 01:09:55,067 INFO L385 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2020-07-29 01:09:55,086 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states. [2020-07-29 01:09:55,097 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2020-07-29 01:09:55,098 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:09:55,099 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:09:55,100 INFO L427 AbstractCegarLoop]: === Iteration 1 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:09:55,107 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:09:55,108 INFO L82 PathProgramCache]: Analyzing trace with hash -516857152, now seen corresponding path program 1 times [2020-07-29 01:09:55,120 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:09:55,120 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [248544863] [2020-07-29 01:09:55,121 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:09:55,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:55,314 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:09:55,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:55,333 INFO L280 TraceCheckUtils]: 0: Hoare triple {81#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {76#true} is VALID [2020-07-29 01:09:55,334 INFO L280 TraceCheckUtils]: 1: Hoare triple {76#true} assume true; {76#true} is VALID [2020-07-29 01:09:55,335 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {76#true} {76#true} #153#return; {76#true} is VALID [2020-07-29 01:09:55,338 INFO L263 TraceCheckUtils]: 0: Hoare triple {76#true} call ULTIMATE.init(); {81#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:09:55,339 INFO L280 TraceCheckUtils]: 1: Hoare triple {81#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {76#true} is VALID [2020-07-29 01:09:55,339 INFO L280 TraceCheckUtils]: 2: Hoare triple {76#true} assume true; {76#true} is VALID [2020-07-29 01:09:55,339 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {76#true} {76#true} #153#return; {76#true} is VALID [2020-07-29 01:09:55,340 INFO L263 TraceCheckUtils]: 4: Hoare triple {76#true} call #t~ret14 := main(); {76#true} is VALID [2020-07-29 01:09:55,340 INFO L280 TraceCheckUtils]: 5: Hoare triple {76#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {76#true} is VALID [2020-07-29 01:09:55,341 INFO L280 TraceCheckUtils]: 6: Hoare triple {76#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {76#true} is VALID [2020-07-29 01:09:55,341 INFO L280 TraceCheckUtils]: 7: Hoare triple {76#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {76#true} is VALID [2020-07-29 01:09:55,342 INFO L280 TraceCheckUtils]: 8: Hoare triple {76#true} assume !true; {77#false} is VALID [2020-07-29 01:09:55,343 INFO L280 TraceCheckUtils]: 9: Hoare triple {77#false} assume !true; {77#false} is VALID [2020-07-29 01:09:55,343 INFO L280 TraceCheckUtils]: 10: Hoare triple {77#false} assume !(1 == #valid[~p~0.base]); {77#false} is VALID [2020-07-29 01:09:55,345 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:09:55,345 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [248544863] [2020-07-29 01:09:55,346 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:09:55,347 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2020-07-29 01:09:55,348 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2093575942] [2020-07-29 01:09:55,354 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 11 [2020-07-29 01:09:55,357 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:09:55,361 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2020-07-29 01:09:55,383 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:55,384 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2020-07-29 01:09:55,384 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:09:55,394 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2020-07-29 01:09:55,395 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2020-07-29 01:09:55,398 INFO L87 Difference]: Start difference. First operand 73 states. Second operand 3 states. [2020-07-29 01:09:55,708 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:55,709 INFO L93 Difference]: Finished difference Result 73 states and 79 transitions. [2020-07-29 01:09:55,709 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2020-07-29 01:09:55,709 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 11 [2020-07-29 01:09:55,710 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:09:55,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2020-07-29 01:09:55,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 84 transitions. [2020-07-29 01:09:55,727 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2020-07-29 01:09:55,730 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 84 transitions. [2020-07-29 01:09:55,731 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 84 transitions. [2020-07-29 01:09:55,848 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 84 edges. 84 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:55,864 INFO L225 Difference]: With dead ends: 73 [2020-07-29 01:09:55,865 INFO L226 Difference]: Without dead ends: 65 [2020-07-29 01:09:55,867 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2020-07-29 01:09:55,891 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2020-07-29 01:09:55,914 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2020-07-29 01:09:55,915 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:09:55,917 INFO L82 GeneralOperation]: Start isEquivalent. First operand 65 states. Second operand 65 states. [2020-07-29 01:09:55,917 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 65 states. [2020-07-29 01:09:55,918 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 65 states. [2020-07-29 01:09:55,936 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:55,937 INFO L93 Difference]: Finished difference Result 65 states and 68 transitions. [2020-07-29 01:09:55,937 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 68 transitions. [2020-07-29 01:09:55,940 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:55,941 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:55,941 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 65 states. [2020-07-29 01:09:55,941 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 65 states. [2020-07-29 01:09:55,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:55,951 INFO L93 Difference]: Finished difference Result 65 states and 68 transitions. [2020-07-29 01:09:55,951 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 68 transitions. [2020-07-29 01:09:55,953 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:55,953 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:55,954 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:09:55,954 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:09:55,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2020-07-29 01:09:55,971 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 68 transitions. [2020-07-29 01:09:55,973 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 68 transitions. Word has length 11 [2020-07-29 01:09:55,974 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:09:55,974 INFO L479 AbstractCegarLoop]: Abstraction has 65 states and 68 transitions. [2020-07-29 01:09:55,975 INFO L480 AbstractCegarLoop]: Interpolant automaton has 3 states. [2020-07-29 01:09:55,975 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 68 transitions. [2020-07-29 01:09:55,976 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2020-07-29 01:09:55,977 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:09:55,977 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:09:55,978 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2020-07-29 01:09:55,979 INFO L427 AbstractCegarLoop]: === Iteration 2 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:09:55,979 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:09:55,980 INFO L82 PathProgramCache]: Analyzing trace with hash -516882778, now seen corresponding path program 1 times [2020-07-29 01:09:55,980 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:09:55,980 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [652317454] [2020-07-29 01:09:55,981 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:09:56,029 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:56,137 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:09:56,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:56,146 INFO L280 TraceCheckUtils]: 0: Hoare triple {359#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {352#true} is VALID [2020-07-29 01:09:56,147 INFO L280 TraceCheckUtils]: 1: Hoare triple {352#true} assume true; {352#true} is VALID [2020-07-29 01:09:56,147 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {352#true} {352#true} #153#return; {352#true} is VALID [2020-07-29 01:09:56,148 INFO L263 TraceCheckUtils]: 0: Hoare triple {352#true} call ULTIMATE.init(); {359#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:09:56,149 INFO L280 TraceCheckUtils]: 1: Hoare triple {359#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {352#true} is VALID [2020-07-29 01:09:56,149 INFO L280 TraceCheckUtils]: 2: Hoare triple {352#true} assume true; {352#true} is VALID [2020-07-29 01:09:56,150 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {352#true} {352#true} #153#return; {352#true} is VALID [2020-07-29 01:09:56,150 INFO L263 TraceCheckUtils]: 4: Hoare triple {352#true} call #t~ret14 := main(); {352#true} is VALID [2020-07-29 01:09:56,151 INFO L280 TraceCheckUtils]: 5: Hoare triple {352#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {357#(= 1 (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:09:56,153 INFO L280 TraceCheckUtils]: 6: Hoare triple {357#(= 1 (select |#valid| main_~a~0.base))} assume !(~a~0.base == 0 && ~a~0.offset == 0); {357#(= 1 (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:09:56,154 INFO L280 TraceCheckUtils]: 7: Hoare triple {357#(= 1 (select |#valid| main_~a~0.base))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {358#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:56,155 INFO L280 TraceCheckUtils]: 8: Hoare triple {358#(= 1 (select |#valid| main_~p~0.base))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {358#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:56,157 INFO L280 TraceCheckUtils]: 9: Hoare triple {358#(= 1 (select |#valid| main_~p~0.base))} assume !!(0 != #t~nondet3);havoc #t~nondet3; {358#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:56,158 INFO L280 TraceCheckUtils]: 10: Hoare triple {358#(= 1 (select |#valid| main_~p~0.base))} assume !(1 == #valid[~p~0.base]); {353#false} is VALID [2020-07-29 01:09:56,159 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:09:56,160 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [652317454] [2020-07-29 01:09:56,160 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:09:56,160 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2020-07-29 01:09:56,160 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [838228412] [2020-07-29 01:09:56,162 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 11 [2020-07-29 01:09:56,163 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:09:56,163 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:09:56,184 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:56,184 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:09:56,184 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:09:56,185 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:09:56,185 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:09:56,185 INFO L87 Difference]: Start difference. First operand 65 states and 68 transitions. Second operand 5 states. [2020-07-29 01:09:56,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:56,671 INFO L93 Difference]: Finished difference Result 72 states and 77 transitions. [2020-07-29 01:09:56,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:09:56,671 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 11 [2020-07-29 01:09:56,672 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:09:56,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:09:56,675 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 89 transitions. [2020-07-29 01:09:56,675 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:09:56,678 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 89 transitions. [2020-07-29 01:09:56,678 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 89 transitions. [2020-07-29 01:09:56,791 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 89 edges. 89 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:56,794 INFO L225 Difference]: With dead ends: 72 [2020-07-29 01:09:56,794 INFO L226 Difference]: Without dead ends: 72 [2020-07-29 01:09:56,795 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:09:56,796 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2020-07-29 01:09:56,801 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 67. [2020-07-29 01:09:56,801 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:09:56,801 INFO L82 GeneralOperation]: Start isEquivalent. First operand 72 states. Second operand 67 states. [2020-07-29 01:09:56,801 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand 67 states. [2020-07-29 01:09:56,801 INFO L87 Difference]: Start difference. First operand 72 states. Second operand 67 states. [2020-07-29 01:09:56,806 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:56,807 INFO L93 Difference]: Finished difference Result 72 states and 77 transitions. [2020-07-29 01:09:56,807 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 77 transitions. [2020-07-29 01:09:56,808 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:56,808 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:56,808 INFO L74 IsIncluded]: Start isIncluded. First operand 67 states. Second operand 72 states. [2020-07-29 01:09:56,808 INFO L87 Difference]: Start difference. First operand 67 states. Second operand 72 states. [2020-07-29 01:09:56,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:56,812 INFO L93 Difference]: Finished difference Result 72 states and 77 transitions. [2020-07-29 01:09:56,812 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 77 transitions. [2020-07-29 01:09:56,813 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:56,813 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:56,813 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:09:56,814 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:09:56,814 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 67 states. [2020-07-29 01:09:56,817 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 77 transitions. [2020-07-29 01:09:56,817 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 77 transitions. Word has length 11 [2020-07-29 01:09:56,817 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:09:56,818 INFO L479 AbstractCegarLoop]: Abstraction has 67 states and 77 transitions. [2020-07-29 01:09:56,818 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:09:56,818 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 77 transitions. [2020-07-29 01:09:56,818 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2020-07-29 01:09:56,818 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:09:56,818 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:09:56,819 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2020-07-29 01:09:56,819 INFO L427 AbstractCegarLoop]: === Iteration 3 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:09:56,819 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:09:56,819 INFO L82 PathProgramCache]: Analyzing trace with hash -516882777, now seen corresponding path program 1 times [2020-07-29 01:09:56,820 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:09:56,820 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [726633419] [2020-07-29 01:09:56,820 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:09:56,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:56,913 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:09:56,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:56,921 INFO L280 TraceCheckUtils]: 0: Hoare triple {654#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {647#true} is VALID [2020-07-29 01:09:56,921 INFO L280 TraceCheckUtils]: 1: Hoare triple {647#true} assume true; {647#true} is VALID [2020-07-29 01:09:56,922 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {647#true} {647#true} #153#return; {647#true} is VALID [2020-07-29 01:09:56,923 INFO L263 TraceCheckUtils]: 0: Hoare triple {647#true} call ULTIMATE.init(); {654#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:09:56,923 INFO L280 TraceCheckUtils]: 1: Hoare triple {654#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {647#true} is VALID [2020-07-29 01:09:56,924 INFO L280 TraceCheckUtils]: 2: Hoare triple {647#true} assume true; {647#true} is VALID [2020-07-29 01:09:56,924 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {647#true} {647#true} #153#return; {647#true} is VALID [2020-07-29 01:09:56,924 INFO L263 TraceCheckUtils]: 4: Hoare triple {647#true} call #t~ret14 := main(); {647#true} is VALID [2020-07-29 01:09:56,926 INFO L280 TraceCheckUtils]: 5: Hoare triple {647#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {652#(and (= 0 main_~a~0.offset) (= (select |#length| main_~a~0.base) 8))} is VALID [2020-07-29 01:09:56,927 INFO L280 TraceCheckUtils]: 6: Hoare triple {652#(and (= 0 main_~a~0.offset) (= (select |#length| main_~a~0.base) 8))} assume !(~a~0.base == 0 && ~a~0.offset == 0); {652#(and (= 0 main_~a~0.offset) (= (select |#length| main_~a~0.base) 8))} is VALID [2020-07-29 01:09:56,928 INFO L280 TraceCheckUtils]: 7: Hoare triple {652#(and (= 0 main_~a~0.offset) (= (select |#length| main_~a~0.base) 8))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:09:56,928 INFO L280 TraceCheckUtils]: 8: Hoare triple {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:09:56,929 INFO L280 TraceCheckUtils]: 9: Hoare triple {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !!(0 != #t~nondet3);havoc #t~nondet3; {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:09:56,930 INFO L280 TraceCheckUtils]: 10: Hoare triple {653#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !(4 + ~p~0.offset <= #length[~p~0.base] && 0 <= ~p~0.offset); {648#false} is VALID [2020-07-29 01:09:56,931 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:09:56,932 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [726633419] [2020-07-29 01:09:56,932 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:09:56,932 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2020-07-29 01:09:56,933 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1269727237] [2020-07-29 01:09:56,933 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 11 [2020-07-29 01:09:56,933 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:09:56,933 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:09:56,948 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:56,948 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:09:56,949 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:09:56,949 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:09:56,950 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:09:56,950 INFO L87 Difference]: Start difference. First operand 67 states and 77 transitions. Second operand 5 states. [2020-07-29 01:09:57,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:57,509 INFO L93 Difference]: Finished difference Result 92 states and 99 transitions. [2020-07-29 01:09:57,510 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:09:57,510 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 11 [2020-07-29 01:09:57,510 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:09:57,510 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:09:57,514 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 109 transitions. [2020-07-29 01:09:57,514 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:09:57,516 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 109 transitions. [2020-07-29 01:09:57,517 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 109 transitions. [2020-07-29 01:09:57,682 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 109 edges. 109 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:57,684 INFO L225 Difference]: With dead ends: 92 [2020-07-29 01:09:57,687 INFO L226 Difference]: Without dead ends: 92 [2020-07-29 01:09:57,687 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:09:57,688 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2020-07-29 01:09:57,703 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 81. [2020-07-29 01:09:57,703 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:09:57,703 INFO L82 GeneralOperation]: Start isEquivalent. First operand 92 states. Second operand 81 states. [2020-07-29 01:09:57,704 INFO L74 IsIncluded]: Start isIncluded. First operand 92 states. Second operand 81 states. [2020-07-29 01:09:57,704 INFO L87 Difference]: Start difference. First operand 92 states. Second operand 81 states. [2020-07-29 01:09:57,709 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:57,711 INFO L93 Difference]: Finished difference Result 92 states and 99 transitions. [2020-07-29 01:09:57,711 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 99 transitions. [2020-07-29 01:09:57,712 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:57,714 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:57,715 INFO L74 IsIncluded]: Start isIncluded. First operand 81 states. Second operand 92 states. [2020-07-29 01:09:57,715 INFO L87 Difference]: Start difference. First operand 81 states. Second operand 92 states. [2020-07-29 01:09:57,722 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:57,723 INFO L93 Difference]: Finished difference Result 92 states and 99 transitions. [2020-07-29 01:09:57,723 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 99 transitions. [2020-07-29 01:09:57,725 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:57,725 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:57,725 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:09:57,726 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:09:57,726 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 81 states. [2020-07-29 01:09:57,731 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 89 transitions. [2020-07-29 01:09:57,731 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 89 transitions. Word has length 11 [2020-07-29 01:09:57,732 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:09:57,732 INFO L479 AbstractCegarLoop]: Abstraction has 81 states and 89 transitions. [2020-07-29 01:09:57,732 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:09:57,732 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 89 transitions. [2020-07-29 01:09:57,740 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2020-07-29 01:09:57,743 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:09:57,743 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:09:57,744 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2020-07-29 01:09:57,744 INFO L427 AbstractCegarLoop]: === Iteration 4 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:09:57,745 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:09:57,745 INFO L82 PathProgramCache]: Analyzing trace with hash -725497357, now seen corresponding path program 1 times [2020-07-29 01:09:57,745 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:09:57,745 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [508109414] [2020-07-29 01:09:57,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:09:57,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:57,911 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:09:57,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:57,922 INFO L280 TraceCheckUtils]: 0: Hoare triple {1025#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1016#true} is VALID [2020-07-29 01:09:57,922 INFO L280 TraceCheckUtils]: 1: Hoare triple {1016#true} assume true; {1016#true} is VALID [2020-07-29 01:09:57,923 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {1016#true} {1016#true} #153#return; {1016#true} is VALID [2020-07-29 01:09:57,924 INFO L263 TraceCheckUtils]: 0: Hoare triple {1016#true} call ULTIMATE.init(); {1025#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:09:57,924 INFO L280 TraceCheckUtils]: 1: Hoare triple {1025#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1016#true} is VALID [2020-07-29 01:09:57,925 INFO L280 TraceCheckUtils]: 2: Hoare triple {1016#true} assume true; {1016#true} is VALID [2020-07-29 01:09:57,925 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1016#true} {1016#true} #153#return; {1016#true} is VALID [2020-07-29 01:09:57,926 INFO L263 TraceCheckUtils]: 4: Hoare triple {1016#true} call #t~ret14 := main(); {1016#true} is VALID [2020-07-29 01:09:57,926 INFO L280 TraceCheckUtils]: 5: Hoare triple {1016#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1016#true} is VALID [2020-07-29 01:09:57,926 INFO L280 TraceCheckUtils]: 6: Hoare triple {1016#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {1016#true} is VALID [2020-07-29 01:09:57,927 INFO L280 TraceCheckUtils]: 7: Hoare triple {1016#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:09:57,928 INFO L280 TraceCheckUtils]: 8: Hoare triple {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:09:57,929 INFO L280 TraceCheckUtils]: 9: Hoare triple {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet3);havoc #t~nondet3; {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:09:57,930 INFO L280 TraceCheckUtils]: 10: Hoare triple {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:09:57,931 INFO L280 TraceCheckUtils]: 11: Hoare triple {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet6);havoc #t~nondet6; {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:09:57,933 INFO L280 TraceCheckUtils]: 12: Hoare triple {1021#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} SUMMARY for call write~int(3, ~p~0.base, ~p~0.offset, 4); srcloc: L532-3 {1022#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} is VALID [2020-07-29 01:09:57,934 INFO L280 TraceCheckUtils]: 13: Hoare triple {1022#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1023#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:09:57,935 INFO L280 TraceCheckUtils]: 14: Hoare triple {1023#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem9 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L541-3 {1024#(= 3 |main_#t~mem9|)} is VALID [2020-07-29 01:09:57,936 INFO L280 TraceCheckUtils]: 15: Hoare triple {1024#(= 3 |main_#t~mem9|)} assume !!(1 == #t~mem9);havoc #t~mem9; {1017#false} is VALID [2020-07-29 01:09:57,937 INFO L280 TraceCheckUtils]: 16: Hoare triple {1017#false} SUMMARY for call #t~mem10.base, #t~mem10.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L542 {1017#false} is VALID [2020-07-29 01:09:57,937 INFO L280 TraceCheckUtils]: 17: Hoare triple {1017#false} ~p~0.base, ~p~0.offset := #t~mem10.base, #t~mem10.offset;havoc #t~mem10.base, #t~mem10.offset; {1017#false} is VALID [2020-07-29 01:09:57,937 INFO L280 TraceCheckUtils]: 18: Hoare triple {1017#false} assume !(1 == #valid[~p~0.base]); {1017#false} is VALID [2020-07-29 01:09:57,939 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:09:57,939 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [508109414] [2020-07-29 01:09:57,939 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:09:57,939 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2020-07-29 01:09:57,939 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1229274178] [2020-07-29 01:09:57,940 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:09:57,940 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:09:57,940 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:09:57,963 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:57,964 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:09:57,964 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:09:57,964 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:09:57,965 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:09:57,965 INFO L87 Difference]: Start difference. First operand 81 states and 89 transitions. Second operand 7 states. [2020-07-29 01:09:58,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:58,657 INFO L93 Difference]: Finished difference Result 120 states and 127 transitions. [2020-07-29 01:09:58,657 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2020-07-29 01:09:58,657 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:09:58,658 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:09:58,658 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:09:58,661 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 126 transitions. [2020-07-29 01:09:58,661 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:09:58,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 126 transitions. [2020-07-29 01:09:58,664 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 126 transitions. [2020-07-29 01:09:58,800 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 126 edges. 