./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 8bd4bc60 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx12G -Xms1G -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0c4d407f41629f864eb5689f703f67280cbb5237 ............................................................................................................................... Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx12G -Xms1G -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0c4d407f41629f864eb5689f703f67280cbb5237 ..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Execution finished normally Writing output log to file Ultimate.log Result: UNKNOWN: Overapproximated counterexample --- Real Ultimate output --- This is Ultimate 0.1.25-8bd4bc6 [2020-07-29 01:04:42,491 INFO L177 SettingsManager]: Resetting all preferences to default values... [2020-07-29 01:04:42,493 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2020-07-29 01:04:42,506 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2020-07-29 01:04:42,507 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2020-07-29 01:04:42,508 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2020-07-29 01:04:42,509 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2020-07-29 01:04:42,512 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2020-07-29 01:04:42,513 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2020-07-29 01:04:42,514 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2020-07-29 01:04:42,516 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2020-07-29 01:04:42,517 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2020-07-29 01:04:42,517 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2020-07-29 01:04:42,518 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2020-07-29 01:04:42,520 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2020-07-29 01:04:42,521 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2020-07-29 01:04:42,522 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2020-07-29 01:04:42,523 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2020-07-29 01:04:42,525 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2020-07-29 01:04:42,527 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2020-07-29 01:04:42,529 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2020-07-29 01:04:42,530 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2020-07-29 01:04:42,531 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2020-07-29 01:04:42,532 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2020-07-29 01:04:42,535 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2020-07-29 01:04:42,535 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2020-07-29 01:04:42,536 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2020-07-29 01:04:42,537 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2020-07-29 01:04:42,537 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2020-07-29 01:04:42,538 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2020-07-29 01:04:42,539 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2020-07-29 01:04:42,539 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2020-07-29 01:04:42,540 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2020-07-29 01:04:42,541 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2020-07-29 01:04:42,542 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2020-07-29 01:04:42,543 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2020-07-29 01:04:42,544 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2020-07-29 01:04:42,544 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2020-07-29 01:04:42,544 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2020-07-29 01:04:42,545 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2020-07-29 01:04:42,546 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2020-07-29 01:04:42,547 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2020-07-29 01:04:42,562 INFO L113 SettingsManager]: Loading preferences was successful [2020-07-29 01:04:42,563 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2020-07-29 01:04:42,564 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2020-07-29 01:04:42,564 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2020-07-29 01:04:42,565 INFO L138 SettingsManager]: * Use SBE=true [2020-07-29 01:04:42,565 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2020-07-29 01:04:42,565 INFO L138 SettingsManager]: * sizeof long=4 [2020-07-29 01:04:42,566 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2020-07-29 01:04:42,566 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2020-07-29 01:04:42,566 INFO L138 SettingsManager]: * sizeof POINTER=4 [2020-07-29 01:04:42,566 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2020-07-29 01:04:42,567 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2020-07-29 01:04:42,567 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2020-07-29 01:04:42,567 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2020-07-29 01:04:42,568 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2020-07-29 01:04:42,568 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2020-07-29 01:04:42,568 INFO L138 SettingsManager]: * sizeof long double=12 [2020-07-29 01:04:42,568 INFO L138 SettingsManager]: * Use constant arrays=true [2020-07-29 01:04:42,569 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2020-07-29 01:04:42,569 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2020-07-29 01:04:42,569 INFO L138 SettingsManager]: * To the following directory=./dump/ [2020-07-29 01:04:42,570 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2020-07-29 01:04:42,570 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:04:42,570 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2020-07-29 01:04:42,571 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2020-07-29 01:04:42,571 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2020-07-29 01:04:42,571 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2020-07-29 01:04:42,571 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2020-07-29 01:04:42,572 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0c4d407f41629f864eb5689f703f67280cbb5237 [2020-07-29 01:04:42,910 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2020-07-29 01:04:42,935 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2020-07-29 01:04:42,939 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2020-07-29 01:04:42,940 INFO L271 PluginConnector]: Initializing CDTParser... [2020-07-29 01:04:42,941 INFO L275 PluginConnector]: CDTParser initialized [2020-07-29 01:04:42,941 INFO L429 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i [2020-07-29 01:04:43,004 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/59c1afcb7/3cd3563796ca495eb87f05ccaa894899/FLAGa005563c9 [2020-07-29 01:04:43,543 INFO L306 CDTParser]: Found 1 translation units. [2020-07-29 01:04:43,544 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i [2020-07-29 01:04:43,567 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/59c1afcb7/3cd3563796ca495eb87f05ccaa894899/FLAGa005563c9 [2020-07-29 01:04:43,838 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/59c1afcb7/3cd3563796ca495eb87f05ccaa894899 [2020-07-29 01:04:43,842 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2020-07-29 01:04:43,845 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2020-07-29 01:04:43,846 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2020-07-29 01:04:43,846 