126 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:58,804 INFO L225 Difference]: With dead ends: 120 [2020-07-29 01:09:58,804 INFO L226 Difference]: Without dead ends: 120 [2020-07-29 01:09:58,804 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:09:58,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2020-07-29 01:09:58,811 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 84. [2020-07-29 01:09:58,811 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:09:58,811 INFO L82 GeneralOperation]: Start isEquivalent. First operand 120 states. Second operand 84 states. [2020-07-29 01:09:58,811 INFO L74 IsIncluded]: Start isIncluded. First operand 120 states. Second operand 84 states. [2020-07-29 01:09:58,812 INFO L87 Difference]: Start difference. First operand 120 states. Second operand 84 states. [2020-07-29 01:09:58,816 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:58,816 INFO L93 Difference]: Finished difference Result 120 states and 127 transitions. [2020-07-29 01:09:58,817 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 127 transitions. [2020-07-29 01:09:58,817 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:58,818 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:58,818 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand 120 states. [2020-07-29 01:09:58,818 INFO L87 Difference]: Start difference. First operand 84 states. Second operand 120 states. [2020-07-29 01:09:58,823 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:58,823 INFO L93 Difference]: Finished difference Result 120 states and 127 transitions. [2020-07-29 01:09:58,823 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 127 transitions. [2020-07-29 01:09:58,824 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:09:58,824 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:09:58,824 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:09:58,824 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:09:58,825 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 84 states. [2020-07-29 01:09:58,828 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 92 transitions. [2020-07-29 01:09:58,828 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 92 transitions. Word has length 19 [2020-07-29 01:09:58,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:09:58,828 INFO L479 AbstractCegarLoop]: Abstraction has 84 states and 92 transitions. [2020-07-29 01:09:58,829 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:09:58,829 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 92 transitions. [2020-07-29 01:09:58,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2020-07-29 01:09:58,829 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:09:58,830 INFO L422 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:09:58,830 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2020-07-29 01:09:58,830 INFO L427 AbstractCegarLoop]: === Iteration 5 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:09:58,830 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:09:58,831 INFO L82 PathProgramCache]: Analyzing trace with hash 538341657, now seen corresponding path program 1 times [2020-07-29 01:09:58,831 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:09:58,831 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [395417754] [2020-07-29 01:09:58,831 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:09:58,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:58,951 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:09:58,953 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:09:58,962 INFO L280 TraceCheckUtils]: 0: Hoare triple {1485#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1476#true} is VALID [2020-07-29 01:09:58,962 INFO L280 TraceCheckUtils]: 1: Hoare triple {1476#true} assume true; {1476#true} is VALID [2020-07-29 01:09:58,962 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {1476#true} {1476#true} #153#return; {1476#true} is VALID [2020-07-29 01:09:58,963 INFO L263 TraceCheckUtils]: 0: Hoare triple {1476#true} call ULTIMATE.init(); {1485#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:09:58,964 INFO L280 TraceCheckUtils]: 1: Hoare triple {1485#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1476#true} is VALID [2020-07-29 01:09:58,964 INFO L280 TraceCheckUtils]: 2: Hoare triple {1476#true} assume true; {1476#true} is VALID [2020-07-29 01:09:58,964 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1476#true} {1476#true} #153#return; {1476#true} is VALID [2020-07-29 01:09:58,964 INFO L263 TraceCheckUtils]: 4: Hoare triple {1476#true} call #t~ret14 := main(); {1476#true} is VALID [2020-07-29 01:09:58,965 INFO L280 TraceCheckUtils]: 5: Hoare triple {1476#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1476#true} is VALID [2020-07-29 01:09:58,965 INFO L280 TraceCheckUtils]: 6: Hoare triple {1476#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {1476#true} is VALID [2020-07-29 01:09:58,965 INFO L280 TraceCheckUtils]: 7: Hoare triple {1476#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1476#true} is VALID [2020-07-29 01:09:58,965 INFO L280 TraceCheckUtils]: 8: Hoare triple {1476#true} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {1476#true} is VALID [2020-07-29 01:09:58,966 INFO L280 TraceCheckUtils]: 9: Hoare triple {1476#true} assume !!(0 != #t~nondet3);havoc #t~nondet3; {1476#true} is VALID [2020-07-29 01:09:58,966 INFO L280 TraceCheckUtils]: 10: Hoare triple {1476#true} SUMMARY for call write~int(1, ~p~0.base, ~p~0.offset, 4); srcloc: L526 {1476#true} is VALID [2020-07-29 01:09:58,967 INFO L280 TraceCheckUtils]: 11: Hoare triple {1476#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {1481#(= 1 (select |#valid| main_~t~0.base))} is VALID [2020-07-29 01:09:58,968 INFO L280 TraceCheckUtils]: 12: Hoare triple {1481#(= 1 (select |#valid| main_~t~0.base))} assume !(~t~0.base == 0 && ~t~0.offset == 0); {1481#(= 1 (select |#valid| main_~t~0.base))} is VALID [2020-07-29 01:09:58,969 INFO L280 TraceCheckUtils]: 13: Hoare triple {1481#(= 1 (select |#valid| main_~t~0.base))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, 4 + ~p~0.offset, 4); srcloc: L528-3 {1482#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4))))} is VALID [2020-07-29 01:09:58,970 INFO L280 TraceCheckUtils]: 14: Hoare triple {1482#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L529 {1483#(= (select |#valid| |main_#t~mem5.base|) 1)} is VALID [2020-07-29 01:09:58,971 INFO L280 TraceCheckUtils]: 15: Hoare triple {1483#(= (select |#valid| |main_#t~mem5.base|) 1)} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1484#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:58,971 INFO L280 TraceCheckUtils]: 16: Hoare triple {1484#(= 1 (select |#valid| main_~p~0.base))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {1484#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:58,972 INFO L280 TraceCheckUtils]: 17: Hoare triple {1484#(= 1 (select |#valid| main_~p~0.base))} assume !!(0 != #t~nondet3);havoc #t~nondet3; {1484#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:09:58,973 INFO L280 TraceCheckUtils]: 18: Hoare triple {1484#(= 1 (select |#valid| main_~p~0.base))} assume !(1 == #valid[~p~0.base]); {1477#false} is VALID [2020-07-29 01:09:58,973 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:09:58,974 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [395417754] [2020-07-29 01:09:58,974 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:09:58,974 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:09:58,974 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2097188325] [2020-07-29 01:09:58,975 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:09:58,975 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:09:58,975 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:09:58,998 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:58,998 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:09:58,998 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:09:58,999 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:09:58,999 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:09:58,999 INFO L87 Difference]: Start difference. First operand 84 states and 92 transitions. Second operand 7 states. [2020-07-29 01:09:59,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:09:59,837 INFO L93 Difference]: Finished difference Result 109 states and 118 transitions. [2020-07-29 01:09:59,837 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2020-07-29 01:09:59,837 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:09:59,837 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:09:59,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:09:59,842 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 102 transitions. [2020-07-29 01:09:59,843 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:09:59,847 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 102 transitions. [2020-07-29 01:09:59,848 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 102 transitions. [2020-07-29 01:09:59,986 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 102 edges. 102 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:09:59,990 INFO L225 Difference]: With dead ends: 109 [2020-07-29 01:09:59,990 INFO L226 Difference]: Without dead ends: 109 [2020-07-29 01:09:59,990 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:09:59,991 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2020-07-29 01:09:59,996 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 87. [2020-07-29 01:09:59,996 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:09:59,997 INFO L82 GeneralOperation]: Start isEquivalent. First operand 109 states. Second operand 87 states. [2020-07-29 01:09:59,997 INFO L74 IsIncluded]: Start isIncluded. First operand 109 states. Second operand 87 states. [2020-07-29 01:09:59,997 INFO L87 Difference]: Start difference. First operand 109 states. Second operand 87 states. [2020-07-29 01:10:00,001 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:00,001 INFO L93 Difference]: Finished difference Result 109 states and 118 transitions. [2020-07-29 01:10:00,001 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 118 transitions. [2020-07-29 01:10:00,002 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:00,002 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:00,002 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand 109 states. [2020-07-29 01:10:00,002 INFO L87 Difference]: Start difference. First operand 87 states. Second operand 109 states. [2020-07-29 01:10:00,007 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:00,007 INFO L93 Difference]: Finished difference Result 109 states and 118 transitions. [2020-07-29 01:10:00,007 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 118 transitions. [2020-07-29 01:10:00,007 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:00,008 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:00,008 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:00,008 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:00,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 87 states. [2020-07-29 01:10:00,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 98 transitions. [2020-07-29 01:10:00,011 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 98 transitions. Word has length 19 [2020-07-29 01:10:00,011 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:00,012 INFO L479 AbstractCegarLoop]: Abstraction has 87 states and 98 transitions. [2020-07-29 01:10:00,012 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:00,012 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 98 transitions. [2020-07-29 01:10:00,012 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2020-07-29 01:10:00,012 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:00,013 INFO L422 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:00,013 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2020-07-29 01:10:00,013 INFO L427 AbstractCegarLoop]: === Iteration 6 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:00,013 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:00,014 INFO L82 PathProgramCache]: Analyzing trace with hash 538341658, now seen corresponding path program 1 times [2020-07-29 01:10:00,014 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:00,014 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1039218503] [2020-07-29 01:10:00,014 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:00,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:00,190 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:10:00,192 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:00,196 INFO L280 TraceCheckUtils]: 0: Hoare triple {1918#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1909#true} is VALID [2020-07-29 01:10:00,197 INFO L280 TraceCheckUtils]: 1: Hoare triple {1909#true} assume true; {1909#true} is VALID [2020-07-29 01:10:00,197 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {1909#true} {1909#true} #153#return; {1909#true} is VALID [2020-07-29 01:10:00,198 INFO L263 TraceCheckUtils]: 0: Hoare triple {1909#true} call ULTIMATE.init(); {1918#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:10:00,198 INFO L280 TraceCheckUtils]: 1: Hoare triple {1918#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1909#true} is VALID [2020-07-29 01:10:00,199 INFO L280 TraceCheckUtils]: 2: Hoare triple {1909#true} assume true; {1909#true} is VALID [2020-07-29 01:10:00,199 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1909#true} {1909#true} #153#return; {1909#true} is VALID [2020-07-29 01:10:00,199 INFO L263 TraceCheckUtils]: 4: Hoare triple {1909#true} call #t~ret14 := main(); {1909#true} is VALID [2020-07-29 01:10:00,199 INFO L280 TraceCheckUtils]: 5: Hoare triple {1909#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1909#true} is VALID [2020-07-29 01:10:00,200 INFO L280 TraceCheckUtils]: 6: Hoare triple {1909#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {1909#true} is VALID [2020-07-29 01:10:00,200 INFO L280 TraceCheckUtils]: 7: Hoare triple {1909#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1909#true} is VALID [2020-07-29 01:10:00,200 INFO L280 TraceCheckUtils]: 8: Hoare triple {1909#true} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {1909#true} is VALID [2020-07-29 01:10:00,201 INFO L280 TraceCheckUtils]: 9: Hoare triple {1909#true} assume !!(0 != #t~nondet3);havoc #t~nondet3; {1909#true} is VALID [2020-07-29 01:10:00,201 INFO L280 TraceCheckUtils]: 10: Hoare triple {1909#true} SUMMARY for call write~int(1, ~p~0.base, ~p~0.offset, 4); srcloc: L526 {1909#true} is VALID [2020-07-29 01:10:00,202 INFO L280 TraceCheckUtils]: 11: Hoare triple {1909#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {1914#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} is VALID [2020-07-29 01:10:00,203 INFO L280 TraceCheckUtils]: 12: Hoare triple {1914#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} assume !(~t~0.base == 0 && ~t~0.offset == 0); {1914#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} is VALID [2020-07-29 01:10:00,205 INFO L280 TraceCheckUtils]: 13: Hoare triple {1914#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, 4 + ~p~0.offset, 4); srcloc: L528-3 {1915#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4)))) (= 0 (select (select |#memory_$Pointer$.offset| main_~p~0.base) (+ main_~p~0.offset 4))))} is VALID [2020-07-29 01:10:00,206 INFO L280 TraceCheckUtils]: 14: Hoare triple {1915#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4)))) (= 0 (select (select |#memory_$Pointer$.offset| main_~p~0.base) (+ main_~p~0.offset 4))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L529 {1916#(and (= 0 |main_#t~mem5.offset|) (= 8 (select |#length| |main_#t~mem5.base|)))} is VALID [2020-07-29 01:10:00,207 INFO L280 TraceCheckUtils]: 15: Hoare triple {1916#(and (= 0 |main_#t~mem5.offset|) (= 8 (select |#length| |main_#t~mem5.base|)))} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:00,208 INFO L280 TraceCheckUtils]: 16: Hoare triple {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:00,209 INFO L280 TraceCheckUtils]: 17: Hoare triple {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !!(0 != #t~nondet3);havoc #t~nondet3; {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:00,210 INFO L280 TraceCheckUtils]: 18: Hoare triple {1917#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !(4 + ~p~0.offset <= #length[~p~0.base] && 0 <= ~p~0.offset); {1910#false} is VALID [2020-07-29 01:10:00,211 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:00,212 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1039218503] [2020-07-29 01:10:00,212 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:00,212 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:10:00,212 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1291664688] [2020-07-29 01:10:00,213 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:10:00,213 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:00,213 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:10:00,239 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:00,239 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:10:00,239 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:10:00,239 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:10:00,240 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:10:00,240 INFO L87 Difference]: Start difference. First operand 87 states and 98 transitions. Second operand 7 states. [2020-07-29 01:10:01,365 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:01,365 INFO L93 Difference]: Finished difference Result 110 states and 120 transitions. [2020-07-29 01:10:01,365 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:10:01,367 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 19 [2020-07-29 01:10:01,367 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:01,368 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:01,370 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 108 transitions. [2020-07-29 01:10:01,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:01,373 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 108 transitions. [2020-07-29 01:10:01,373 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 108 transitions. [2020-07-29 01:10:01,524 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 108 edges. 108 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:01,527 INFO L225 Difference]: With dead ends: 110 [2020-07-29 01:10:01,528 INFO L226 Difference]: Without dead ends: 110 [2020-07-29 01:10:01,528 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:10:01,529 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110 states. [2020-07-29 01:10:01,533 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110 to 78. [2020-07-29 01:10:01,533 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:01,533 INFO L82 GeneralOperation]: Start isEquivalent. First operand 110 states. Second operand 78 states. [2020-07-29 01:10:01,534 INFO L74 IsIncluded]: Start isIncluded. First operand 110 states. Second operand 78 states. [2020-07-29 01:10:01,534 INFO L87 Difference]: Start difference. First operand 110 states. Second operand 78 states. [2020-07-29 01:10:01,538 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:01,538 INFO L93 Difference]: Finished difference Result 110 states and 120 transitions. [2020-07-29 01:10:01,538 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 120 transitions. [2020-07-29 01:10:01,539 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:01,539 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:01,539 INFO L74 IsIncluded]: Start isIncluded. First operand 78 states. Second operand 110 states. [2020-07-29 01:10:01,539 INFO L87 Difference]: Start difference. First operand 78 states. Second operand 110 states. [2020-07-29 01:10:01,543 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:01,544 INFO L93 Difference]: Finished difference Result 110 states and 120 transitions. [2020-07-29 01:10:01,544 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 120 transitions. [2020-07-29 01:10:01,544 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:01,545 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:01,545 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:01,545 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:01,545 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 78 states. [2020-07-29 01:10:01,548 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 87 transitions. [2020-07-29 01:10:01,548 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 87 transitions. Word has length 19 [2020-07-29 01:10:01,549 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:01,549 INFO L479 AbstractCegarLoop]: Abstraction has 78 states and 87 transitions. [2020-07-29 01:10:01,549 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:01,549 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 87 transitions. [2020-07-29 01:10:01,550 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:10:01,550 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:01,550 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:01,550 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2020-07-29 01:10:01,551 INFO L427 AbstractCegarLoop]: === Iteration 7 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:01,551 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:01,551 INFO L82 PathProgramCache]: Analyzing trace with hash -1465888843, now seen corresponding path program 1 times [2020-07-29 01:10:01,552 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:01,552 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [817083793] [2020-07-29 01:10:01,552 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:01,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:01,637 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:10:01,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:01,642 INFO L280 TraceCheckUtils]: 0: Hoare triple {2349#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2340#true} is VALID [2020-07-29 01:10:01,642 INFO L280 TraceCheckUtils]: 1: Hoare triple {2340#true} assume true; {2340#true} is VALID [2020-07-29 01:10:01,642 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {2340#true} {2340#true} #153#return; {2340#true} is VALID [2020-07-29 01:10:01,644 INFO L263 TraceCheckUtils]: 0: Hoare triple {2340#true} call ULTIMATE.init(); {2349#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:10:01,644 INFO L280 TraceCheckUtils]: 1: Hoare triple {2349#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2340#true} is VALID [2020-07-29 01:10:01,644 INFO L280 TraceCheckUtils]: 2: Hoare triple {2340#true} assume true; {2340#true} is VALID [2020-07-29 01:10:01,644 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2340#true} {2340#true} #153#return; {2340#true} is VALID [2020-07-29 01:10:01,645 INFO L263 TraceCheckUtils]: 4: Hoare triple {2340#true} call #t~ret14 := main(); {2340#true} is VALID [2020-07-29 01:10:01,645 INFO L280 TraceCheckUtils]: 5: Hoare triple {2340#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {2340#true} is VALID [2020-07-29 01:10:01,645 INFO L280 TraceCheckUtils]: 6: Hoare triple {2340#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {2340#true} is VALID [2020-07-29 01:10:01,647 INFO L280 TraceCheckUtils]: 7: Hoare triple {2340#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:01,647 INFO L280 TraceCheckUtils]: 8: Hoare triple {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:01,653 INFO L280 TraceCheckUtils]: 9: Hoare triple {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet3);havoc #t~nondet3; {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:01,655 INFO L280 TraceCheckUtils]: 10: Hoare triple {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:01,659 INFO L280 TraceCheckUtils]: 11: Hoare triple {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet6);havoc #t~nondet6; {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:01,661 INFO L280 TraceCheckUtils]: 12: Hoare triple {2345#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} SUMMARY for call write~int(3, ~p~0.base, ~p~0.offset, 4); srcloc: L532-3 {2346#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} is VALID [2020-07-29 01:10:01,662 INFO L280 TraceCheckUtils]: 13: Hoare triple {2346#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:01,662 INFO L280 TraceCheckUtils]: 14: Hoare triple {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem9 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L541-3 {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:01,663 INFO L280 TraceCheckUtils]: 15: Hoare triple {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} assume !(1 == #t~mem9);havoc #t~mem9; {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:01,663 INFO L280 TraceCheckUtils]: 16: Hoare triple {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem11 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L543-2 {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:01,664 INFO L280 TraceCheckUtils]: 17: Hoare triple {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} assume !(2 == #t~mem11);havoc #t~mem11; {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:01,665 INFO L280 TraceCheckUtils]: 18: Hoare triple {2347#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem13 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L543-3 {2348#(= |main_#t~mem13| 3)} is VALID [2020-07-29 01:10:01,666 INFO L280 TraceCheckUtils]: 19: Hoare triple {2348#(= |main_#t~mem13| 3)} assume 3 != #t~mem13;havoc #t~mem13; {2341#false} is VALID [2020-07-29 01:10:01,666 INFO L280 TraceCheckUtils]: 20: Hoare triple {2341#false} assume !false; {2341#false} is VALID [2020-07-29 01:10:01,667 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:01,667 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [817083793] [2020-07-29 01:10:01,668 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:01,668 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2020-07-29 01:10:01,668 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [19805886] [2020-07-29 01:10:01,668 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:01,669 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:01,669 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:10:01,690 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:01,690 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:10:01,691 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:10:01,691 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:10:01,691 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:10:01,691 INFO L87 Difference]: Start difference. First operand 78 states and 87 transitions. Second operand 7 states. [2020-07-29 01:10:02,401 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:02,401 INFO L93 Difference]: Finished difference Result 122 states and 130 transitions. [2020-07-29 01:10:02,402 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2020-07-29 01:10:02,402 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:02,402 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:02,402 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:02,405 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 120 transitions. [2020-07-29 01:10:02,405 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:02,408 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 120 transitions. [2020-07-29 01:10:02,409 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 120 transitions. [2020-07-29 01:10:02,551 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 120 edges. 120 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:02,554 INFO L225 Difference]: With dead ends: 122 [2020-07-29 01:10:02,555 INFO L226 Difference]: Without dead ends: 122 [2020-07-29 01:10:02,555 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:02,556 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2020-07-29 01:10:02,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 82. [2020-07-29 01:10:02,560 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:02,560 INFO L82 GeneralOperation]: Start isEquivalent. First operand 122 states. Second operand 82 states. [2020-07-29 01:10:02,561 INFO L74 IsIncluded]: Start isIncluded. First operand 122 states. Second operand 82 states. [2020-07-29 01:10:02,561 INFO L87 Difference]: Start difference. First operand 122 states. Second operand 82 states. [2020-07-29 01:10:02,565 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:02,565 INFO L93 Difference]: Finished difference Result 122 states and 130 transitions. [2020-07-29 01:10:02,565 INFO L276 IsEmpty]: Start isEmpty. Operand 122 states and 130 transitions. [2020-07-29 01:10:02,566 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:02,566 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:02,566 INFO L74 IsIncluded]: Start isIncluded. First operand 82 states. Second operand 122 states. [2020-07-29 01:10:02,567 INFO L87 Difference]: Start difference. First operand 82 states. Second operand 122 states. [2020-07-29 01:10:02,571 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:02,571 INFO L93 Difference]: Finished difference Result 122 states and 130 transitions. [2020-07-29 01:10:02,571 INFO L276 IsEmpty]: Start isEmpty. Operand 122 states and 130 transitions. [2020-07-29 01:10:02,572 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:02,572 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:02,572 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:02,572 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:02,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 82 states. [2020-07-29 01:10:02,575 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 92 transitions. [2020-07-29 01:10:02,575 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 92 transitions. Word has length 21 [2020-07-29 01:10:02,576 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:02,576 INFO L479 AbstractCegarLoop]: Abstraction has 82 states and 92 transitions. [2020-07-29 01:10:02,576 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:02,576 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 92 transitions. [2020-07-29 01:10:02,577 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:10:02,577 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:02,577 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:02,577 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2020-07-29 01:10:02,578 INFO L427 AbstractCegarLoop]: === Iteration 8 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:02,578 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:02,578 INFO L82 PathProgramCache]: Analyzing trace with hash -1465836288, now seen corresponding path program 1 times [2020-07-29 01:10:02,578 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:02,579 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [134632135] [2020-07-29 01:10:02,579 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:02,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:02,667 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:10:02,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:02,674 INFO L280 TraceCheckUtils]: 0: Hoare triple {2813#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2804#true} is VALID [2020-07-29 01:10:02,675 INFO L280 TraceCheckUtils]: 1: Hoare triple {2804#true} assume true; {2804#true} is VALID [2020-07-29 01:10:02,675 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {2804#true} {2804#true} #153#return; {2804#true} is VALID [2020-07-29 01:10:02,676 INFO L263 TraceCheckUtils]: 0: Hoare triple {2804#true} call ULTIMATE.init(); {2813#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:10:02,676 INFO L280 TraceCheckUtils]: 1: Hoare triple {2813#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2804#true} is VALID [2020-07-29 01:10:02,676 INFO L280 TraceCheckUtils]: 2: Hoare triple {2804#true} assume true; {2804#true} is VALID [2020-07-29 01:10:02,676 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2804#true} {2804#true} #153#return; {2804#true} is VALID [2020-07-29 01:10:02,677 INFO L263 TraceCheckUtils]: 4: Hoare triple {2804#true} call #t~ret14 := main(); {2804#true} is VALID [2020-07-29 01:10:02,677 INFO L280 TraceCheckUtils]: 5: Hoare triple {2804#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {2804#true} is VALID [2020-07-29 01:10:02,678 INFO L280 TraceCheckUtils]: 6: Hoare triple {2804#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {2804#true} is VALID [2020-07-29 01:10:02,684 INFO L280 TraceCheckUtils]: 7: Hoare triple {2804#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:02,685 INFO L280 TraceCheckUtils]: 8: Hoare triple {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:02,686 INFO L280 TraceCheckUtils]: 9: Hoare triple {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet3);havoc #t~nondet3; {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:02,686 INFO L280 TraceCheckUtils]: 10: Hoare triple {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:02,687 INFO L280 TraceCheckUtils]: 11: Hoare triple {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} assume !(0 != #t~nondet6);havoc #t~nondet6; {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} is VALID [2020-07-29 01:10:02,689 INFO L280 TraceCheckUtils]: 12: Hoare triple {2809#(and (= main_~a~0.base main_~p~0.base) (= main_~a~0.offset main_~p~0.offset))} SUMMARY for call write~int(3, ~p~0.base, ~p~0.offset, 4); srcloc: L532-3 {2810#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} is VALID [2020-07-29 01:10:02,690 INFO L280 TraceCheckUtils]: 13: Hoare triple {2810#(= 3 (select (select |#memory_int| main_~a~0.base) main_~a~0.offset))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:02,690 INFO L280 TraceCheckUtils]: 14: Hoare triple {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem9 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L541-3 {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:02,691 INFO L280 TraceCheckUtils]: 15: Hoare triple {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} assume !(1 == #t~mem9);havoc #t~mem9; {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} is VALID [2020-07-29 01:10:02,692 INFO L280 TraceCheckUtils]: 16: Hoare triple {2811#(= 3 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))} SUMMARY for call #t~mem11 := read~int(~p~0.base, ~p~0.offset, 4); srcloc: L543-2 {2812#(= |main_#t~mem11| 3)} is VALID [2020-07-29 01:10:02,692 INFO L280 TraceCheckUtils]: 17: Hoare triple {2812#(= |main_#t~mem11| 3)} assume !!(2 == #t~mem11);havoc #t~mem11; {2805#false} is VALID [2020-07-29 01:10:02,693 INFO L280 TraceCheckUtils]: 18: Hoare triple {2805#false} SUMMARY for call #t~mem12.base, #t~mem12.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L544 {2805#false} is VALID [2020-07-29 01:10:02,693 INFO L280 TraceCheckUtils]: 19: Hoare triple {2805#false} ~p~0.base, ~p~0.offset := #t~mem12.base, #t~mem12.offset;havoc #t~mem12.base, #t~mem12.offset; {2805#false} is VALID [2020-07-29 01:10:02,693 INFO L280 TraceCheckUtils]: 20: Hoare triple {2805#false} assume !(1 == #valid[~p~0.base]); {2805#false} is VALID [2020-07-29 01:10:02,695 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:02,695 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [134632135] [2020-07-29 01:10:02,695 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:02,695 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2020-07-29 01:10:02,695 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1765383156] [2020-07-29 01:10:02,696 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:02,696 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:02,696 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:10:02,724 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:02,724 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:10:02,724 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:10:02,724 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:10:02,725 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:10:02,725 INFO L87 Difference]: Start difference. First operand 82 states and 92 transitions. Second operand 7 states. [2020-07-29 01:10:03,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:03,338 INFO L93 Difference]: Finished difference Result 105 states and 112 transitions. [2020-07-29 01:10:03,338 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:10:03,339 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:03,339 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:03,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:03,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 102 transitions. [2020-07-29 01:10:03,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:03,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 102 transitions. [2020-07-29 01:10:03,346 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 102 transitions. [2020-07-29 01:10:03,484 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 102 edges. 102 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:03,487 INFO L225 Difference]: With dead ends: 105 [2020-07-29 01:10:03,487 INFO L226 Difference]: Without dead ends: 105 [2020-07-29 01:10:03,487 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:03,488 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2020-07-29 01:10:03,492 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 82. [2020-07-29 01:10:03,492 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:03,492 INFO L82 GeneralOperation]: Start isEquivalent. First operand 105 states. Second operand 82 states. [2020-07-29 01:10:03,493 INFO L74 IsIncluded]: Start isIncluded. First operand 105 states. Second operand 82 states. [2020-07-29 01:10:03,493 INFO L87 Difference]: Start difference. First operand 105 states. Second operand 82 states. [2020-07-29 01:10:03,496 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:03,497 INFO L93 Difference]: Finished difference Result 105 states and 112 transitions. [2020-07-29 01:10:03,497 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 112 transitions. [2020-07-29 01:10:03,498 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:03,498 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:03,498 INFO L74 IsIncluded]: Start isIncluded. First operand 82 states. Second operand 105 states. [2020-07-29 01:10:03,498 INFO L87 Difference]: Start difference. First operand 82 states. Second operand 105 states. [2020-07-29 01:10:03,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:03,502 INFO L93 Difference]: Finished difference Result 105 states and 112 transitions. [2020-07-29 01:10:03,503 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 112 transitions. [2020-07-29 01:10:03,503 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:03,503 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:03,504 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:03,504 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:03,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 82 states. [2020-07-29 01:10:03,507 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 91 transitions. [2020-07-29 01:10:03,507 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 91 transitions. Word has length 21 [2020-07-29 01:10:03,507 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:03,508 INFO L479 AbstractCegarLoop]: Abstraction has 82 states and 91 transitions. [2020-07-29 01:10:03,508 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:03,508 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 91 transitions. [2020-07-29 01:10:03,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:10:03,509 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:03,509 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:03,509 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2020-07-29 01:10:03,510 INFO L427 AbstractCegarLoop]: === Iteration 9 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:03,510 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:03,510 INFO L82 PathProgramCache]: Analyzing trace with hash -1761650517, now seen corresponding path program 1 times [2020-07-29 01:10:03,510 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:03,511 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [620053616] [2020-07-29 01:10:03,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:03,523 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:03,618 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:10:03,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:03,623 INFO L280 TraceCheckUtils]: 0: Hoare triple {3226#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3217#true} is VALID [2020-07-29 01:10:03,624 INFO L280 TraceCheckUtils]: 1: Hoare triple {3217#true} assume true; {3217#true} is VALID [2020-07-29 01:10:03,624 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {3217#true} {3217#true} #153#return; {3217#true} is VALID [2020-07-29 01:10:03,625 INFO L263 TraceCheckUtils]: 0: Hoare triple {3217#true} call ULTIMATE.init(); {3226#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:10:03,626 INFO L280 TraceCheckUtils]: 1: Hoare triple {3226#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3217#true} is VALID [2020-07-29 01:10:03,626 INFO L280 TraceCheckUtils]: 2: Hoare triple {3217#true} assume true; {3217#true} is VALID [2020-07-29 01:10:03,627 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3217#true} {3217#true} #153#return; {3217#true} is VALID [2020-07-29 01:10:03,627 INFO L263 TraceCheckUtils]: 4: Hoare triple {3217#true} call #t~ret14 := main(); {3217#true} is VALID [2020-07-29 01:10:03,627 INFO L280 TraceCheckUtils]: 5: Hoare triple {3217#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3217#true} is VALID [2020-07-29 01:10:03,627 INFO L280 TraceCheckUtils]: 6: Hoare triple {3217#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {3217#true} is VALID [2020-07-29 01:10:03,628 INFO L280 TraceCheckUtils]: 7: Hoare triple {3217#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3217#true} is VALID [2020-07-29 01:10:03,628 INFO L280 TraceCheckUtils]: 8: Hoare triple {3217#true} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {3217#true} is VALID [2020-07-29 01:10:03,628 INFO L280 TraceCheckUtils]: 9: Hoare triple {3217#true} assume !(0 != #t~nondet3);havoc #t~nondet3; {3217#true} is VALID [2020-07-29 01:10:03,629 INFO L280 TraceCheckUtils]: 10: Hoare triple {3217#true} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {3217#true} is VALID [2020-07-29 01:10:03,629 INFO L280 TraceCheckUtils]: 11: Hoare triple {3217#true} assume !!(0 != #t~nondet6);havoc #t~nondet6; {3217#true} is VALID [2020-07-29 01:10:03,629 INFO L280 TraceCheckUtils]: 12: Hoare triple {3217#true} SUMMARY for call write~int(2, ~p~0.base, ~p~0.offset, 4); srcloc: L533 {3217#true} is VALID [2020-07-29 01:10:03,631 INFO L280 TraceCheckUtils]: 13: Hoare triple {3217#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {3222#(= 1 (select |#valid| main_~t~0.base))} is VALID [2020-07-29 01:10:03,632 INFO L280 TraceCheckUtils]: 14: Hoare triple {3222#(= 1 (select |#valid| main_~t~0.base))} assume !(~t~0.base == 0 && ~t~0.offset == 0); {3222#(= 1 (select |#valid| main_~t~0.base))} is VALID [2020-07-29 01:10:03,634 INFO L280 TraceCheckUtils]: 15: Hoare triple {3222#(= 1 (select |#valid| main_~t~0.base))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, 4 + ~p~0.offset, 4); srcloc: L535-3 {3223#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4))))} is VALID [2020-07-29 01:10:03,635 INFO L280 TraceCheckUtils]: 16: Hoare triple {3223#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4))))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L536 {3224#(= 1 (select |#valid| |main_#t~mem8.base|))} is VALID [2020-07-29 01:10:03,636 INFO L280 TraceCheckUtils]: 17: Hoare triple {3224#(= 1 (select |#valid| |main_#t~mem8.base|))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {3225#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:03,637 INFO L280 TraceCheckUtils]: 18: Hoare triple {3225#(= 1 (select |#valid| main_~p~0.base))} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {3225#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:03,638 INFO L280 TraceCheckUtils]: 19: Hoare triple {3225#(= 1 (select |#valid| main_~p~0.base))} assume !(0 != #t~nondet6);havoc #t~nondet6; {3225#(= 1 (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:03,639 INFO L280 TraceCheckUtils]: 20: Hoare triple {3225#(= 1 (select |#valid| main_~p~0.base))} assume !(1 == #valid[~p~0.base]); {3218#false} is VALID [2020-07-29 01:10:03,640 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:03,640 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [620053616] [2020-07-29 01:10:03,640 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:03,641 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:10:03,641 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1654559279] [2020-07-29 01:10:03,642 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:03,642 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:03,642 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:10:03,668 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:03,668 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:10:03,668 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:10:03,669 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:10:03,669 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:10:03,669 INFO L87 Difference]: Start difference. First operand 82 states and 91 transitions. Second operand 7 states. [2020-07-29 01:10:04,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:04,342 INFO L93 Difference]: Finished difference Result 88 states and 95 transitions. [2020-07-29 01:10:04,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2020-07-29 01:10:04,342 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:04,342 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:04,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:04,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 84 transitions. [2020-07-29 01:10:04,345 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:04,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 84 transitions. [2020-07-29 01:10:04,347 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 84 transitions. [2020-07-29 01:10:04,442 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 84 edges. 84 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:04,444 INFO L225 Difference]: With dead ends: 88 [2020-07-29 01:10:04,444 INFO L226 Difference]: Without dead ends: 88 [2020-07-29 01:10:04,444 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:10:04,445 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2020-07-29 01:10:04,448 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 80. [2020-07-29 01:10:04,449 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:04,449 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand 80 states. [2020-07-29 01:10:04,449 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand 80 states. [2020-07-29 01:10:04,449 INFO L87 Difference]: Start difference. First operand 88 states. Second operand 80 states. [2020-07-29 01:10:04,452 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:04,452 INFO L93 Difference]: Finished difference Result 88 states and 95 transitions. [2020-07-29 01:10:04,452 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 95 transitions. [2020-07-29 01:10:04,453 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:04,453 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:04,453 INFO L74 IsIncluded]: Start isIncluded. First operand 80 states. Second operand 88 states. [2020-07-29 01:10:04,454 INFO L87 Difference]: Start difference. First operand 80 states. Second operand 88 states. [2020-07-29 01:10:04,456 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:04,457 INFO L93 Difference]: Finished difference Result 88 states and 95 transitions. [2020-07-29 01:10:04,457 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 95 transitions. [2020-07-29 01:10:04,457 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:04,457 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:04,458 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:04,458 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:04,458 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 80 states. [2020-07-29 01:10:04,460 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 89 transitions. [2020-07-29 01:10:04,461 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 89 transitions. Word has length 21 [2020-07-29 01:10:04,461 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:04,461 INFO L479 AbstractCegarLoop]: Abstraction has 80 states and 89 transitions. [2020-07-29 01:10:04,461 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:04,461 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 89 transitions. [2020-07-29 01:10:04,462 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:10:04,462 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:04,462 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:04,463 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2020-07-29 01:10:04,463 INFO L427 AbstractCegarLoop]: === Iteration 10 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:04,463 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:04,463 INFO L82 PathProgramCache]: Analyzing trace with hash -1761650516, now seen corresponding path program 1 times [2020-07-29 01:10:04,464 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:04,464 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1243592714] [2020-07-29 01:10:04,464 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:04,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:04,583 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:10:04,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:04,592 INFO L280 TraceCheckUtils]: 0: Hoare triple {3589#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3580#true} is VALID [2020-07-29 01:10:04,592 INFO L280 TraceCheckUtils]: 1: Hoare triple {3580#true} assume true; {3580#true} is VALID [2020-07-29 01:10:04,593 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {3580#true} {3580#true} #153#return; {3580#true} is VALID [2020-07-29 01:10:04,593 INFO L263 TraceCheckUtils]: 0: Hoare triple {3580#true} call ULTIMATE.init(); {3589#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:10:04,594 INFO L280 TraceCheckUtils]: 1: Hoare triple {3589#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3580#true} is VALID [2020-07-29 01:10:04,594 INFO L280 TraceCheckUtils]: 2: Hoare triple {3580#true} assume true; {3580#true} is VALID [2020-07-29 01:10:04,594 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3580#true} {3580#true} #153#return; {3580#true} is VALID [2020-07-29 01:10:04,595 INFO L263 TraceCheckUtils]: 4: Hoare triple {3580#true} call #t~ret14 := main(); {3580#true} is VALID [2020-07-29 01:10:04,595 INFO L280 TraceCheckUtils]: 5: Hoare triple {3580#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3580#true} is VALID [2020-07-29 01:10:04,595 INFO L280 TraceCheckUtils]: 6: Hoare triple {3580#true} assume !(~a~0.base == 0 && ~a~0.offset == 0); {3580#true} is VALID [2020-07-29 01:10:04,596 INFO L280 TraceCheckUtils]: 7: Hoare triple {3580#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3580#true} is VALID [2020-07-29 01:10:04,596 INFO L280 TraceCheckUtils]: 8: Hoare triple {3580#true} assume -2147483648 <= #t~nondet3 && #t~nondet3 <= 2147483647; {3580#true} is VALID [2020-07-29 01:10:04,596 INFO L280 TraceCheckUtils]: 9: Hoare triple {3580#true} assume !(0 != #t~nondet3);havoc #t~nondet3; {3580#true} is VALID [2020-07-29 01:10:04,597 INFO L280 TraceCheckUtils]: 10: Hoare triple {3580#true} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {3580#true} is VALID [2020-07-29 01:10:04,597 INFO L280 TraceCheckUtils]: 11: Hoare triple {3580#true} assume !!(0 != #t~nondet6);havoc #t~nondet6; {3580#true} is VALID [2020-07-29 01:10:04,597 INFO L280 TraceCheckUtils]: 12: Hoare triple {3580#true} SUMMARY for call write~int(2, ~p~0.base, ~p~0.offset, 4); srcloc: L533 {3580#true} is VALID [2020-07-29 01:10:04,598 INFO L280 TraceCheckUtils]: 13: Hoare triple {3580#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {3585#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} is VALID [2020-07-29 01:10:04,600 INFO L280 TraceCheckUtils]: 14: Hoare triple {3585#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} assume !(~t~0.base == 0 && ~t~0.offset == 0); {3585#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} is VALID [2020-07-29 01:10:04,601 INFO L280 TraceCheckUtils]: 15: Hoare triple {3585#(and (= 8 (select |#length| main_~t~0.base)) (= 0 main_~t~0.offset))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, 4 + ~p~0.offset, 4); srcloc: L535-3 {3586#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4)))) (= 0 (select (select |#memory_$Pointer$.offset| main_~p~0.base) (+ main_~p~0.offset 4))))} is VALID [2020-07-29 01:10:04,602 INFO L280 TraceCheckUtils]: 16: Hoare triple {3586#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (+ main_~p~0.offset 4)))) (= 0 (select (select |#memory_$Pointer$.offset| main_~p~0.base) (+ main_~p~0.offset 4))))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, 4 + ~p~0.offset, 4); srcloc: L536 {3587#(and (= 8 (select |#length| |main_#t~mem8.base|)) (= 0 |main_#t~mem8.offset|))} is VALID [2020-07-29 01:10:04,603 INFO L280 TraceCheckUtils]: 17: Hoare triple {3587#(and (= 8 (select |#length| |main_#t~mem8.base|)) (= 0 |main_#t~mem8.offset|))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:04,608 INFO L280 TraceCheckUtils]: 18: Hoare triple {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume -2147483648 <= #t~nondet6 && #t~nondet6 <= 2147483647; {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:04,609 INFO L280 TraceCheckUtils]: 19: Hoare triple {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !(0 != #t~nondet6);havoc #t~nondet6; {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} is VALID [2020-07-29 01:10:04,609 INFO L280 TraceCheckUtils]: 20: Hoare triple {3588#(and (= 8 (select |#length| main_~p~0.base)) (= 0 main_~p~0.offset))} assume !(4 + ~p~0.offset <= #length[~p~0.base] && 0 <= ~p~0.offset); {3581#false} is VALID [2020-07-29 01:10:04,610 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:04,611 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1243592714] [2020-07-29 01:10:04,611 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:04,611 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:10:04,611 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [441326660] [2020-07-29 01:10:04,612 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:04,612 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:04,612 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:10:04,644 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:04,644 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:10:04,644 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:10:04,645 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:10:04,645 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:10:04,645 INFO L87 Difference]: Start difference. First operand 80 states and 89 transitions. Second operand 7 states. [2020-07-29 01:10:05,527 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:05,527 INFO L93 Difference]: Finished difference Result 85 states and 93 transitions. [2020-07-29 01:10:05,528 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:10:05,528 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 21 [2020-07-29 01:10:05,528 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:05,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:05,532 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 86 transitions. [2020-07-29 01:10:05,532 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:10:05,536 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 86 transitions. [2020-07-29 01:10:05,537 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 86 transitions. [2020-07-29 01:10:05,648 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 86 edges. 86 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:05,650 INFO L225 Difference]: With dead ends: 85 [2020-07-29 01:10:05,650 INFO L226 Difference]: Without dead ends: 85 [2020-07-29 01:10:05,650 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:10:05,651 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2020-07-29 01:10:05,653 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 68. [2020-07-29 01:10:05,653 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:05,653 INFO L82 GeneralOperation]: Start isEquivalent. First operand 85 states. Second operand 68 states. [2020-07-29 01:10:05,654 INFO L74 IsIncluded]: Start isIncluded. First operand 85 states. Second operand 68 states. [2020-07-29 01:10:05,654 INFO L87 Difference]: Start difference. First operand 85 states. Second operand 68 states. [2020-07-29 01:10:05,656 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:05,656 INFO L93 Difference]: Finished difference Result 85 states and 93 transitions. [2020-07-29 01:10:05,657 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 93 transitions. [2020-07-29 01:10:05,657 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:05,657 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:05,657 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 85 states. [2020-07-29 01:10:05,658 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 85 states. [2020-07-29 01:10:05,660 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:05,660 INFO L93 Difference]: Finished difference Result 85 states and 93 transitions. [2020-07-29 01:10:05,660 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 93 transitions. [2020-07-29 01:10:05,660 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:05,661 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:05,661 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:05,661 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:05,661 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2020-07-29 01:10:05,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 76 transitions. [2020-07-29 01:10:05,663 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 76 transitions. Word has length 21 [2020-07-29 01:10:05,663 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:05,663 INFO L479 AbstractCegarLoop]: Abstraction has 68 states and 76 transitions. [2020-07-29 01:10:05,664 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:10:05,664 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 76 transitions. [2020-07-29 01:10:05,664 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2020-07-29 01:10:05,664 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:05,665 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:05,665 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2020-07-29 01:10:05,665 INFO L427 AbstractCegarLoop]: === Iteration 11 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:05,665 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:05,666 INFO L82 PathProgramCache]: Analyzing trace with hash 1802091221, now seen corresponding path program 1 times [2020-07-29 01:10:05,666 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:10:05,666 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2067682517] [2020-07-29 01:10:05,666 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:10:05,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:10:05,677 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:10:05,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:10:05,686 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:10:05,715 INFO L174 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2020-07-29 01:10:05,715 INFO L520 BasicCegarLoop]: Counterexample might be feasible [2020-07-29 01:10:05,715 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2020-07-29 01:10:05,733 WARN L417 cessorBacktranslator]: Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) [2020-07-29 01:10:05,759 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 29.07 01:10:05 BoogieIcfgContainer [2020-07-29 01:10:05,759 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2020-07-29 01:10:05,760 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2020-07-29 01:10:05,760 INFO L271 PluginConnector]: Initializing Witness Printer... [2020-07-29 01:10:05,760 INFO L275 PluginConnector]: Witness Printer initialized [2020-07-29 01:10:05,761 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:09:54" (3/4) ... [2020-07-29 01:10:05,768 INFO L140 WitnessPrinter]: No result that supports witness generation found [2020-07-29 01:10:05,769 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2020-07-29 01:10:05,772 INFO L168 Benchmark]: Toolchain (without parser) took 12472.03 ms. Allocated memory was 1.0 GB in the beginning and 1.3 GB in the end (delta: 302.5 MB). Free memory was 961.6 MB in the beginning and 995.8 MB in the end (delta: -34.2 MB). Peak memory consumption was 268.3 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:05,772 INFO L168 Benchmark]: CDTParser took 0.73 ms. Allocated memory is still 1.0 GB. Free memory is still 987.1 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:10:05,773 INFO L168 Benchmark]: CACSL2BoogieTranslator took 676.32 ms. Allocated memory was 1.0 GB in the beginning and 1.1 GB in the end (delta: 115.3 MB). Free memory was 961.6 MB in the beginning and 1.1 GB in the end (delta: -128.9 MB). Peak memory consumption was 31.8 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:05,773 INFO L168 Benchmark]: Boogie Preprocessor took 83.25 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:05,774 INFO L168 Benchmark]: RCFGBuilder took 919.51 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 72.5 MB). Peak memory consumption was 72.5 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:05,775 INFO L168 Benchmark]: TraceAbstraction took 10772.43 ms. Allocated memory was 1.1 GB in the beginning and 1.3 GB in the end (delta: 187.2 MB). Free memory was 1.0 GB in the beginning and 995.8 MB in the end (delta: 15.3 MB). Peak memory consumption was 202.5 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:05,775 INFO L168 Benchmark]: Witness Printer took 9.35 ms. Allocated memory is still 1.3 GB. Free memory is still 995.8 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:10:05,778 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.73 ms. Allocated memory is still 1.0 GB. Free memory is still 987.1 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 676.32 ms. Allocated memory was 1.0 GB in the beginning and 1.1 GB in the end (delta: 115.3 MB). Free memory was 961.6 MB in the beginning and 1.1 GB in the end (delta: -128.9 MB). Peak memory consumption was 31.8 MB. Max. memory is 11.5 GB. * Boogie Preprocessor took 83.25 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. * RCFGBuilder took 919.51 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 72.5 MB). Peak memory consumption was 72.5 MB. Max. memory is 11.5 GB. * TraceAbstraction took 10772.43 ms. Allocated memory was 1.1 GB in the beginning and 1.3 GB in the end (delta: 187.2 MB). Free memory was 1.0 GB in the beginning and 995.8 MB in the end (delta: 15.3 MB). Peak memory consumption was 202.5 MB. Max. memory is 11.5 GB. * Witness Printer took 9.35 ms. Allocated memory is still 1.3 GB. Free memory is still 995.8 MB. There was no memory consumed. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.boogie.preprocessor: - GenericResult: Unfinished Backtranslation Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - UnprovableResult [Line: 520]: Unable to prove that all allocated memory was freed Unable to prove that all allocated memory was freed Reason: overapproximation of memtrack at line 520. Possible FailurePath: [L521] List a = (List) malloc(sizeof(struct node)); VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}] [L522] COND FALSE !(a == 0) VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}] [L523] List t; [L524] List p = a; VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}] [L525] COND FALSE !(__VERIFIER_nondet_int()) [L532] COND FALSE !(__VERIFIER_nondet_int()) [L539] p->h = 3 VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}] [L540] p = a VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}] [L541] EXPR p->h VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}, p->h=3] [L541] COND FALSE !(p->h == 1) [L543] EXPR p->h VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}, p->h=3] [L543] COND FALSE !(p->h == 2) [L545] EXPR p->h VAL [a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}, p->h=3] [L545] COND FALSE !(p->h != 3) [L547] return 0; VAL [\result=0, a={-1:0}, malloc(sizeof(struct node))={-1:0}, p={-1:0}] - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 89 locations, 26 error locations. Started 1 CEGAR loops. VerificationResult: UNSAFE, OverallTime: 10.6s, OverallIterations: 11, TraceHistogramMax: 2, AutomataDifference: 8.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 463 SDtfs, 689 SDslu, 939 SDs, 0 SdLazy, 1838 SolverSat, 121 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 2.4s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 94 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=87occurred in iteration=5, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 194 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 196 NumberOfCodeBlocks, 196 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 164 ConstructedInterpolants, 0 QuantifiedInterpolants, 12096 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 10 InterpolantComputations, 10 PerfectInterpolantSequences, 12/12 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces Received shutdown request... ### Bit-precise run ### This is Ultimate 0.1.25-8bd4bc6 [2020-07-29 01:10:07,784 INFO L177 SettingsManager]: Resetting all preferences to default values... [2020-07-29 01:10:07,786 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2020-07-29 01:10:07,800 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2020-07-29 01:10:07,800 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2020-07-29 01:10:07,801 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2020-07-29 01:10:07,803 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2020-07-29 01:10:07,805 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2020-07-29 01:10:07,807 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2020-07-29 01:10:07,807 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2020-07-29 01:10:07,809 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2020-07-29 01:10:07,810 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2020-07-29 01:10:07,810 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2020-07-29 01:10:07,811 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2020-07-29 01:10:07,812 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2020-07-29 01:10:07,814 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2020-07-29 01:10:07,814 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2020-07-29 01:10:07,815 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2020-07-29 01:10:07,817 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2020-07-29 01:10:07,820 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2020-07-29 01:10:07,821 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2020-07-29 01:10:07,823 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2020-07-29 01:10:07,824 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2020-07-29 01:10:07,825 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2020-07-29 01:10:07,828 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2020-07-29 01:10:07,828 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2020-07-29 01:10:07,829 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2020-07-29 01:10:07,830 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2020-07-29 01:10:07,830 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2020-07-29 01:10:07,831 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2020-07-29 01:10:07,832 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2020-07-29 01:10:07,833 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2020-07-29 01:10:07,833 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2020-07-29 01:10:07,834 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2020-07-29 01:10:07,835 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2020-07-29 01:10:07,836 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2020-07-29 01:10:07,836 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2020-07-29 01:10:07,837 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2020-07-29 01:10:07,837 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2020-07-29 01:10:07,838 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2020-07-29 01:10:07,839 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2020-07-29 01:10:07,839 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2020-07-29 01:10:07,855 INFO L113 SettingsManager]: Loading preferences was successful [2020-07-29 01:10:07,856 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2020-07-29 01:10:07,857 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2020-07-29 01:10:07,857 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2020-07-29 01:10:07,857 INFO L138 SettingsManager]: * Use SBE=true [2020-07-29 01:10:07,858 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2020-07-29 01:10:07,858 INFO L138 SettingsManager]: * sizeof long=4 [2020-07-29 01:10:07,858 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2020-07-29 01:10:07,858 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2020-07-29 01:10:07,858 INFO L138 SettingsManager]: * sizeof POINTER=4 [2020-07-29 01:10:07,859 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2020-07-29 01:10:07,859 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2020-07-29 01:10:07,859 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2020-07-29 01:10:07,859 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2020-07-29 01:10:07,859 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2020-07-29 01:10:07,860 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2020-07-29 01:10:07,860 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2020-07-29 01:10:07,860 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2020-07-29 01:10:07,860 INFO L138 SettingsManager]: * sizeof long double=12 [2020-07-29 01:10:07,860 INFO L138 SettingsManager]: * Use constant arrays=true [2020-07-29 01:10:07,861 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2020-07-29 01:10:07,861 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2020-07-29 01:10:07,861 INFO L138 SettingsManager]: * To the following directory=./dump/ [2020-07-29 01:10:07,861 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2020-07-29 01:10:07,862 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:10:07,862 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2020-07-29 01:10:07,862 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2020-07-29 01:10:07,862 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2020-07-29 01:10:07,863 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --rewrite-divk --print-success --lang smt [2020-07-29 01:10:07,863 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2020-07-29 01:10:07,863 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2020-07-29 01:10:07,863 INFO L138 SettingsManager]: * Logic for external solver=AUFBV Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 283704c20cde057c38dc133107a27c4d033fb1ba [2020-07-29 01:10:08,178 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2020-07-29 01:10:08,192 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2020-07-29 01:10:08,196 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2020-07-29 01:10:08,198 INFO L271 PluginConnector]: Initializing CDTParser... [2020-07-29 01:10:08,198 INFO L275 PluginConnector]: CDTParser initialized [2020-07-29 01:10:08,199 INFO L429 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/list-properties/list-1.i [2020-07-29 01:10:08,277 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4fa750b2c/ff1496e03b854b399053ebeffd567cdb/FLAGc42373452 [2020-07-29 01:10:08,728 INFO L306 CDTParser]: Found 1 translation units. [2020-07-29 01:10:08,729 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/list-properties/list-1.i [2020-07-29 01:10:08,746 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4fa750b2c/ff1496e03b854b399053ebeffd567cdb/FLAGc42373452 [2020-07-29 01:10:09,102 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4fa750b2c/ff1496e03b854b399053ebeffd567cdb [2020-07-29 01:10:09,105 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2020-07-29 01:10:09,108 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2020-07-29 01:10:09,109 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2020-07-29 01:10:09,110 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2020-07-29 01:10:09,113 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2020-07-29 01:10:09,115 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,118 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4b98b30c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09, skipping insertion in model container [2020-07-29 01:10:09,118 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,127 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2020-07-29 01:10:09,179 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:10:09,739 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:10:09,759 INFO L203 MainTranslator]: Completed pre-run [2020-07-29 01:10:09,806 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:10:09,875 INFO L208 MainTranslator]: Completed translation [2020-07-29 01:10:09,876 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09 WrapperNode [2020-07-29 01:10:09,876 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2020-07-29 01:10:09,878 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2020-07-29 01:10:09,878 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2020-07-29 01:10:09,879 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2020-07-29 01:10:09,891 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,891 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,911 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,911 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,937 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,944 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,948 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... [2020-07-29 01:10:09,956 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2020-07-29 01:10:09,956 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2020-07-29 01:10:09,956 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2020-07-29 01:10:09,957 INFO L275 PluginConnector]: RCFGBuilder initialized [2020-07-29 01:10:09,957 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:10:10,043 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2020-07-29 01:10:10,044 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2020-07-29 01:10:10,044 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.setCurrentRoundingMode [2020-07-29 01:10:10,044 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_32 [2020-07-29 01:10:10,045 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_64 [2020-07-29 01:10:10,045 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint16_identity [2020-07-29 01:10:10,046 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint32_identity [2020-07-29 01:10:10,047 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint64_identity [2020-07-29 01:10:10,047 INFO L138 BoogieDeclarations]: Found implementation of procedure myexit [2020-07-29 01:10:10,047 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2020-07-29 01:10:10,047 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2020-07-29 01:10:10,047 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2020-07-29 01:10:10,047 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2020-07-29 01:10:10,048 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2020-07-29 01:10:10,049 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2020-07-29 01:10:10,050 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2020-07-29 01:10:10,050 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2020-07-29 01:10:10,050 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2020-07-29 01:10:10,051 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2020-07-29 01:10:10,051 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2020-07-29 01:10:10,051 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2020-07-29 01:10:10,052 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2020-07-29 01:10:10,052 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2020-07-29 01:10:10,052 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_32 [2020-07-29 01:10:10,052 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_64 [2020-07-29 01:10:10,052 INFO L130 BoogieDeclarations]: Found specification of procedure __uint16_identity [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure __uint32_identity [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure __uint64_identity [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure select [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2020-07-29 01:10:10,053 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2020-07-29 01:10:10,054 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2020-07-29 01:10:10,054 INFO L130 BoogieDeclarations]: Found specification of procedure random [2020-07-29 01:10:10,056 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2020-07-29 01:10:10,056 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2020-07-29 01:10:10,056 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2020-07-29 01:10:10,056 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2020-07-29 01:10:10,057 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2020-07-29 01:10:10,057 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2020-07-29 01:10:10,057 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2020-07-29 01:10:10,058 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2020-07-29 01:10:10,058 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2020-07-29 01:10:10,058 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2020-07-29 01:10:10,058 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2020-07-29 01:10:10,059 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2020-07-29 01:10:10,059 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2020-07-29 01:10:10,059 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2020-07-29 01:10:10,059 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2020-07-29 01:10:10,060 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2020-07-29 01:10:10,060 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2020-07-29 01:10:10,060 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2020-07-29 01:10:10,060 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2020-07-29 01:10:10,061 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2020-07-29 01:10:10,061 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2020-07-29 01:10:10,061 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2020-07-29 01:10:10,061 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2020-07-29 01:10:10,062 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2020-07-29 01:10:10,062 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2020-07-29 01:10:10,062 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2020-07-29 01:10:10,062 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2020-07-29 01:10:10,062 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2020-07-29 01:10:10,063 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2020-07-29 01:10:10,063 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2020-07-29 01:10:10,063 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2020-07-29 01:10:10,063 INFO L130 BoogieDeclarations]: Found specification of procedure free [2020-07-29 01:10:10,064 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2020-07-29 01:10:10,064 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2020-07-29 01:10:10,064 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2020-07-29 01:10:10,064 INFO L130 BoogieDeclarations]: Found specification of procedure aligned_alloc [2020-07-29 01:10:10,065 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2020-07-29 01:10:10,065 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2020-07-29 01:10:10,065 INFO L130 BoogieDeclarations]: Found specification of procedure at_quick_exit [2020-07-29 01:10:10,065 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2020-07-29 01:10:10,066 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2020-07-29 01:10:10,066 INFO L130 BoogieDeclarations]: Found specification of procedure quick_exit [2020-07-29 01:10:10,066 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2020-07-29 01:10:10,066 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2020-07-29 01:10:10,067 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2020-07-29 01:10:10,067 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2020-07-29 01:10:10,067 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2020-07-29 01:10:10,067 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2020-07-29 01:10:10,067 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2020-07-29 01:10:10,068 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2020-07-29 01:10:10,068 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2020-07-29 01:10:10,068 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2020-07-29 01:10:10,068 INFO L130 BoogieDeclarations]: Found specification of procedure system [2020-07-29 01:10:10,068 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2020-07-29 01:10:10,069 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2020-07-29 01:10:10,069 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2020-07-29 01:10:10,069 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2020-07-29 01:10:10,069 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2020-07-29 01:10:10,069 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2020-07-29 01:10:10,070 INFO L130 BoogieDeclarations]: Found specification of procedure div [2020-07-29 01:10:10,070 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2020-07-29 01:10:10,070 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2020-07-29 01:10:10,070 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2020-07-29 01:10:10,070 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2020-07-29 01:10:10,071 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2020-07-29 01:10:10,071 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2020-07-29 01:10:10,071 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2020-07-29 01:10:10,071 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2020-07-29 01:10:10,071 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2020-07-29 01:10:10,072 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2020-07-29 01:10:10,072 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2020-07-29 01:10:10,072 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2020-07-29 01:10:10,072 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2020-07-29 01:10:10,072 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2020-07-29 01:10:10,073 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2020-07-29 01:10:10,073 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2020-07-29 01:10:10,073 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2020-07-29 01:10:10,073 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2020-07-29 01:10:10,073 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2020-07-29 01:10:10,074 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2020-07-29 01:10:10,074 INFO L130 BoogieDeclarations]: Found specification of procedure myexit [2020-07-29 01:10:10,074 INFO L130 BoogieDeclarations]: Found specification of procedure main [2020-07-29 01:10:10,074 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2020-07-29 01:10:10,075 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2020-07-29 01:10:10,075 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2020-07-29 01:10:10,075 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2020-07-29 01:10:10,075 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2020-07-29 01:10:10,075 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2020-07-29 01:10:10,076 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2020-07-29 01:10:10,076 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.setCurrentRoundingMode [2020-07-29 01:10:10,076 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2020-07-29 01:10:10,536 INFO L728 $ProcedureCfgBuilder]: dead code at ProgramPoint myexitFINAL: assume true; [2020-07-29 01:10:10,921 INFO L290 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2020-07-29 01:10:10,921 INFO L295 CfgBuilder]: Removed 4 assume(true) statements. [2020-07-29 01:10:10,926 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:10:10 BoogieIcfgContainer [2020-07-29 01:10:10,927 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2020-07-29 01:10:10,928 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2020-07-29 01:10:10,929 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2020-07-29 01:10:10,932 INFO L275 PluginConnector]: TraceAbstraction initialized [2020-07-29 01:10:10,933 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 29.07 01:10:09" (1/3) ... [2020-07-29 01:10:10,934 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4682b4e9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:10:10, skipping insertion in model container [2020-07-29 01:10:10,934 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:10:09" (2/3) ... [2020-07-29 01:10:10,935 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4682b4e9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:10:10, skipping insertion in model container [2020-07-29 01:10:10,935 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:10:10" (3/3) ... [2020-07-29 01:10:10,937 INFO L109 eAbstractionObserver]: Analyzing ICFG list-1.i [2020-07-29 01:10:10,949 INFO L157 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2020-07-29 01:10:10,958 INFO L169 ceAbstractionStarter]: Appying trace abstraction to program that has 26 error locations. [2020-07-29 01:10:10,974 INFO L251 AbstractCegarLoop]: Starting to check reachability of 26 error locations. [2020-07-29 01:10:11,000 INFO L375 AbstractCegarLoop]: Interprodecural is true [2020-07-29 01:10:11,001 INFO L376 AbstractCegarLoop]: Hoare is false [2020-07-29 01:10:11,001 INFO L377 AbstractCegarLoop]: Compute interpolants for FPandBP [2020-07-29 01:10:11,001 INFO L378 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2020-07-29 01:10:11,002 INFO L379 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2020-07-29 01:10:11,002 INFO L380 AbstractCegarLoop]: Difference is false [2020-07-29 01:10:11,002 INFO L381 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2020-07-29 01:10:11,002 INFO L385 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2020-07-29 01:10:11,019 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states. [2020-07-29 01:10:11,030 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2020-07-29 01:10:11,030 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:11,032 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:11,032 INFO L427 AbstractCegarLoop]: === Iteration 1 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:11,039 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:11,039 INFO L82 PathProgramCache]: Analyzing trace with hash -1988574950, now seen corresponding path program 1 times [2020-07-29 01:10:11,055 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:11,056 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1402796206] [2020-07-29 01:10:11,056 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 2 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:11,192 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:11,196 INFO L263 TraceCheckSpWp]: Trace formula consists of 42 conjuncts, 4 conjunts are in the unsatisfiable core [2020-07-29 01:10:11,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:11,212 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:11,308 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:11,309 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:11,319 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:11,320 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:11,320 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:10:11,325 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:11,326 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_39|]. (= |#valid| (store |v_#valid_39| main_~a~0.base (_ bv1 1))) [2020-07-29 01:10:11,326 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv1 1) (select |#valid| main_~a~0.base)) [2020-07-29 01:10:11,365 INFO L263 TraceCheckUtils]: 0: Hoare triple {74#true} call ULTIMATE.init(); {74#true} is VALID [2020-07-29 01:10:11,366 INFO L280 TraceCheckUtils]: 1: Hoare triple {74#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {74#true} is VALID [2020-07-29 01:10:11,367 INFO L280 TraceCheckUtils]: 2: Hoare triple {74#true} assume true; {74#true} is VALID [2020-07-29 01:10:11,367 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {74#true} {74#true} #173#return; {74#true} is VALID [2020-07-29 01:10:11,368 INFO L263 TraceCheckUtils]: 4: Hoare triple {74#true} call #t~ret14 := main(); {74#true} is VALID [2020-07-29 01:10:11,371 INFO L280 TraceCheckUtils]: 5: Hoare triple {74#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:10:11,372 INFO L280 TraceCheckUtils]: 6: Hoare triple {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:10:11,374 INFO L280 TraceCheckUtils]: 7: Hoare triple {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:11,375 INFO L280 TraceCheckUtils]: 8: Hoare triple {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:11,376 INFO L280 TraceCheckUtils]: 9: Hoare triple {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {75#false} is VALID [2020-07-29 01:10:11,378 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:11,379 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:11,424 INFO L280 TraceCheckUtils]: 9: Hoare triple {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {75#false} is VALID [2020-07-29 01:10:11,426 INFO L280 TraceCheckUtils]: 8: Hoare triple {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:11,428 INFO L280 TraceCheckUtils]: 7: Hoare triple {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {101#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:11,429 INFO L280 TraceCheckUtils]: 6: Hoare triple {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:10:11,431 INFO L280 TraceCheckUtils]: 5: Hoare triple {74#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {94#(= (_ bv1 1) (select |#valid| main_~a~0.base))} is VALID [2020-07-29 01:10:11,432 INFO L263 TraceCheckUtils]: 4: Hoare triple {74#true} call #t~ret14 := main(); {74#true} is VALID [2020-07-29 01:10:11,432 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {74#true} {74#true} #173#return; {74#true} is VALID [2020-07-29 01:10:11,433 INFO L280 TraceCheckUtils]: 2: Hoare triple {74#true} assume true; {74#true} is VALID [2020-07-29 01:10:11,433 INFO L280 TraceCheckUtils]: 1: Hoare triple {74#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {74#true} is VALID [2020-07-29 01:10:11,434 INFO L263 TraceCheckUtils]: 0: Hoare triple {74#true} call ULTIMATE.init(); {74#true} is VALID [2020-07-29 01:10:11,434 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:11,436 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1402796206] [2020-07-29 01:10:11,437 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:11,437 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3, 3] imperfect sequences [] total 3 [2020-07-29 01:10:11,438 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [867624733] [2020-07-29 01:10:11,445 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 10 [2020-07-29 01:10:11,448 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:11,452 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2020-07-29 01:10:11,474 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:11,474 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2020-07-29 01:10:11,475 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:11,486 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2020-07-29 01:10:11,487 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:10:11,489 INFO L87 Difference]: Start difference. First operand 71 states. Second operand 4 states. [2020-07-29 01:10:12,126 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:12,126 INFO L93 Difference]: Finished difference Result 76 states and 84 transitions. [2020-07-29 01:10:12,127 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2020-07-29 01:10:12,127 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 10 [2020-07-29 01:10:12,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:12,130 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:10:12,145 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 105 transitions. [2020-07-29 01:10:12,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:10:12,151 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 105 transitions. [2020-07-29 01:10:12,152 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 105 transitions. [2020-07-29 01:10:12,359 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 105 edges. 105 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:12,375 INFO L225 Difference]: With dead ends: 76 [2020-07-29 01:10:12,375 INFO L226 Difference]: Without dead ends: 68 [2020-07-29 01:10:12,378 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:10:12,398 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2020-07-29 01:10:12,418 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 63. [2020-07-29 01:10:12,418 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:12,419 INFO L82 GeneralOperation]: Start isEquivalent. First operand 68 states. Second operand 63 states. [2020-07-29 01:10:12,420 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 63 states. [2020-07-29 01:10:12,421 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 63 states. [2020-07-29 01:10:12,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:12,429 INFO L93 Difference]: Finished difference Result 68 states and 73 transitions. [2020-07-29 01:10:12,429 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 73 transitions. [2020-07-29 01:10:12,430 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:12,431 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:12,431 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand 68 states. [2020-07-29 01:10:12,431 INFO L87 Difference]: Start difference. First operand 63 states. Second operand 68 states. [2020-07-29 01:10:12,438 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:12,438 INFO L93 Difference]: Finished difference Result 68 states and 73 transitions. [2020-07-29 01:10:12,439 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 73 transitions. [2020-07-29 01:10:12,440 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:12,440 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:12,440 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:12,441 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:12,441 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 63 states. [2020-07-29 01:10:12,445 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 73 transitions. [2020-07-29 01:10:12,447 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 73 transitions. Word has length 10 [2020-07-29 01:10:12,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:12,448 INFO L479 AbstractCegarLoop]: Abstraction has 63 states and 73 transitions. [2020-07-29 01:10:12,448 INFO L480 AbstractCegarLoop]: Interpolant automaton has 4 states. [2020-07-29 01:10:12,448 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 73 transitions. [2020-07-29 01:10:12,449 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2020-07-29 01:10:12,449 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:12,449 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:12,661 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 mathsat -unsat_core_generation=3 [2020-07-29 01:10:12,661 INFO L427 AbstractCegarLoop]: === Iteration 2 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:12,662 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:12,662 INFO L82 PathProgramCache]: Analyzing trace with hash -1988574949, now seen corresponding path program 1 times [2020-07-29 01:10:12,663 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:12,663 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [796431255] [2020-07-29 01:10:12,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 3 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:12,765 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:12,768 INFO L263 TraceCheckSpWp]: Trace formula consists of 42 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:10:12,777 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:12,779 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:12,806 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:12,806 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:12,821 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:12,821 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:12,822 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:10:12,827 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:12,827 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_34|]. (and (= |#length| (store |v_#length_34| main_~a~0.base (_ bv8 32))) (= (_ bv0 32) main_~a~0.offset)) [2020-07-29 01:10:12,827 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (select |#length| main_~a~0.base) (_ bv8 32)) (= (_ bv0 32) main_~a~0.offset)) [2020-07-29 01:10:12,875 INFO L263 TraceCheckUtils]: 0: Hoare triple {414#true} call ULTIMATE.init(); {414#true} is VALID [2020-07-29 01:10:12,876 INFO L280 TraceCheckUtils]: 1: Hoare triple {414#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {414#true} is VALID [2020-07-29 01:10:12,876 INFO L280 TraceCheckUtils]: 2: Hoare triple {414#true} assume true; {414#true} is VALID [2020-07-29 01:10:12,876 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {414#true} {414#true} #173#return; {414#true} is VALID [2020-07-29 01:10:12,877 INFO L263 TraceCheckUtils]: 4: Hoare triple {414#true} call #t~ret14 := main(); {414#true} is VALID [2020-07-29 01:10:12,879 INFO L280 TraceCheckUtils]: 5: Hoare triple {414#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {434#(and (= (bvadd (select |#length| main_~a~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~a~0.offset))} is VALID [2020-07-29 01:10:12,881 INFO L280 TraceCheckUtils]: 6: Hoare triple {434#(and (= (bvadd (select |#length| main_~a~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~a~0.offset))} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {434#(and (= (bvadd (select |#length| main_~a~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~a~0.offset))} is VALID [2020-07-29 01:10:12,882 INFO L280 TraceCheckUtils]: 7: Hoare triple {434#(and (= (bvadd (select |#length| main_~a~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~a~0.offset))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {441#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:12,884 INFO L280 TraceCheckUtils]: 8: Hoare triple {441#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {441#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:12,885 INFO L280 TraceCheckUtils]: 9: Hoare triple {441#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {415#false} is VALID [2020-07-29 01:10:12,886 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:12,886 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:13,098 INFO L280 TraceCheckUtils]: 9: Hoare triple {448#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {415#false} is VALID [2020-07-29 01:10:13,100 INFO L280 TraceCheckUtils]: 8: Hoare triple {448#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {448#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:13,101 INFO L280 TraceCheckUtils]: 7: Hoare triple {455#(and (bvule (bvadd main_~a~0.offset (_ bv4 32)) (select |#length| main_~a~0.base)) (bvule main_~a~0.offset (bvadd main_~a~0.offset (_ bv4 32))))} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {448#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:13,102 INFO L280 TraceCheckUtils]: 6: Hoare triple {455#(and (bvule (bvadd main_~a~0.offset (_ bv4 32)) (select |#length| main_~a~0.base)) (bvule main_~a~0.offset (bvadd main_~a~0.offset (_ bv4 32))))} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {455#(and (bvule (bvadd main_~a~0.offset (_ bv4 32)) (select |#length| main_~a~0.base)) (bvule main_~a~0.offset (bvadd main_~a~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:13,105 INFO L280 TraceCheckUtils]: 5: Hoare triple {414#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {455#(and (bvule (bvadd main_~a~0.offset (_ bv4 32)) (select |#length| main_~a~0.base)) (bvule main_~a~0.offset (bvadd main_~a~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:13,105 INFO L263 TraceCheckUtils]: 4: Hoare triple {414#true} call #t~ret14 := main(); {414#true} is VALID [2020-07-29 01:10:13,105 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {414#true} {414#true} #173#return; {414#true} is VALID [2020-07-29 01:10:13,106 INFO L280 TraceCheckUtils]: 2: Hoare triple {414#true} assume true; {414#true} is VALID [2020-07-29 01:10:13,106 INFO L280 TraceCheckUtils]: 1: Hoare triple {414#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {414#true} is VALID [2020-07-29 01:10:13,106 INFO L263 TraceCheckUtils]: 0: Hoare triple {414#true} call ULTIMATE.init(); {414#true} is VALID [2020-07-29 01:10:13,107 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:13,107 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [796431255] [2020-07-29 01:10:13,108 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:13,108 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3, 3] imperfect sequences [] total 5 [2020-07-29 01:10:13,108 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1328009396] [2020-07-29 01:10:13,110 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 10 [2020-07-29 01:10:13,110 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:13,110 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:10:13,138 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:13,138 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:10:13,138 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:13,139 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:10:13,139 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:10:13,139 INFO L87 Difference]: Start difference. First operand 63 states and 73 transitions. Second operand 6 states. [2020-07-29 01:10:14,403 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:14,403 INFO L93 Difference]: Finished difference Result 87 states and 93 transitions. [2020-07-29 01:10:14,403 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:10:14,403 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 10 [2020-07-29 01:10:14,403 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:14,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:14,407 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 107 transitions. [2020-07-29 01:10:14,407 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:14,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 107 transitions. [2020-07-29 01:10:14,411 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 107 transitions. [2020-07-29 01:10:14,675 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 107 edges. 107 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:14,679 INFO L225 Difference]: With dead ends: 87 [2020-07-29 01:10:14,679 INFO L226 Difference]: Without dead ends: 87 [2020-07-29 01:10:14,680 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=23, Invalid=33, Unknown=0, NotChecked=0, Total=56 [2020-07-29 01:10:14,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2020-07-29 01:10:14,687 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 75. [2020-07-29 01:10:14,687 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:14,687 INFO L82 GeneralOperation]: Start isEquivalent. First operand 87 states. Second operand 75 states. [2020-07-29 01:10:14,687 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand 75 states. [2020-07-29 01:10:14,687 INFO L87 Difference]: Start difference. First operand 87 states. Second operand 75 states. [2020-07-29 01:10:14,692 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:14,692 INFO L93 Difference]: Finished difference Result 87 states and 93 transitions. [2020-07-29 01:10:14,693 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 93 transitions. [2020-07-29 01:10:14,694 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:14,694 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:14,694 INFO L74 IsIncluded]: Start isIncluded. First operand 75 states. Second operand 87 states. [2020-07-29 01:10:14,694 INFO L87 Difference]: Start difference. First operand 75 states. Second operand 87 states. [2020-07-29 01:10:14,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:14,700 INFO L93 Difference]: Finished difference Result 87 states and 93 transitions. [2020-07-29 01:10:14,700 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 93 transitions. [2020-07-29 01:10:14,701 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:14,701 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:14,702 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:14,702 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:14,702 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 75 states. [2020-07-29 01:10:14,706 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 82 transitions. [2020-07-29 01:10:14,706 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 82 transitions. Word has length 10 [2020-07-29 01:10:14,706 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:14,706 INFO L479 AbstractCegarLoop]: Abstraction has 75 states and 82 transitions. [2020-07-29 01:10:14,706 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:10:14,707 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 82 transitions. [2020-07-29 01:10:14,707 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:10:14,708 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:14,708 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:14,918 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 mathsat -unsat_core_generation=3 [2020-07-29 01:10:14,919 INFO L427 AbstractCegarLoop]: === Iteration 3 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:14,919 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:14,920 INFO L82 PathProgramCache]: Analyzing trace with hash -1350148850, now seen corresponding path program 1 times [2020-07-29 01:10:14,921 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:14,922 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1739791944] [2020-07-29 01:10:14,922 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 4 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:15,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:15,016 INFO L263 TraceCheckSpWp]: Trace formula consists of 66 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:10:15,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:15,027 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:15,077 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2020-07-29 01:10:15,077 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:15,081 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:15,082 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:15,082 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:11, output treesize:7 [2020-07-29 01:10:15,132 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2020-07-29 01:10:15,133 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:15,137 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:15,137 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:15,137 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:17, output treesize:5 [2020-07-29 01:10:15,142 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:15,142 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, main_~p~0.base, main_~p~0.offset]. (let ((.cse0 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))) (and (= .cse0 |main_#t~mem9|) (= (bvadd .cse0 (_ bv4294967293 32)) (_ bv0 32)))) [2020-07-29 01:10:15,143 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (bvadd |main_#t~mem9| (_ bv4294967293 32)) (_ bv0 32)) [2020-07-29 01:10:15,159 INFO L263 TraceCheckUtils]: 0: Hoare triple {819#true} call ULTIMATE.init(); {819#true} is VALID [2020-07-29 01:10:15,160 INFO L280 TraceCheckUtils]: 1: Hoare triple {819#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {819#true} is VALID [2020-07-29 01:10:15,160 INFO L280 TraceCheckUtils]: 2: Hoare triple {819#true} assume true; {819#true} is VALID [2020-07-29 01:10:15,160 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {819#true} {819#true} #173#return; {819#true} is VALID [2020-07-29 01:10:15,161 INFO L263 TraceCheckUtils]: 4: Hoare triple {819#true} call #t~ret14 := main(); {819#true} is VALID [2020-07-29 01:10:15,161 INFO L280 TraceCheckUtils]: 5: Hoare triple {819#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {819#true} is VALID [2020-07-29 01:10:15,162 INFO L280 TraceCheckUtils]: 6: Hoare triple {819#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {819#true} is VALID [2020-07-29 01:10:15,163 INFO L280 TraceCheckUtils]: 7: Hoare triple {819#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,164 INFO L280 TraceCheckUtils]: 8: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,165 INFO L280 TraceCheckUtils]: 9: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,169 INFO L280 TraceCheckUtils]: 10: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {855#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:15,170 INFO L280 TraceCheckUtils]: 11: Hoare triple {855#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {859#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:15,171 INFO L280 TraceCheckUtils]: 12: Hoare triple {859#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {863#(= (bvadd |main_#t~mem9| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:15,172 INFO L280 TraceCheckUtils]: 13: Hoare triple {863#(= (bvadd |main_#t~mem9| (_ bv4294967293 32)) (_ bv0 32))} assume !!(1bv32 == #t~mem9);havoc #t~mem9; {820#false} is VALID [2020-07-29 01:10:15,172 INFO L280 TraceCheckUtils]: 14: Hoare triple {820#false} SUMMARY for call #t~mem10.base, #t~mem10.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L542 {820#false} is VALID [2020-07-29 01:10:15,172 INFO L280 TraceCheckUtils]: 15: Hoare triple {820#false} ~p~0.base, ~p~0.offset := #t~mem10.base, #t~mem10.offset;havoc #t~mem10.base, #t~mem10.offset; {820#false} is VALID [2020-07-29 01:10:15,173 INFO L280 TraceCheckUtils]: 16: Hoare triple {820#false} assume !(1bv1 == #valid[~p~0.base]); {820#false} is VALID [2020-07-29 01:10:15,174 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:15,174 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:15,264 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 14 [2020-07-29 01:10:15,270 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 2 xjuncts. [2020-07-29 01:10:15,277 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:15,278 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2020-07-29 01:10:15,278 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:18, output treesize:7 [2020-07-29 01:10:15,284 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:15,284 WARN L407 uantifierElimination]: Input elimination task: ∀ [|#memory_int|]. (not (= (_ bv0 32) (bvadd (select (select (store |#memory_int| main_~p~0.base (store (select |#memory_int| main_~p~0.base) main_~p~0.offset (_ bv3 32))) main_~a~0.base) main_~a~0.offset) (_ bv4294967295 32)))) [2020-07-29 01:10:15,284 WARN L408 uantifierElimination]: ElimStorePlain result: ∀ []. (and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset)) [2020-07-29 01:10:15,303 INFO L280 TraceCheckUtils]: 16: Hoare triple {820#false} assume !(1bv1 == #valid[~p~0.base]); {820#false} is VALID [2020-07-29 01:10:15,304 INFO L280 TraceCheckUtils]: 15: Hoare triple {820#false} ~p~0.base, ~p~0.offset := #t~mem10.base, #t~mem10.offset;havoc #t~mem10.base, #t~mem10.offset; {820#false} is VALID [2020-07-29 01:10:15,304 INFO L280 TraceCheckUtils]: 14: Hoare triple {820#false} SUMMARY for call #t~mem10.base, #t~mem10.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L542 {820#false} is VALID [2020-07-29 01:10:15,305 INFO L280 TraceCheckUtils]: 13: Hoare triple {885#(not (= (bvadd |main_#t~mem9| (_ bv4294967295 32)) (_ bv0 32)))} assume !!(1bv32 == #t~mem9);havoc #t~mem9; {820#false} is VALID [2020-07-29 01:10:15,306 INFO L280 TraceCheckUtils]: 12: Hoare triple {889#(not (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) main_~p~0.offset)))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {885#(not (= (bvadd |main_#t~mem9| (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:15,307 INFO L280 TraceCheckUtils]: 11: Hoare triple {893#(not (= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {889#(not (= (_ bv1 32) (select (select |#memory_int| main_~p~0.base) main_~p~0.offset)))} is VALID [2020-07-29 01:10:15,310 INFO L280 TraceCheckUtils]: 10: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {893#(not (= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967295 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:15,311 INFO L280 TraceCheckUtils]: 9: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,312 INFO L280 TraceCheckUtils]: 8: Hoare triple {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,313 INFO L280 TraceCheckUtils]: 7: Hoare triple {819#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {845#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:15,313 INFO L280 TraceCheckUtils]: 6: Hoare triple {819#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {819#true} is VALID [2020-07-29 01:10:15,314 INFO L280 TraceCheckUtils]: 5: Hoare triple {819#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {819#true} is VALID [2020-07-29 01:10:15,314 INFO L263 TraceCheckUtils]: 4: Hoare triple {819#true} call #t~ret14 := main(); {819#true} is VALID [2020-07-29 01:10:15,314 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {819#true} {819#true} #173#return; {819#true} is VALID [2020-07-29 01:10:15,315 INFO L280 TraceCheckUtils]: 2: Hoare triple {819#true} assume true; {819#true} is VALID [2020-07-29 01:10:15,315 INFO L280 TraceCheckUtils]: 1: Hoare triple {819#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {819#true} is VALID [2020-07-29 01:10:15,315 INFO L263 TraceCheckUtils]: 0: Hoare triple {819#true} call ULTIMATE.init(); {819#true} is VALID [2020-07-29 01:10:15,316 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:15,317 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1739791944] [2020-07-29 01:10:15,317 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:15,317 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6, 6] imperfect sequences [] total 9 [2020-07-29 01:10:15,317 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1443449551] [2020-07-29 01:10:15,318 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:10:15,318 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:15,318 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:10:15,347 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:15,347 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:10:15,347 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:15,347 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:10:15,348 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:15,348 INFO L87 Difference]: Start difference. First operand 75 states and 82 transitions. Second operand 9 states. [2020-07-29 01:10:17,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:17,118 INFO L93 Difference]: Finished difference Result 153 states and 160 transitions. [2020-07-29 01:10:17,119 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2020-07-29 01:10:17,119 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:10:17,119 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:17,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:10:17,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 161 transitions. [2020-07-29 01:10:17,124 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:10:17,128 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 161 transitions. [2020-07-29 01:10:17,129 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 161 transitions. [2020-07-29 01:10:17,441 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 161 edges. 161 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:17,448 INFO L225 Difference]: With dead ends: 153 [2020-07-29 01:10:17,449 INFO L226 Difference]: Without dead ends: 153 [2020-07-29 01:10:17,449 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=66, Invalid=144, Unknown=0, NotChecked=0, Total=210 [2020-07-29 01:10:17,450 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2020-07-29 01:10:17,457 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 81. [2020-07-29 01:10:17,457 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:17,457 INFO L82 GeneralOperation]: Start isEquivalent. First operand 153 states. Second operand 81 states. [2020-07-29 01:10:17,457 INFO L74 IsIncluded]: Start isIncluded. First operand 153 states. Second operand 81 states. [2020-07-29 01:10:17,458 INFO L87 Difference]: Start difference. First operand 153 states. Second operand 81 states. [2020-07-29 01:10:17,465 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:17,465 INFO L93 Difference]: Finished difference Result 153 states and 160 transitions. [2020-07-29 01:10:17,466 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 160 transitions. [2020-07-29 01:10:17,467 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:17,467 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:17,468 INFO L74 IsIncluded]: Start isIncluded. First operand 81 states. Second operand 153 states. [2020-07-29 01:10:17,468 INFO L87 Difference]: Start difference. First operand 81 states. Second operand 153 states. [2020-07-29 01:10:17,476 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:17,476 INFO L93 Difference]: Finished difference Result 153 states and 160 transitions. [2020-07-29 01:10:17,477 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 160 transitions. [2020-07-29 01:10:17,478 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:17,478 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:17,478 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:17,478 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:17,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 81 states. [2020-07-29 01:10:17,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 91 transitions. [2020-07-29 01:10:17,483 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 91 transitions. Word has length 17 [2020-07-29 01:10:17,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:17,483 INFO L479 AbstractCegarLoop]: Abstraction has 81 states and 91 transitions. [2020-07-29 01:10:17,483 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:10:17,483 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 91 transitions. [2020-07-29 01:10:17,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:10:17,484 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:17,485 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:17,705 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 mathsat -unsat_core_generation=3 [2020-07-29 01:10:17,706 INFO L427 AbstractCegarLoop]: === Iteration 4 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:17,706 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:17,707 INFO L82 PathProgramCache]: Analyzing trace with hash 1193824230, now seen corresponding path program 1 times [2020-07-29 01:10:17,708 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:17,708 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [950404000] [2020-07-29 01:10:17,709 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 5 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:17,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:17,807 INFO L263 TraceCheckSpWp]: Trace formula consists of 74 conjuncts, 6 conjunts are in the unsatisfiable core [2020-07-29 01:10:17,819 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:17,820 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:17,838 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:17,839 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,842 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:17,843 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,843 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:10:17,846 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:17,847 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_51|]. (= |#valid| (store |v_#valid_51| main_~t~0.base (_ bv1 1))) [2020-07-29 01:10:17,847 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| main_~t~0.base) (_ bv1 1)) [2020-07-29 01:10:17,880 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:17,880 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,888 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:17,890 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,890 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:21, output treesize:13 [2020-07-29 01:10:17,896 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:17,896 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_18|, main_~t~0.base]. (and (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_18| main_~p~0.base (store (select |v_#memory_$Pointer$.base_18| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)) main_~t~0.base))) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))) [2020-07-29 01:10:17,897 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 1) (bvadd (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv1 1))) [2020-07-29 01:10:17,926 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2020-07-29 01:10:17,926 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,929 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:17,930 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:17,930 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:21, output treesize:5 [2020-07-29 01:10:17,934 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:17,935 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, main_~p~0.base, main_~p~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (and (= (_ bv1 1) (select |#valid| .cse0)) (= .cse0 |main_#t~mem5.base|))) [2020-07-29 01:10:17,935 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv1 1) (select |#valid| |main_#t~mem5.base|)) [2020-07-29 01:10:17,971 INFO L263 TraceCheckUtils]: 0: Hoare triple {1481#true} call ULTIMATE.init(); {1481#true} is VALID [2020-07-29 01:10:17,971 INFO L280 TraceCheckUtils]: 1: Hoare triple {1481#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {1481#true} is VALID [2020-07-29 01:10:17,972 INFO L280 TraceCheckUtils]: 2: Hoare triple {1481#true} assume true; {1481#true} is VALID [2020-07-29 01:10:17,972 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1481#true} {1481#true} #173#return; {1481#true} is VALID [2020-07-29 01:10:17,972 INFO L263 TraceCheckUtils]: 4: Hoare triple {1481#true} call #t~ret14 := main(); {1481#true} is VALID [2020-07-29 01:10:17,973 INFO L280 TraceCheckUtils]: 5: Hoare triple {1481#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1481#true} is VALID [2020-07-29 01:10:17,973 INFO L280 TraceCheckUtils]: 6: Hoare triple {1481#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {1481#true} is VALID [2020-07-29 01:10:17,973 INFO L280 TraceCheckUtils]: 7: Hoare triple {1481#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1481#true} is VALID [2020-07-29 01:10:17,974 INFO L280 TraceCheckUtils]: 8: Hoare triple {1481#true} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1481#true} is VALID [2020-07-29 01:10:17,974 INFO L280 TraceCheckUtils]: 9: Hoare triple {1481#true} SUMMARY for call write~intINTTYPE4(1bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L526 {1481#true} is VALID [2020-07-29 01:10:17,976 INFO L280 TraceCheckUtils]: 10: Hoare triple {1481#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:17,976 INFO L280 TraceCheckUtils]: 11: Hoare triple {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:17,978 INFO L280 TraceCheckUtils]: 12: Hoare triple {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L528-3 {1523#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2020-07-29 01:10:17,979 INFO L280 TraceCheckUtils]: 13: Hoare triple {1523#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L529 {1527#(= (_ bv1 1) (select |#valid| |main_#t~mem5.base|))} is VALID [2020-07-29 01:10:17,980 INFO L280 TraceCheckUtils]: 14: Hoare triple {1527#(= (_ bv1 1) (select |#valid| |main_#t~mem5.base|))} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:17,980 INFO L280 TraceCheckUtils]: 15: Hoare triple {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:17,981 INFO L280 TraceCheckUtils]: 16: Hoare triple {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {1482#false} is VALID [2020-07-29 01:10:17,982 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:17,982 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:18,046 INFO L280 TraceCheckUtils]: 16: Hoare triple {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {1482#false} is VALID [2020-07-29 01:10:18,047 INFO L280 TraceCheckUtils]: 15: Hoare triple {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:18,048 INFO L280 TraceCheckUtils]: 14: Hoare triple {1527#(= (_ bv1 1) (select |#valid| |main_#t~mem5.base|))} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {1531#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:18,049 INFO L280 TraceCheckUtils]: 13: Hoare triple {1523#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L529 {1527#(= (_ bv1 1) (select |#valid| |main_#t~mem5.base|))} is VALID [2020-07-29 01:10:18,052 INFO L280 TraceCheckUtils]: 12: Hoare triple {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L528-3 {1523#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2020-07-29 01:10:18,053 INFO L280 TraceCheckUtils]: 11: Hoare triple {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:18,054 INFO L280 TraceCheckUtils]: 10: Hoare triple {1481#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {1516#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:18,055 INFO L280 TraceCheckUtils]: 9: Hoare triple {1481#true} SUMMARY for call write~intINTTYPE4(1bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L526 {1481#true} is VALID [2020-07-29 01:10:18,055 INFO L280 TraceCheckUtils]: 8: Hoare triple {1481#true} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1481#true} is VALID [2020-07-29 01:10:18,055 INFO L280 TraceCheckUtils]: 7: Hoare triple {1481#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1481#true} is VALID [2020-07-29 01:10:18,056 INFO L280 TraceCheckUtils]: 6: Hoare triple {1481#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {1481#true} is VALID [2020-07-29 01:10:18,057 INFO L280 TraceCheckUtils]: 5: Hoare triple {1481#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1481#true} is VALID [2020-07-29 01:10:18,057 INFO L263 TraceCheckUtils]: 4: Hoare triple {1481#true} call #t~ret14 := main(); {1481#true} is VALID [2020-07-29 01:10:18,057 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1481#true} {1481#true} #173#return; {1481#true} is VALID [2020-07-29 01:10:18,058 INFO L280 TraceCheckUtils]: 2: Hoare triple {1481#true} assume true; {1481#true} is VALID [2020-07-29 01:10:18,058 INFO L280 TraceCheckUtils]: 1: Hoare triple {1481#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {1481#true} is VALID [2020-07-29 01:10:18,059 INFO L263 TraceCheckUtils]: 0: Hoare triple {1481#true} call ULTIMATE.init(); {1481#true} is VALID [2020-07-29 01:10:18,060 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:18,060 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [950404000] [2020-07-29 01:10:18,061 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:18,061 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2020-07-29 01:10:18,061 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [193205892] [2020-07-29 01:10:18,062 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 17 [2020-07-29 01:10:18,062 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:18,062 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:10:18,098 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:18,098 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:10:18,098 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:18,099 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:10:18,099 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:10:18,099 INFO L87 Difference]: Start difference. First operand 81 states and 91 transitions. Second operand 6 states. [2020-07-29 01:10:19,404 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:19,404 INFO L93 Difference]: Finished difference Result 105 states and 117 transitions. [2020-07-29 01:10:19,404 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:10:19,404 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 17 [2020-07-29 01:10:19,404 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:19,405 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:19,408 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 94 transitions. [2020-07-29 01:10:19,408 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:19,410 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 94 transitions. [2020-07-29 01:10:19,411 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 94 transitions. [2020-07-29 01:10:19,573 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 94 edges. 94 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:19,577 INFO L225 Difference]: With dead ends: 105 [2020-07-29 01:10:19,577 INFO L226 Difference]: Without dead ends: 105 [2020-07-29 01:10:19,578 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 29 SyntacticMatches, 1 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:19,578 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2020-07-29 01:10:19,584 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 83. [2020-07-29 01:10:19,584 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:19,585 INFO L82 GeneralOperation]: Start isEquivalent. First operand 105 states. Second operand 83 states. [2020-07-29 01:10:19,585 INFO L74 IsIncluded]: Start isIncluded. First operand 105 states. Second operand 83 states. [2020-07-29 01:10:19,585 INFO L87 Difference]: Start difference. First operand 105 states. Second operand 83 states. [2020-07-29 01:10:19,591 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:19,591 INFO L93 Difference]: Finished difference Result 105 states and 117 transitions. [2020-07-29 01:10:19,592 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 117 transitions. [2020-07-29 01:10:19,592 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:19,592 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:19,593 INFO L74 IsIncluded]: Start isIncluded. First operand 83 states. Second operand 105 states. [2020-07-29 01:10:19,593 INFO L87 Difference]: Start difference. First operand 83 states. Second operand 105 states. [2020-07-29 01:10:19,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:19,597 INFO L93 Difference]: Finished difference Result 105 states and 117 transitions. [2020-07-29 01:10:19,598 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 117 transitions. [2020-07-29 01:10:19,598 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:19,598 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:19,599 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:19,599 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:19,599 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 83 states. [2020-07-29 01:10:19,602 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 96 transitions. [2020-07-29 01:10:19,602 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 96 transitions. Word has length 17 [2020-07-29 01:10:19,603 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:19,603 INFO L479 AbstractCegarLoop]: Abstraction has 83 states and 96 transitions. [2020-07-29 01:10:19,603 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:10:19,603 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 96 transitions. [2020-07-29 01:10:19,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:10:19,604 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:19,605 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:19,818 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 mathsat -unsat_core_generation=3 [2020-07-29 01:10:19,819 INFO L427 AbstractCegarLoop]: === Iteration 5 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:19,819 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:19,820 INFO L82 PathProgramCache]: Analyzing trace with hash 1193824231, now seen corresponding path program 1 times [2020-07-29 01:10:19,821 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:19,821 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [922447994] [2020-07-29 01:10:19,822 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 6 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:19,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:19,920 INFO L263 TraceCheckSpWp]: Trace formula consists of 74 conjuncts, 11 conjunts are in the unsatisfiable core [2020-07-29 01:10:19,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:19,938 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:19,957 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:19,958 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:19,963 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:19,964 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:19,964 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:10:19,968 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:19,968 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_37|]. (and (= (_ bv0 32) main_~t~0.offset) (= (store |v_#length_37| main_~t~0.base (_ bv8 32)) |#length|)) [2020-07-29 01:10:19,969 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (select |#length| main_~t~0.base) (_ bv8 32)) (= (_ bv0 32) main_~t~0.offset)) [2020-07-29 01:10:20,009 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:20,009 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,021 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:20,026 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:20,027 INFO L544 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,036 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:20,037 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,038 INFO L244 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:34, output treesize:23 [2020-07-29 01:10:20,105 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:20,105 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_20|, main_~t~0.base, |v_#memory_$Pointer$.offset_19|]. (let ((.cse0 (bvadd main_~p~0.offset (_ bv4 32)))) (and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (store |v_#memory_$Pointer$.offset_19| main_~p~0.base (store (select |v_#memory_$Pointer$.offset_19| main_~p~0.base) .cse0 (_ bv0 32))) |#memory_$Pointer$.offset|) (= (store |v_#memory_$Pointer$.base_20| main_~p~0.base (store (select |v_#memory_$Pointer$.base_20| main_~p~0.base) .cse0 main_~t~0.base)) |#memory_$Pointer$.base|))) [2020-07-29 01:10:20,106 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse0 (bvadd main_~p~0.offset (_ bv4 32)))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) .cse0)) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) .cse0)) (_ bv4294967288 32)) (_ bv0 32)))) [2020-07-29 01:10:20,154 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 11 [2020-07-29 01:10:20,155 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,164 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:20,168 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2020-07-29 01:10:20,169 INFO L544 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,174 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:20,175 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:20,175 INFO L244 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:41, output treesize:11 [2020-07-29 01:10:20,180 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:20,180 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.offset|, main_~p~0.base, main_~p~0.offset, |#memory_$Pointer$.base|]. (let ((.cse2 (bvadd main_~p~0.offset (_ bv4 32)))) (let ((.cse0 (select (select |#memory_$Pointer$.offset| main_~p~0.base) .cse2)) (.cse1 (select (select |#memory_$Pointer$.base| main_~p~0.base) .cse2))) (and (= .cse0 |main_#t~mem5.offset|) (= .cse1 |main_#t~mem5.base|) (= (_ bv0 32) .cse0) (= (bvadd (select |#length| .cse1) (_ bv4294967288 32)) (_ bv0 32))))) [2020-07-29 01:10:20,181 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (bvadd (select |#length| |main_#t~mem5.base|) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) |main_#t~mem5.offset|)) [2020-07-29 01:10:20,225 INFO L263 TraceCheckUtils]: 0: Hoare triple {1993#true} call ULTIMATE.init(); {1993#true} is VALID [2020-07-29 01:10:20,225 INFO L280 TraceCheckUtils]: 1: Hoare triple {1993#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {1993#true} is VALID [2020-07-29 01:10:20,226 INFO L280 TraceCheckUtils]: 2: Hoare triple {1993#true} assume true; {1993#true} is VALID [2020-07-29 01:10:20,226 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1993#true} {1993#true} #173#return; {1993#true} is VALID [2020-07-29 01:10:20,226 INFO L263 TraceCheckUtils]: 4: Hoare triple {1993#true} call #t~ret14 := main(); {1993#true} is VALID [2020-07-29 01:10:20,226 INFO L280 TraceCheckUtils]: 5: Hoare triple {1993#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1993#true} is VALID [2020-07-29 01:10:20,226 INFO L280 TraceCheckUtils]: 6: Hoare triple {1993#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {1993#true} is VALID [2020-07-29 01:10:20,227 INFO L280 TraceCheckUtils]: 7: Hoare triple {1993#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1993#true} is VALID [2020-07-29 01:10:20,227 INFO L280 TraceCheckUtils]: 8: Hoare triple {1993#true} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1993#true} is VALID [2020-07-29 01:10:20,227 INFO L280 TraceCheckUtils]: 9: Hoare triple {1993#true} SUMMARY for call write~intINTTYPE4(1bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L526 {1993#true} is VALID [2020-07-29 01:10:20,228 INFO L280 TraceCheckUtils]: 10: Hoare triple {1993#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {2028#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} is VALID [2020-07-29 01:10:20,229 INFO L280 TraceCheckUtils]: 11: Hoare triple {2028#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {2028#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} is VALID [2020-07-29 01:10:20,233 INFO L280 TraceCheckUtils]: 12: Hoare triple {2028#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L528-3 {2035#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967288 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:20,240 INFO L280 TraceCheckUtils]: 13: Hoare triple {2035#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967288 32)) (_ bv0 32)))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L529 {2039#(and (= (bvadd (select |#length| |main_#t~mem5.base|) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) |main_#t~mem5.offset|))} is VALID [2020-07-29 01:10:20,241 INFO L280 TraceCheckUtils]: 14: Hoare triple {2039#(and (= (bvadd (select |#length| |main_#t~mem5.base|) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) |main_#t~mem5.offset|))} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2043#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:20,242 INFO L280 TraceCheckUtils]: 15: Hoare triple {2043#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {2043#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:20,243 INFO L280 TraceCheckUtils]: 16: Hoare triple {2043#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {1994#false} is VALID [2020-07-29 01:10:20,244 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:20,244 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:20,685 INFO L280 TraceCheckUtils]: 16: Hoare triple {2050#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {1994#false} is VALID [2020-07-29 01:10:20,686 INFO L280 TraceCheckUtils]: 15: Hoare triple {2050#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {2050#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:20,687 INFO L280 TraceCheckUtils]: 14: Hoare triple {2057#(and (bvule |main_#t~mem5.offset| (bvadd |main_#t~mem5.offset| (_ bv4 32))) (bvule (bvadd |main_#t~mem5.offset| (_ bv4 32)) (select |#length| |main_#t~mem5.base|)))} ~p~0.base, ~p~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2050#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:20,691 INFO L280 TraceCheckUtils]: 13: Hoare triple {2061#(and (bvule (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)) (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (bvule (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L529 {2057#(and (bvule |main_#t~mem5.offset| (bvadd |main_#t~mem5.offset| (_ bv4 32))) (bvule (bvadd |main_#t~mem5.offset| (_ bv4 32)) (select |#length| |main_#t~mem5.base|)))} is VALID [2020-07-29 01:10:20,731 INFO L280 TraceCheckUtils]: 12: Hoare triple {2065#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L528-3 {2061#(and (bvule (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)) (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (bvule (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))} is VALID [2020-07-29 01:10:20,737 INFO L280 TraceCheckUtils]: 11: Hoare triple {2065#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {2065#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} is VALID [2020-07-29 01:10:20,739 INFO L280 TraceCheckUtils]: 10: Hoare triple {1993#true} call #t~malloc4.base, #t~malloc4.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc4.base, #t~malloc4.offset; {2065#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} is VALID [2020-07-29 01:10:20,740 INFO L280 TraceCheckUtils]: 9: Hoare triple {1993#true} SUMMARY for call write~intINTTYPE4(1bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L526 {1993#true} is VALID [2020-07-29 01:10:20,740 INFO L280 TraceCheckUtils]: 8: Hoare triple {1993#true} assume !!(0bv32 != #t~nondet3);havoc #t~nondet3; {1993#true} is VALID [2020-07-29 01:10:20,740 INFO L280 TraceCheckUtils]: 7: Hoare triple {1993#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {1993#true} is VALID [2020-07-29 01:10:20,740 INFO L280 TraceCheckUtils]: 6: Hoare triple {1993#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {1993#true} is VALID [2020-07-29 01:10:20,740 INFO L280 TraceCheckUtils]: 5: Hoare triple {1993#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {1993#true} is VALID [2020-07-29 01:10:20,740 INFO L263 TraceCheckUtils]: 4: Hoare triple {1993#true} call #t~ret14 := main(); {1993#true} is VALID [2020-07-29 01:10:20,741 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1993#true} {1993#true} #173#return; {1993#true} is VALID [2020-07-29 01:10:20,741 INFO L280 TraceCheckUtils]: 2: Hoare triple {1993#true} assume true; {1993#true} is VALID [2020-07-29 01:10:20,741 INFO L280 TraceCheckUtils]: 1: Hoare triple {1993#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {1993#true} is VALID [2020-07-29 01:10:20,741 INFO L263 TraceCheckUtils]: 0: Hoare triple {1993#true} call ULTIMATE.init(); {1993#true} is VALID [2020-07-29 01:10:20,742 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:20,742 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [922447994] [2020-07-29 01:10:20,742 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:20,742 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 9 [2020-07-29 01:10:20,743 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1771372850] [2020-07-29 01:10:20,743 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 17 [2020-07-29 01:10:20,743 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:20,743 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:10:20,814 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:20,814 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:10:20,814 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:20,814 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:10:20,815 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:10:20,815 INFO L87 Difference]: Start difference. First operand 83 states and 96 transitions. Second operand 10 states. [2020-07-29 01:10:24,689 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:24,689 INFO L93 Difference]: Finished difference Result 107 states and 119 transitions. [2020-07-29 01:10:24,689 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:10:24,690 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 17 [2020-07-29 01:10:24,690 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:24,690 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:10:24,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 103 transitions. [2020-07-29 01:10:24,693 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:10:24,696 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 103 transitions. [2020-07-29 01:10:24,696 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 103 transitions. [2020-07-29 01:10:24,929 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 103 edges. 103 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:24,932 INFO L225 Difference]: With dead ends: 107 [2020-07-29 01:10:24,932 INFO L226 Difference]: Without dead ends: 107 [2020-07-29 01:10:24,933 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=74, Invalid=166, Unknown=0, NotChecked=0, Total=240 [2020-07-29 01:10:24,934 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2020-07-29 01:10:24,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 79. [2020-07-29 01:10:24,939 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:24,939 INFO L82 GeneralOperation]: Start isEquivalent. First operand 107 states. Second operand 79 states. [2020-07-29 01:10:24,939 INFO L74 IsIncluded]: Start isIncluded. First operand 107 states. Second operand 79 states. [2020-07-29 01:10:24,939 INFO L87 Difference]: Start difference. First operand 107 states. Second operand 79 states. [2020-07-29 01:10:24,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:24,943 INFO L93 Difference]: Finished difference Result 107 states and 119 transitions. [2020-07-29 01:10:24,944 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 119 transitions. [2020-07-29 01:10:24,944 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:24,944 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:24,945 INFO L74 IsIncluded]: Start isIncluded. First operand 79 states. Second operand 107 states. [2020-07-29 01:10:24,945 INFO L87 Difference]: Start difference. First operand 79 states. Second operand 107 states. [2020-07-29 01:10:24,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:24,949 INFO L93 Difference]: Finished difference Result 107 states and 119 transitions. [2020-07-29 01:10:24,949 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 119 transitions. [2020-07-29 01:10:24,950 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:24,950 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:24,950 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:24,950 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:24,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 79 states. [2020-07-29 01:10:24,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 90 transitions. [2020-07-29 01:10:24,953 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 90 transitions. Word has length 17 [2020-07-29 01:10:24,954 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:24,954 INFO L479 AbstractCegarLoop]: Abstraction has 79 states and 90 transitions. [2020-07-29 01:10:24,954 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:10:24,954 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 90 transitions. [2020-07-29 01:10:24,955 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2020-07-29 01:10:24,955 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:24,955 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:25,166 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 mathsat -unsat_core_generation=3 [2020-07-29 01:10:25,167 INFO L427 AbstractCegarLoop]: === Iteration 6 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:25,168 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:25,168 INFO L82 PathProgramCache]: Analyzing trace with hash 1776718273, now seen corresponding path program 1 times [2020-07-29 01:10:25,169 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:25,169 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [590575152] [2020-07-29 01:10:25,169 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 7 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:25,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:25,267 INFO L263 TraceCheckSpWp]: Trace formula consists of 75 conjuncts, 6 conjunts are in the unsatisfiable core [2020-07-29 01:10:25,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:25,279 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:25,301 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:25,301 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,304 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:25,305 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,305 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:10:25,308 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:25,309 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_60|]. (= |#valid| (store |v_#valid_60| main_~t~0.base (_ bv1 1))) [2020-07-29 01:10:25,309 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| main_~t~0.base) (_ bv1 1)) [2020-07-29 01:10:25,334 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:25,335 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,344 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:25,345 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,345 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:21, output treesize:13 [2020-07-29 01:10:25,351 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:25,351 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_22|, main_~t~0.base]. (and (= (store |v_#memory_$Pointer$.base_22| main_~p~0.base (store (select |v_#memory_$Pointer$.base_22| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)) main_~t~0.base)) |#memory_$Pointer$.base|) (= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))) [2020-07-29 01:10:25,351 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 1) (bvadd (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv1 1))) [2020-07-29 01:10:25,383 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2020-07-29 01:10:25,384 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,386 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:25,387 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:25,387 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:21, output treesize:5 [2020-07-29 01:10:25,392 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:25,392 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, main_~p~0.base, main_~p~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (and (= .cse0 |main_#t~mem8.base|) (= (_ bv1 1) (select |#valid| .cse0)))) [2020-07-29 01:10:25,392 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| |main_#t~mem8.base|) (_ bv1 1)) [2020-07-29 01:10:25,418 INFO L263 TraceCheckUtils]: 0: Hoare triple {2517#true} call ULTIMATE.init(); {2517#true} is VALID [2020-07-29 01:10:25,418 INFO L280 TraceCheckUtils]: 1: Hoare triple {2517#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {2517#true} is VALID [2020-07-29 01:10:25,419 INFO L280 TraceCheckUtils]: 2: Hoare triple {2517#true} assume true; {2517#true} is VALID [2020-07-29 01:10:25,419 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2517#true} {2517#true} #173#return; {2517#true} is VALID [2020-07-29 01:10:25,419 INFO L263 TraceCheckUtils]: 4: Hoare triple {2517#true} call #t~ret14 := main(); {2517#true} is VALID [2020-07-29 01:10:25,420 INFO L280 TraceCheckUtils]: 5: Hoare triple {2517#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {2517#true} is VALID [2020-07-29 01:10:25,420 INFO L280 TraceCheckUtils]: 6: Hoare triple {2517#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {2517#true} is VALID [2020-07-29 01:10:25,420 INFO L280 TraceCheckUtils]: 7: Hoare triple {2517#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2517#true} is VALID [2020-07-29 01:10:25,421 INFO L280 TraceCheckUtils]: 8: Hoare triple {2517#true} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {2517#true} is VALID [2020-07-29 01:10:25,421 INFO L280 TraceCheckUtils]: 9: Hoare triple {2517#true} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {2517#true} is VALID [2020-07-29 01:10:25,421 INFO L280 TraceCheckUtils]: 10: Hoare triple {2517#true} SUMMARY for call write~intINTTYPE4(2bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L533 {2517#true} is VALID [2020-07-29 01:10:25,423 INFO L280 TraceCheckUtils]: 11: Hoare triple {2517#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,423 INFO L280 TraceCheckUtils]: 12: Hoare triple {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,426 INFO L280 TraceCheckUtils]: 13: Hoare triple {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L535-3 {2562#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2020-07-29 01:10:25,427 INFO L280 TraceCheckUtils]: 14: Hoare triple {2562#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L536 {2566#(= (bvadd (select |#valid| |main_#t~mem8.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,428 INFO L280 TraceCheckUtils]: 15: Hoare triple {2566#(= (bvadd (select |#valid| |main_#t~mem8.base|) (_ bv1 1)) (_ bv0 1))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:25,429 INFO L280 TraceCheckUtils]: 16: Hoare triple {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:25,429 INFO L280 TraceCheckUtils]: 17: Hoare triple {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {2518#false} is VALID [2020-07-29 01:10:25,431 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:25,431 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:25,468 INFO L280 TraceCheckUtils]: 17: Hoare triple {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !(1bv1 == #valid[~p~0.base]); {2518#false} is VALID [2020-07-29 01:10:25,469 INFO L280 TraceCheckUtils]: 16: Hoare triple {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:25,471 INFO L280 TraceCheckUtils]: 15: Hoare triple {2566#(= (bvadd (select |#valid| |main_#t~mem8.base|) (_ bv1 1)) (_ bv0 1))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {2570#(= (_ bv1 1) (select |#valid| main_~p~0.base))} is VALID [2020-07-29 01:10:25,472 INFO L280 TraceCheckUtils]: 14: Hoare triple {2562#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L536 {2566#(= (bvadd (select |#valid| |main_#t~mem8.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,475 INFO L280 TraceCheckUtils]: 13: Hoare triple {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L535-3 {2562#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))))} is VALID [2020-07-29 01:10:25,476 INFO L280 TraceCheckUtils]: 12: Hoare triple {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,479 INFO L280 TraceCheckUtils]: 11: Hoare triple {2517#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {2555#(= (bvadd (select |#valid| main_~t~0.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:10:25,479 INFO L280 TraceCheckUtils]: 10: Hoare triple {2517#true} SUMMARY for call write~intINTTYPE4(2bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L533 {2517#true} is VALID [2020-07-29 01:10:25,479 INFO L280 TraceCheckUtils]: 9: Hoare triple {2517#true} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {2517#true} is VALID [2020-07-29 01:10:25,479 INFO L280 TraceCheckUtils]: 8: Hoare triple {2517#true} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {2517#true} is VALID [2020-07-29 01:10:25,480 INFO L280 TraceCheckUtils]: 7: Hoare triple {2517#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {2517#true} is VALID [2020-07-29 01:10:25,480 INFO L280 TraceCheckUtils]: 6: Hoare triple {2517#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {2517#true} is VALID [2020-07-29 01:10:25,480 INFO L280 TraceCheckUtils]: 5: Hoare triple {2517#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {2517#true} is VALID [2020-07-29 01:10:25,480 INFO L263 TraceCheckUtils]: 4: Hoare triple {2517#true} call #t~ret14 := main(); {2517#true} is VALID [2020-07-29 01:10:25,481 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2517#true} {2517#true} #173#return; {2517#true} is VALID [2020-07-29 01:10:25,481 INFO L280 TraceCheckUtils]: 2: Hoare triple {2517#true} assume true; {2517#true} is VALID [2020-07-29 01:10:25,482 INFO L280 TraceCheckUtils]: 1: Hoare triple {2517#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {2517#true} is VALID [2020-07-29 01:10:25,482 INFO L263 TraceCheckUtils]: 0: Hoare triple {2517#true} call ULTIMATE.init(); {2517#true} is VALID [2020-07-29 01:10:25,483 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:25,483 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [590575152] [2020-07-29 01:10:25,484 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:25,484 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2020-07-29 01:10:25,484 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1172877523] [2020-07-29 01:10:25,484 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 18 [2020-07-29 01:10:25,485 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:25,485 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:10:25,519 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:25,519 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:10:25,520 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:25,520 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:10:25,520 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:10:25,520 INFO L87 Difference]: Start difference. First operand 79 states and 90 transitions. Second operand 6 states. [2020-07-29 01:10:26,525 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:26,525 INFO L93 Difference]: Finished difference Result 99 states and 110 transitions. [2020-07-29 01:10:26,525 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:10:26,526 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 18 [2020-07-29 01:10:26,526 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:26,526 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:26,528 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 86 transitions. [2020-07-29 01:10:26,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:26,530 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 86 transitions. [2020-07-29 01:10:26,531 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 86 transitions. [2020-07-29 01:10:26,668 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 86 edges. 86 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:26,670 INFO L225 Difference]: With dead ends: 99 [2020-07-29 01:10:26,670 INFO L226 Difference]: Without dead ends: 99 [2020-07-29 01:10:26,672 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:26,672 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2020-07-29 01:10:26,676 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 77. [2020-07-29 01:10:26,677 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:26,677 INFO L82 GeneralOperation]: Start isEquivalent. First operand 99 states. Second operand 77 states. [2020-07-29 01:10:26,677 INFO L74 IsIncluded]: Start isIncluded. First operand 99 states. Second operand 77 states. [2020-07-29 01:10:26,677 INFO L87 Difference]: Start difference. First operand 99 states. Second operand 77 states. [2020-07-29 01:10:26,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:26,681 INFO L93 Difference]: Finished difference Result 99 states and 110 transitions. [2020-07-29 01:10:26,681 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 110 transitions. [2020-07-29 01:10:26,682 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:26,682 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:26,682 INFO L74 IsIncluded]: Start isIncluded. First operand 77 states. Second operand 99 states. [2020-07-29 01:10:26,682 INFO L87 Difference]: Start difference. First operand 77 states. Second operand 99 states. [2020-07-29 01:10:26,686 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:26,686 INFO L93 Difference]: Finished difference Result 99 states and 110 transitions. [2020-07-29 01:10:26,686 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 110 transitions. [2020-07-29 01:10:26,687 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:26,687 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:26,687 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:26,687 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:26,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 77 states. [2020-07-29 01:10:26,690 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 87 transitions. [2020-07-29 01:10:26,691 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 87 transitions. Word has length 18 [2020-07-29 01:10:26,691 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:26,691 INFO L479 AbstractCegarLoop]: Abstraction has 77 states and 87 transitions. [2020-07-29 01:10:26,691 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:10:26,691 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 87 transitions. [2020-07-29 01:10:26,692 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2020-07-29 01:10:26,692 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:26,692 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:26,904 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 mathsat -unsat_core_generation=3 [2020-07-29 01:10:26,904 INFO L427 AbstractCegarLoop]: === Iteration 7 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:26,905 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:26,905 INFO L82 PathProgramCache]: Analyzing trace with hash 1776718274, now seen corresponding path program 1 times [2020-07-29 01:10:26,906 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:26,906 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1108853160] [2020-07-29 01:10:26,907 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 8 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:27,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:27,005 INFO L263 TraceCheckSpWp]: Trace formula consists of 75 conjuncts, 11 conjunts are in the unsatisfiable core [2020-07-29 01:10:27,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:27,030 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:27,061 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:10:27,062 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,079 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:27,079 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,080 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:10:27,086 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:27,086 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_40|]. (and (= (store |v_#length_40| main_~t~0.base (_ bv8 32)) |#length|) (= (_ bv0 32) main_~t~0.offset)) [2020-07-29 01:10:27,087 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (select |#length| main_~t~0.base) (_ bv8 32)) (= (_ bv0 32) main_~t~0.offset)) [2020-07-29 01:10:27,125 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:27,126 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,141 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:27,146 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2020-07-29 01:10:27,147 INFO L544 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,156 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:27,157 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,157 INFO L244 ElimStorePlain]: Needed 3 recursive calls to eliminate 3 variables, input treesize:34, output treesize:23 [2020-07-29 01:10:27,196 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:27,196 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_24|, main_~t~0.base, |v_#memory_$Pointer$.offset_22|]. (let ((.cse0 (bvadd main_~p~0.offset (_ bv4 32)))) (and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (store |v_#memory_$Pointer$.offset_22| main_~p~0.base (store (select |v_#memory_$Pointer$.offset_22| main_~p~0.base) .cse0 (_ bv0 32))) |#memory_$Pointer$.offset|) (= (store |v_#memory_$Pointer$.base_24| main_~p~0.base (store (select |v_#memory_$Pointer$.base_24| main_~p~0.base) .cse0 main_~t~0.base)) |#memory_$Pointer$.base|))) [2020-07-29 01:10:27,196 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse0 (bvadd main_~p~0.offset (_ bv4 32)))) (and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) .cse0)) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) .cse0)) (_ bv4294967288 32)) (_ bv0 32)))) [2020-07-29 01:10:27,233 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 11 [2020-07-29 01:10:27,234 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,244 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:27,248 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2020-07-29 01:10:27,249 INFO L544 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,254 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:27,255 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:27,255 INFO L244 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:41, output treesize:11 [2020-07-29 01:10:27,261 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:27,261 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, main_~p~0.base, main_~p~0.offset, |#memory_$Pointer$.offset|]. (let ((.cse2 (bvadd main_~p~0.offset (_ bv4 32)))) (let ((.cse1 (select (select |#memory_$Pointer$.offset| main_~p~0.base) .cse2)) (.cse0 (select (select |#memory_$Pointer$.base| main_~p~0.base) .cse2))) (and (= .cse0 |main_#t~mem8.base|) (= (_ bv0 32) .cse1) (= |main_#t~mem8.offset| .cse1) (= (bvadd (select |#length| .cse0) (_ bv4294967288 32)) (_ bv0 32))))) [2020-07-29 01:10:27,261 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= |main_#t~mem8.offset| (_ bv0 32)) (= (_ bv0 32) (bvadd (select |#length| |main_#t~mem8.base|) (_ bv4294967288 32)))) [2020-07-29 01:10:27,297 INFO L263 TraceCheckUtils]: 0: Hoare triple {3011#true} call ULTIMATE.init(); {3011#true} is VALID [2020-07-29 01:10:27,297 INFO L280 TraceCheckUtils]: 1: Hoare triple {3011#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {3011#true} is VALID [2020-07-29 01:10:27,297 INFO L280 TraceCheckUtils]: 2: Hoare triple {3011#true} assume true; {3011#true} is VALID [2020-07-29 01:10:27,298 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3011#true} {3011#true} #173#return; {3011#true} is VALID [2020-07-29 01:10:27,298 INFO L263 TraceCheckUtils]: 4: Hoare triple {3011#true} call #t~ret14 := main(); {3011#true} is VALID [2020-07-29 01:10:27,298 INFO L280 TraceCheckUtils]: 5: Hoare triple {3011#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3011#true} is VALID [2020-07-29 01:10:27,299 INFO L280 TraceCheckUtils]: 6: Hoare triple {3011#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {3011#true} is VALID [2020-07-29 01:10:27,299 INFO L280 TraceCheckUtils]: 7: Hoare triple {3011#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3011#true} is VALID [2020-07-29 01:10:27,299 INFO L280 TraceCheckUtils]: 8: Hoare triple {3011#true} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {3011#true} is VALID [2020-07-29 01:10:27,299 INFO L280 TraceCheckUtils]: 9: Hoare triple {3011#true} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {3011#true} is VALID [2020-07-29 01:10:27,299 INFO L280 TraceCheckUtils]: 10: Hoare triple {3011#true} SUMMARY for call write~intINTTYPE4(2bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L533 {3011#true} is VALID [2020-07-29 01:10:27,301 INFO L280 TraceCheckUtils]: 11: Hoare triple {3011#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {3049#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} is VALID [2020-07-29 01:10:27,301 INFO L280 TraceCheckUtils]: 12: Hoare triple {3049#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {3049#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} is VALID [2020-07-29 01:10:27,304 INFO L280 TraceCheckUtils]: 13: Hoare triple {3049#(and (= (bvadd (select |#length| main_~t~0.base) (_ bv4294967288 32)) (_ bv0 32)) (= (_ bv0 32) main_~t~0.offset))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L535-3 {3056#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967288 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:27,305 INFO L280 TraceCheckUtils]: 14: Hoare triple {3056#(and (= (_ bv0 32) (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (= (bvadd (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32)))) (_ bv4294967288 32)) (_ bv0 32)))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L536 {3060#(and (= |main_#t~mem8.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |main_#t~mem8.base|)))} is VALID [2020-07-29 01:10:27,306 INFO L280 TraceCheckUtils]: 15: Hoare triple {3060#(and (= |main_#t~mem8.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |main_#t~mem8.base|)))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {3064#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:27,307 INFO L280 TraceCheckUtils]: 16: Hoare triple {3064#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {3064#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} is VALID [2020-07-29 01:10:27,308 INFO L280 TraceCheckUtils]: 17: Hoare triple {3064#(and (= (_ bv0 32) main_~p~0.offset) (= (_ bv8 32) (select |#length| main_~p~0.base)))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {3012#false} is VALID [2020-07-29 01:10:27,309 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:27,310 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:27,739 INFO L280 TraceCheckUtils]: 17: Hoare triple {3071#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !((~bvule32(~bvadd32(4bv32, ~p~0.offset), #length[~p~0.base]) && ~bvule32(~p~0.offset, ~bvadd32(4bv32, ~p~0.offset))) && ~bvule32(0bv32, ~p~0.offset)); {3012#false} is VALID [2020-07-29 01:10:27,740 INFO L280 TraceCheckUtils]: 16: Hoare triple {3071#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {3071#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:27,740 INFO L280 TraceCheckUtils]: 15: Hoare triple {3078#(and (bvule (bvadd |main_#t~mem8.offset| (_ bv4 32)) (select |#length| |main_#t~mem8.base|)) (bvule |main_#t~mem8.offset| (bvadd |main_#t~mem8.offset| (_ bv4 32))))} ~p~0.base, ~p~0.offset := #t~mem8.base, #t~mem8.offset;havoc #t~mem8.base, #t~mem8.offset; {3071#(and (bvule (bvadd main_~p~0.offset (_ bv4 32)) (select |#length| main_~p~0.base)) (bvule main_~p~0.offset (bvadd main_~p~0.offset (_ bv4 32))))} is VALID [2020-07-29 01:10:27,764 INFO L280 TraceCheckUtils]: 14: Hoare triple {3082#(and (bvule (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)) (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (bvule (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))} SUMMARY for call #t~mem8.base, #t~mem8.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L536 {3078#(and (bvule (bvadd |main_#t~mem8.offset| (_ bv4 32)) (select |#length| |main_#t~mem8.base|)) (bvule |main_#t~mem8.offset| (bvadd |main_#t~mem8.offset| (_ bv4 32))))} is VALID [2020-07-29 01:10:27,788 INFO L280 TraceCheckUtils]: 13: Hoare triple {3086#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} SUMMARY for call write~$Pointer$(~t~0.base, ~t~0.offset, ~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L535-3 {3082#(and (bvule (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32)) (select |#length| (select (select |#memory_$Pointer$.base| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))))) (bvule (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (bvadd (select (select |#memory_$Pointer$.offset| main_~p~0.base) (bvadd main_~p~0.offset (_ bv4 32))) (_ bv4 32))))} is VALID [2020-07-29 01:10:27,788 INFO L280 TraceCheckUtils]: 12: Hoare triple {3086#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} assume !(~t~0.base == 0bv32 && ~t~0.offset == 0bv32); {3086#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} is VALID [2020-07-29 01:10:27,790 INFO L280 TraceCheckUtils]: 11: Hoare triple {3011#true} call #t~malloc7.base, #t~malloc7.offset := #Ultimate.allocOnHeap(8bv32);~t~0.base, ~t~0.offset := #t~malloc7.base, #t~malloc7.offset; {3086#(and (bvule main_~t~0.offset (bvadd main_~t~0.offset (_ bv4 32))) (bvule (bvadd main_~t~0.offset (_ bv4 32)) (select |#length| main_~t~0.base)))} is VALID [2020-07-29 01:10:27,791 INFO L280 TraceCheckUtils]: 10: Hoare triple {3011#true} SUMMARY for call write~intINTTYPE4(2bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L533 {3011#true} is VALID [2020-07-29 01:10:27,791 INFO L280 TraceCheckUtils]: 9: Hoare triple {3011#true} assume !!(0bv32 != #t~nondet6);havoc #t~nondet6; {3011#true} is VALID [2020-07-29 01:10:27,791 INFO L280 TraceCheckUtils]: 8: Hoare triple {3011#true} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {3011#true} is VALID [2020-07-29 01:10:27,791 INFO L280 TraceCheckUtils]: 7: Hoare triple {3011#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3011#true} is VALID [2020-07-29 01:10:27,791 INFO L280 TraceCheckUtils]: 6: Hoare triple {3011#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {3011#true} is VALID [2020-07-29 01:10:27,792 INFO L280 TraceCheckUtils]: 5: Hoare triple {3011#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3011#true} is VALID [2020-07-29 01:10:27,792 INFO L263 TraceCheckUtils]: 4: Hoare triple {3011#true} call #t~ret14 := main(); {3011#true} is VALID [2020-07-29 01:10:27,792 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3011#true} {3011#true} #173#return; {3011#true} is VALID [2020-07-29 01:10:27,792 INFO L280 TraceCheckUtils]: 2: Hoare triple {3011#true} assume true; {3011#true} is VALID [2020-07-29 01:10:27,792 INFO L280 TraceCheckUtils]: 1: Hoare triple {3011#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {3011#true} is VALID [2020-07-29 01:10:27,793 INFO L263 TraceCheckUtils]: 0: Hoare triple {3011#true} call ULTIMATE.init(); {3011#true} is VALID [2020-07-29 01:10:27,794 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:27,794 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1108853160] [2020-07-29 01:10:27,795 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:27,795 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 9 [2020-07-29 01:10:27,795 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1258677482] [2020-07-29 01:10:27,795 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 18 [2020-07-29 01:10:27,796 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:27,796 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:10:27,863 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:27,863 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:10:27,863 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:27,864 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:10:27,864 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:10:27,864 INFO L87 Difference]: Start difference. First operand 77 states and 87 transitions. Second operand 10 states. [2020-07-29 01:10:31,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:31,416 INFO L93 Difference]: Finished difference Result 97 states and 107 transitions. [2020-07-29 01:10:31,416 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:10:31,416 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 18 [2020-07-29 01:10:31,417 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:31,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:10:31,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 90 transitions. [2020-07-29 01:10:31,420 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:10:31,422 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 90 transitions. [2020-07-29 01:10:31,422 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 90 transitions. [2020-07-29 01:10:31,628 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 90 edges. 90 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:31,630 INFO L225 Difference]: With dead ends: 97 [2020-07-29 01:10:31,630 INFO L226 Difference]: Without dead ends: 97 [2020-07-29 01:10:31,630 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=74, Invalid=166, Unknown=0, NotChecked=0, Total=240 [2020-07-29 01:10:31,631 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2020-07-29 01:10:31,635 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 65. [2020-07-29 01:10:31,635 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:31,636 INFO L82 GeneralOperation]: Start isEquivalent. First operand 97 states. Second operand 65 states. [2020-07-29 01:10:31,636 INFO L74 IsIncluded]: Start isIncluded. First operand 97 states. Second operand 65 states. [2020-07-29 01:10:31,636 INFO L87 Difference]: Start difference. First operand 97 states. Second operand 65 states. [2020-07-29 01:10:31,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:31,639 INFO L93 Difference]: Finished difference Result 97 states and 107 transitions. [2020-07-29 01:10:31,640 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 107 transitions. [2020-07-29 01:10:31,640 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:31,640 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:31,641 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 97 states. [2020-07-29 01:10:31,641 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 97 states. [2020-07-29 01:10:31,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:31,644 INFO L93 Difference]: Finished difference Result 97 states and 107 transitions. [2020-07-29 01:10:31,644 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 107 transitions. [2020-07-29 01:10:31,644 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:31,645 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:31,645 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:31,645 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:31,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2020-07-29 01:10:31,647 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 73 transitions. [2020-07-29 01:10:31,648 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 73 transitions. Word has length 18 [2020-07-29 01:10:31,648 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:31,648 INFO L479 AbstractCegarLoop]: Abstraction has 65 states and 73 transitions. [2020-07-29 01:10:31,648 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:10:31,648 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 73 transitions. [2020-07-29 01:10:31,649 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2020-07-29 01:10:31,649 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:31,649 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:31,860 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 mathsat -unsat_core_generation=3 [2020-07-29 01:10:31,861 INFO L427 AbstractCegarLoop]: === Iteration 8 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:31,862 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:31,862 INFO L82 PathProgramCache]: Analyzing trace with hash -460551536, now seen corresponding path program 1 times [2020-07-29 01:10:31,862 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:31,863 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2046011221] [2020-07-29 01:10:31,863 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 9 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:31,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:31,948 INFO L263 TraceCheckSpWp]: Trace formula consists of 70 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:10:31,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:31,959 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:31,992 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2020-07-29 01:10:31,992 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:31,995 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:31,996 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:31,996 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:11, output treesize:7 [2020-07-29 01:10:32,039 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2020-07-29 01:10:32,040 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:32,044 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:32,045 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:32,045 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:17, output treesize:5 [2020-07-29 01:10:32,049 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:32,049 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, main_~p~0.base, main_~p~0.offset]. (let ((.cse0 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))) (and (= .cse0 |main_#t~mem13|) (= (bvadd .cse0 (_ bv4294967293 32)) (_ bv0 32)))) [2020-07-29 01:10:32,049 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 32) (bvadd |main_#t~mem13| (_ bv4294967293 32))) [2020-07-29 01:10:32,065 INFO L263 TraceCheckUtils]: 0: Hoare triple {3498#true} call ULTIMATE.init(); {3498#true} is VALID [2020-07-29 01:10:32,065 INFO L280 TraceCheckUtils]: 1: Hoare triple {3498#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {3498#true} is VALID [2020-07-29 01:10:32,066 INFO L280 TraceCheckUtils]: 2: Hoare triple {3498#true} assume true; {3498#true} is VALID [2020-07-29 01:10:32,066 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3498#true} {3498#true} #173#return; {3498#true} is VALID [2020-07-29 01:10:32,066 INFO L263 TraceCheckUtils]: 4: Hoare triple {3498#true} call #t~ret14 := main(); {3498#true} is VALID [2020-07-29 01:10:32,067 INFO L280 TraceCheckUtils]: 5: Hoare triple {3498#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3498#true} is VALID [2020-07-29 01:10:32,067 INFO L280 TraceCheckUtils]: 6: Hoare triple {3498#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {3498#true} is VALID [2020-07-29 01:10:32,068 INFO L280 TraceCheckUtils]: 7: Hoare triple {3498#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,068 INFO L280 TraceCheckUtils]: 8: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,069 INFO L280 TraceCheckUtils]: 9: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,071 INFO L280 TraceCheckUtils]: 10: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {3534#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,071 INFO L280 TraceCheckUtils]: 11: Hoare triple {3534#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,072 INFO L280 TraceCheckUtils]: 12: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,072 INFO L280 TraceCheckUtils]: 13: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} assume !(1bv32 == #t~mem9);havoc #t~mem9; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,073 INFO L280 TraceCheckUtils]: 14: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem11 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-2 {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,073 INFO L280 TraceCheckUtils]: 15: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} assume !(2bv32 == #t~mem11);havoc #t~mem11; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,074 INFO L280 TraceCheckUtils]: 16: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem13 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-3 {3554#(= (_ bv3 32) |main_#t~mem13|)} is VALID [2020-07-29 01:10:32,074 INFO L280 TraceCheckUtils]: 17: Hoare triple {3554#(= (_ bv3 32) |main_#t~mem13|)} assume 3bv32 != #t~mem13;havoc #t~mem13; {3499#false} is VALID [2020-07-29 01:10:32,075 INFO L280 TraceCheckUtils]: 18: Hoare triple {3499#false} assume !false; {3499#false} is VALID [2020-07-29 01:10:32,075 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:32,075 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:32,105 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 23 [2020-07-29 01:10:32,122 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 2 xjuncts. [2020-07-29 01:10:32,128 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:32,128 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2020-07-29 01:10:32,128 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:17, output treesize:7 [2020-07-29 01:10:32,133 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:32,133 WARN L407 uantifierElimination]: Input elimination task: ∀ [|#memory_int|]. (= (_ bv0 32) (bvadd (select (select (store |#memory_int| main_~p~0.base (store (select |#memory_int| main_~p~0.base) main_~p~0.offset (_ bv3 32))) main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32))) [2020-07-29 01:10:32,133 WARN L408 uantifierElimination]: ElimStorePlain result: ∀ []. (and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset)) [2020-07-29 01:10:32,148 INFO L280 TraceCheckUtils]: 18: Hoare triple {3499#false} assume !false; {3499#false} is VALID [2020-07-29 01:10:32,149 INFO L280 TraceCheckUtils]: 17: Hoare triple {3554#(= (_ bv3 32) |main_#t~mem13|)} assume 3bv32 != #t~mem13;havoc #t~mem13; {3499#false} is VALID [2020-07-29 01:10:32,150 INFO L280 TraceCheckUtils]: 16: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem13 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-3 {3554#(= (_ bv3 32) |main_#t~mem13|)} is VALID [2020-07-29 01:10:32,151 INFO L280 TraceCheckUtils]: 15: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} assume !(2bv32 == #t~mem11);havoc #t~mem11; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,152 INFO L280 TraceCheckUtils]: 14: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem11 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-2 {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,152 INFO L280 TraceCheckUtils]: 13: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} assume !(1bv32 == #t~mem9);havoc #t~mem9; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,157 INFO L280 TraceCheckUtils]: 12: Hoare triple {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,158 INFO L280 TraceCheckUtils]: 11: Hoare triple {3534#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3538#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,161 INFO L280 TraceCheckUtils]: 10: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {3534#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:32,162 INFO L280 TraceCheckUtils]: 9: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,165 INFO L280 TraceCheckUtils]: 8: Hoare triple {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,166 INFO L280 TraceCheckUtils]: 7: Hoare triple {3498#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {3524#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:32,166 INFO L280 TraceCheckUtils]: 6: Hoare triple {3498#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {3498#true} is VALID [2020-07-29 01:10:32,166 INFO L280 TraceCheckUtils]: 5: Hoare triple {3498#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {3498#true} is VALID [2020-07-29 01:10:32,166 INFO L263 TraceCheckUtils]: 4: Hoare triple {3498#true} call #t~ret14 := main(); {3498#true} is VALID [2020-07-29 01:10:32,167 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3498#true} {3498#true} #173#return; {3498#true} is VALID [2020-07-29 01:10:32,167 INFO L280 TraceCheckUtils]: 2: Hoare triple {3498#true} assume true; {3498#true} is VALID [2020-07-29 01:10:32,167 INFO L280 TraceCheckUtils]: 1: Hoare triple {3498#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {3498#true} is VALID [2020-07-29 01:10:32,167 INFO L263 TraceCheckUtils]: 0: Hoare triple {3498#true} call ULTIMATE.init(); {3498#true} is VALID [2020-07-29 01:10:32,168 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:32,168 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2046011221] [2020-07-29 01:10:32,168 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:32,168 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6, 6] imperfect sequences [] total 6 [2020-07-29 01:10:32,169 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1245045790] [2020-07-29 01:10:32,169 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 19 [2020-07-29 01:10:32,171 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:32,171 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:10:32,199 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:32,199 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:10:32,199 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:32,199 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:10:32,200 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:10:32,200 INFO L87 Difference]: Start difference. First operand 65 states and 73 transitions. Second operand 6 states. [2020-07-29 01:10:33,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:33,097 INFO L93 Difference]: Finished difference Result 107 states and 114 transitions. [2020-07-29 01:10:33,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:10:33,097 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 19 [2020-07-29 01:10:33,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:33,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:33,101 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 108 transitions. [2020-07-29 01:10:33,101 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:10:33,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 108 transitions. [2020-07-29 01:10:33,105 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 108 transitions. [2020-07-29 01:10:33,305 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 108 edges. 108 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:33,307 INFO L225 Difference]: With dead ends: 107 [2020-07-29 01:10:33,307 INFO L226 Difference]: Without dead ends: 107 [2020-07-29 01:10:33,307 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2020-07-29 01:10:33,308 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2020-07-29 01:10:33,316 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 73. [2020-07-29 01:10:33,317 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:33,317 INFO L82 GeneralOperation]: Start isEquivalent. First operand 107 states. Second operand 73 states. [2020-07-29 01:10:33,318 INFO L74 IsIncluded]: Start isIncluded. First operand 107 states. Second operand 73 states. [2020-07-29 01:10:33,318 INFO L87 Difference]: Start difference. First operand 107 states. Second operand 73 states. [2020-07-29 01:10:33,325 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:33,325 INFO L93 Difference]: Finished difference Result 107 states and 114 transitions. [2020-07-29 01:10:33,325 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 114 transitions. [2020-07-29 01:10:33,326 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:33,326 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:33,326 INFO L74 IsIncluded]: Start isIncluded. First operand 73 states. Second operand 107 states. [2020-07-29 01:10:33,326 INFO L87 Difference]: Start difference. First operand 73 states. Second operand 107 states. [2020-07-29 01:10:33,331 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:33,332 INFO L93 Difference]: Finished difference Result 107 states and 114 transitions. [2020-07-29 01:10:33,332 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 114 transitions. [2020-07-29 01:10:33,333 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:33,333 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:33,333 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:33,333 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:33,333 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 73 states. [2020-07-29 01:10:33,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 82 transitions. [2020-07-29 01:10:33,336 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 82 transitions. Word has length 19 [2020-07-29 01:10:33,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:33,337 INFO L479 AbstractCegarLoop]: Abstraction has 73 states and 82 transitions. [2020-07-29 01:10:33,337 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:10:33,337 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 82 transitions. [2020-07-29 01:10:33,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2020-07-29 01:10:33,339 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:33,339 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:33,561 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 mathsat -unsat_core_generation=3 [2020-07-29 01:10:33,562 INFO L427 AbstractCegarLoop]: === Iteration 9 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:33,562 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:33,562 INFO L82 PathProgramCache]: Analyzing trace with hash -460498981, now seen corresponding path program 1 times [2020-07-29 01:10:33,563 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:33,563 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1251187147] [2020-07-29 01:10:33,563 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 10 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:33,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:33,653 INFO L263 TraceCheckSpWp]: Trace formula consists of 72 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:10:33,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:10:33,663 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:10:33,696 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2020-07-29 01:10:33,696 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:33,699 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:33,699 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:33,699 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:11, output treesize:7 [2020-07-29 01:10:33,743 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2020-07-29 01:10:33,744 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:10:33,748 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:33,748 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:10:33,748 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:17, output treesize:5 [2020-07-29 01:10:33,751 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:33,751 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_int|, main_~p~0.base, main_~p~0.offset]. (let ((.cse0 (select (select |#memory_int| main_~p~0.base) main_~p~0.offset))) (and (= .cse0 |main_#t~mem11|) (= (bvadd .cse0 (_ bv4294967293 32)) (_ bv0 32)))) [2020-07-29 01:10:33,751 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (_ bv0 32) (bvadd |main_#t~mem11| (_ bv4294967293 32))) [2020-07-29 01:10:33,764 INFO L263 TraceCheckUtils]: 0: Hoare triple {4015#true} call ULTIMATE.init(); {4015#true} is VALID [2020-07-29 01:10:33,764 INFO L280 TraceCheckUtils]: 1: Hoare triple {4015#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {4015#true} is VALID [2020-07-29 01:10:33,765 INFO L280 TraceCheckUtils]: 2: Hoare triple {4015#true} assume true; {4015#true} is VALID [2020-07-29 01:10:33,765 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {4015#true} {4015#true} #173#return; {4015#true} is VALID [2020-07-29 01:10:33,765 INFO L263 TraceCheckUtils]: 4: Hoare triple {4015#true} call #t~ret14 := main(); {4015#true} is VALID [2020-07-29 01:10:33,766 INFO L280 TraceCheckUtils]: 5: Hoare triple {4015#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {4015#true} is VALID [2020-07-29 01:10:33,766 INFO L280 TraceCheckUtils]: 6: Hoare triple {4015#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {4015#true} is VALID [2020-07-29 01:10:33,768 INFO L280 TraceCheckUtils]: 7: Hoare triple {4015#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,768 INFO L280 TraceCheckUtils]: 8: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,769 INFO L280 TraceCheckUtils]: 9: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,771 INFO L280 TraceCheckUtils]: 10: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {4051#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:33,772 INFO L280 TraceCheckUtils]: 11: Hoare triple {4051#(= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967293 32)) (_ bv0 32))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:33,772 INFO L280 TraceCheckUtils]: 12: Hoare triple {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:33,772 INFO L280 TraceCheckUtils]: 13: Hoare triple {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} assume !(1bv32 == #t~mem9);havoc #t~mem9; {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:10:33,773 INFO L280 TraceCheckUtils]: 14: Hoare triple {4055#(= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967293 32)) (_ bv0 32))} SUMMARY for call #t~mem11 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-2 {4065#(= (_ bv3 32) |main_#t~mem11|)} is VALID [2020-07-29 01:10:33,778 INFO L280 TraceCheckUtils]: 15: Hoare triple {4065#(= (_ bv3 32) |main_#t~mem11|)} assume !!(2bv32 == #t~mem11);havoc #t~mem11; {4016#false} is VALID [2020-07-29 01:10:33,779 INFO L280 TraceCheckUtils]: 16: Hoare triple {4016#false} SUMMARY for call #t~mem12.base, #t~mem12.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L544 {4016#false} is VALID [2020-07-29 01:10:33,779 INFO L280 TraceCheckUtils]: 17: Hoare triple {4016#false} ~p~0.base, ~p~0.offset := #t~mem12.base, #t~mem12.offset;havoc #t~mem12.base, #t~mem12.offset; {4016#false} is VALID [2020-07-29 01:10:33,779 INFO L280 TraceCheckUtils]: 18: Hoare triple {4016#false} assume !(1bv1 == #valid[~p~0.base]); {4016#false} is VALID [2020-07-29 01:10:33,780 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:33,780 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:10:33,851 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 14 [2020-07-29 01:10:33,860 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 2 xjuncts. [2020-07-29 01:10:33,866 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:10:33,866 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 2 xjuncts. [2020-07-29 01:10:33,866 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:18, output treesize:7 [2020-07-29 01:10:33,870 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:10:33,871 WARN L407 uantifierElimination]: Input elimination task: ∀ [|#memory_int|]. (not (= (_ bv0 32) (bvadd (select (select (store |#memory_int| main_~p~0.base (store (select |#memory_int| main_~p~0.base) main_~p~0.offset (_ bv3 32))) main_~a~0.base) main_~a~0.offset) (_ bv4294967294 32)))) [2020-07-29 01:10:33,871 WARN L408 uantifierElimination]: ElimStorePlain result: ∀ []. (and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset)) [2020-07-29 01:10:33,894 INFO L280 TraceCheckUtils]: 18: Hoare triple {4016#false} assume !(1bv1 == #valid[~p~0.base]); {4016#false} is VALID [2020-07-29 01:10:33,894 INFO L280 TraceCheckUtils]: 17: Hoare triple {4016#false} ~p~0.base, ~p~0.offset := #t~mem12.base, #t~mem12.offset;havoc #t~mem12.base, #t~mem12.offset; {4016#false} is VALID [2020-07-29 01:10:33,895 INFO L280 TraceCheckUtils]: 16: Hoare triple {4016#false} SUMMARY for call #t~mem12.base, #t~mem12.offset := read~$Pointer$(~p~0.base, ~bvadd32(4bv32, ~p~0.offset), 4bv32); srcloc: L544 {4016#false} is VALID [2020-07-29 01:10:33,895 INFO L280 TraceCheckUtils]: 15: Hoare triple {4087#(not (= (_ bv2 32) |main_#t~mem11|))} assume !!(2bv32 == #t~mem11);havoc #t~mem11; {4016#false} is VALID [2020-07-29 01:10:33,896 INFO L280 TraceCheckUtils]: 14: Hoare triple {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} SUMMARY for call #t~mem11 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L543-2 {4087#(not (= (_ bv2 32) |main_#t~mem11|))} is VALID [2020-07-29 01:10:33,897 INFO L280 TraceCheckUtils]: 13: Hoare triple {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} assume !(1bv32 == #t~mem9);havoc #t~mem9; {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:33,898 INFO L280 TraceCheckUtils]: 12: Hoare triple {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} SUMMARY for call #t~mem9 := read~intINTTYPE4(~p~0.base, ~p~0.offset, 4bv32); srcloc: L541-3 {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:33,899 INFO L280 TraceCheckUtils]: 11: Hoare triple {4101#(not (= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} ~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {4091#(not (= (bvadd (select (select |#memory_int| main_~p~0.base) main_~p~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:33,901 INFO L280 TraceCheckUtils]: 10: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} SUMMARY for call write~intINTTYPE4(3bv32, ~p~0.base, ~p~0.offset, 4bv32); srcloc: L532-2 {4101#(not (= (bvadd (select (select |#memory_int| main_~a~0.base) main_~a~0.offset) (_ bv4294967294 32)) (_ bv0 32)))} is VALID [2020-07-29 01:10:33,902 INFO L280 TraceCheckUtils]: 9: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet6);havoc #t~nondet6; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,903 INFO L280 TraceCheckUtils]: 8: Hoare triple {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} assume !(0bv32 != #t~nondet3);havoc #t~nondet3; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,903 INFO L280 TraceCheckUtils]: 7: Hoare triple {4015#true} havoc ~t~0.base, ~t~0.offset;~p~0.base, ~p~0.offset := ~a~0.base, ~a~0.offset; {4041#(and (= main_~p~0.base main_~a~0.base) (= main_~p~0.offset main_~a~0.offset))} is VALID [2020-07-29 01:10:33,903 INFO L280 TraceCheckUtils]: 6: Hoare triple {4015#true} assume !(~a~0.base == 0bv32 && ~a~0.offset == 0bv32); {4015#true} is VALID [2020-07-29 01:10:33,903 INFO L280 TraceCheckUtils]: 5: Hoare triple {4015#true} call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8bv32);~a~0.base, ~a~0.offset := #t~malloc2.base, #t~malloc2.offset; {4015#true} is VALID [2020-07-29 01:10:33,904 INFO L263 TraceCheckUtils]: 4: Hoare triple {4015#true} call #t~ret14 := main(); {4015#true} is VALID [2020-07-29 01:10:33,904 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {4015#true} {4015#true} #173#return; {4015#true} is VALID [2020-07-29 01:10:33,904 INFO L280 TraceCheckUtils]: 2: Hoare triple {4015#true} assume true; {4015#true} is VALID [2020-07-29 01:10:33,904 INFO L280 TraceCheckUtils]: 1: Hoare triple {4015#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven; {4015#true} is VALID [2020-07-29 01:10:33,904 INFO L263 TraceCheckUtils]: 0: Hoare triple {4015#true} call ULTIMATE.init(); {4015#true} is VALID [2020-07-29 01:10:33,905 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:10:33,905 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1251187147] [2020-07-29 01:10:33,905 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:10:33,905 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6, 6] imperfect sequences [] total 9 [2020-07-29 01:10:33,906 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2114138394] [2020-07-29 01:10:33,906 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 19 [2020-07-29 01:10:33,907 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:10:33,907 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:10:33,940 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:33,940 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:10:33,941 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:10:33,941 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:10:33,941 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:10:33,942 INFO L87 Difference]: Start difference. First operand 73 states and 82 transitions. Second operand 9 states. [2020-07-29 01:10:36,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:36,042 INFO L93 Difference]: Finished difference Result 135 states and 144 transitions. [2020-07-29 01:10:36,042 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2020-07-29 01:10:36,042 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 19 [2020-07-29 01:10:36,045 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:10:36,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:10:36,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 138 transitions. [2020-07-29 01:10:36,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:10:36,059 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 138 transitions. [2020-07-29 01:10:36,059 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 138 transitions. [2020-07-29 01:10:36,303 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 138 edges. 138 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:10:36,305 INFO L225 Difference]: With dead ends: 135 [2020-07-29 01:10:36,305 INFO L226 Difference]: Without dead ends: 135 [2020-07-29 01:10:36,306 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=66, Invalid=144, Unknown=0, NotChecked=0, Total=210 [2020-07-29 01:10:36,306 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2020-07-29 01:10:36,310 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 87. [2020-07-29 01:10:36,310 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:10:36,310 INFO L82 GeneralOperation]: Start isEquivalent. First operand 135 states. Second operand 87 states. [2020-07-29 01:10:36,311 INFO L74 IsIncluded]: Start isIncluded. First operand 135 states. Second operand 87 states. [2020-07-29 01:10:36,311 INFO L87 Difference]: Start difference. First operand 135 states. Second operand 87 states. [2020-07-29 01:10:36,315 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:36,315 INFO L93 Difference]: Finished difference Result 135 states and 144 transitions. [2020-07-29 01:10:36,316 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 144 transitions. [2020-07-29 01:10:36,316 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:36,316 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:36,317 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand 135 states. [2020-07-29 01:10:36,317 INFO L87 Difference]: Start difference. First operand 87 states. Second operand 135 states. [2020-07-29 01:10:36,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:10:36,320 INFO L93 Difference]: Finished difference Result 135 states and 144 transitions. [2020-07-29 01:10:36,320 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 144 transitions. [2020-07-29 01:10:36,321 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:10:36,321 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:10:36,321 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:10:36,322 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:10:36,322 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 87 states. [2020-07-29 01:10:36,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 98 transitions. [2020-07-29 01:10:36,324 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 98 transitions. Word has length 19 [2020-07-29 01:10:36,324 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:10:36,325 INFO L479 AbstractCegarLoop]: Abstraction has 87 states and 98 transitions. [2020-07-29 01:10:36,325 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:10:36,325 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 98 transitions. [2020-07-29 01:10:36,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2020-07-29 01:10:36,326 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:10:36,326 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:10:36,537 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 mathsat -unsat_core_generation=3 [2020-07-29 01:10:36,538 INFO L427 AbstractCegarLoop]: === Iteration 10 === [mainErr8REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr5REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr24ASSERT_VIOLATIONMEMORY_LEAK, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr25ENSURES_VIOLATIONMEMORY_LEAK, mainErr4REQUIRES_VIOLATION, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr17REQUIRES_VIOLATION, mainErr13REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12REQUIRES_VIOLATION]=== [2020-07-29 01:10:36,538 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:10:36,539 INFO L82 PathProgramCache]: Analyzing trace with hash -1392190610, now seen corresponding path program 1 times [2020-07-29 01:10:36,540 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:10:36,540 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1424126239] [2020-07-29 01:10:36,540 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 11 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with mathsat -unsat_core_generation=3 [2020-07-29 01:10:36,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:10:36,631 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:10:36,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:10:36,651 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:10:36,674 INFO L174 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2020-07-29 01:10:36,674 INFO L520 BasicCegarLoop]: Counterexample might be feasible [2020-07-29 01:10:36,875 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 mathsat -unsat_core_generation=3 [2020-07-29 01:10:36,887 WARN L417 cessorBacktranslator]: Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) [2020-07-29 01:10:36,911 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 29.07 01:10:36 BoogieIcfgContainer [2020-07-29 01:10:36,911 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2020-07-29 01:10:36,911 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2020-07-29 01:10:36,911 INFO L271 PluginConnector]: Initializing Witness Printer... [2020-07-29 01:10:36,911 INFO L275 PluginConnector]: Witness Printer initialized [2020-07-29 01:10:36,912 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:10:10" (3/4) ... [2020-07-29 01:10:36,915 INFO L140 WitnessPrinter]: No result that supports witness generation found [2020-07-29 01:10:36,915 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2020-07-29 01:10:36,917 INFO L168 Benchmark]: Toolchain (without parser) took 27810.42 ms. Allocated memory was 1.0 GB in the beginning and 1.4 GB in the end (delta: 355.5 MB). Free memory was 952.2 MB in the beginning and 1.0 GB in the end (delta: -65.7 MB). Peak memory consumption was 289.7 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:36,917 INFO L168 Benchmark]: CDTParser took 0.29 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:10:36,917 INFO L168 Benchmark]: CACSL2BoogieTranslator took 767.39 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 140.5 MB). Free memory was 946.8 MB in the beginning and 1.1 GB in the end (delta: -161.7 MB). Peak memory consumption was 15.2 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:36,918 INFO L168 Benchmark]: Boogie Preprocessor took 78.22 ms. Allocated memory is still 1.2 GB. Free memory is still 1.1 GB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:10:36,918 INFO L168 Benchmark]: RCFGBuilder took 970.64 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 71.1 MB). Peak memory consumption was 71.1 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:36,919 INFO L168 Benchmark]: TraceAbstraction took 25982.45 ms. Allocated memory was 1.2 GB in the beginning and 1.4 GB in the end (delta: 215.0 MB). Free memory was 1.0 GB in the beginning and 1.0 GB in the end (delta: 12.8 MB). Peak memory consumption was 227.8 MB. Max. memory is 11.5 GB. [2020-07-29 01:10:36,919 INFO L168 Benchmark]: Witness Printer took 4.09 ms. Allocated memory is still 1.4 GB. Free memory is still 1.0 GB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:10:36,921 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.29 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 767.39 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 140.5 MB). Free memory was 946.8 MB in the beginning and 1.1 GB in the end (delta: -161.7 MB). Peak memory consumption was 15.2 MB. Max. memory is 11.5 GB. * Boogie Preprocessor took 78.22 ms. Allocated memory is still 1.2 GB. Free memory is still 1.1 GB. There was no memory consumed. Max. memory is 11.5 GB. * RCFGBuilder took 970.64 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 71.1 MB). Peak memory consumption was 71.1 MB. Max. memory is 11.5 GB. * TraceAbstraction took 25982.45 ms. Allocated memory was 1.2 GB in the beginning and 1.4 GB in the end (delta: 215.0 MB). Free memory was 1.0 GB in the beginning and 1.0 GB in the end (delta: 12.8 MB). Peak memory consumption was 227.8 MB. Max. memory is 11.5 GB. * Witness Printer took 4.09 ms. Allocated memory is still 1.4 GB. Free memory is still 1.0 GB. There was no memory consumed. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.boogie.preprocessor: - GenericResult: Unfinished Backtranslation Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - UnprovableResult [Line: 520]: Unable to prove that all allocated memory was freed Unable to prove that all allocated memory was freed Reason: overapproximation of memtrack at line 520. Possible FailurePath: [L521] List a = (List) malloc(sizeof(struct node)); VAL [a={1:0}, malloc(sizeof(struct node))={1:0}] [L522] COND FALSE !(a == 0) VAL [a={1:0}, malloc(sizeof(struct node))={1:0}] [L523] List t; [L524] List p = a; VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}] [L525] COND FALSE !(__VERIFIER_nondet_int()) [L532] COND FALSE !(__VERIFIER_nondet_int()) [L539] p->h = 3 VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}] [L540] p = a VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}] [L541] EXPR p->h VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}, p->h=3] [L541] COND FALSE !(p->h == 1) [L543] EXPR p->h VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}, p->h=3] [L543] COND FALSE !(p->h == 2) [L545] EXPR p->h VAL [a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}, p->h=3] [L545] COND FALSE !(p->h != 3) [L547] return 0; VAL [\result=0, a={1:0}, malloc(sizeof(struct node))={1:0}, p={1:0}] - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 93 locations, 26 error locations. Started 1 CEGAR loops. VerificationResult: UNSAFE, OverallTime: 25.8s, OverallIterations: 10, TraceHistogramMax: 2, AutomataDifference: 18.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 383 SDtfs, 928 SDslu, 1263 SDs, 0 SdLazy, 1456 SolverSat, 168 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 5.4s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 321 GetRequests, 237 SyntacticMatches, 1 SemanticMatches, 83 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 62 ImplicationChecksByTransitivity, 2.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=87occurred in iteration=9, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 9 MinimizatonAttempts, 275 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 3.4s InterpolantComputationTime, 165 NumberOfCodeBlocks, 165 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 272 ConstructedInterpolants, 0 QuantifiedInterpolants, 18688 SizeOfPredicates, 70 NumberOfNonLiveVariables, 590 ConjunctsInSsa, 66 ConjunctsInUnsatCore, 18 InterpolantComputations, 18 PerfectInterpolantSequences, 20/20 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces Received shutdown request...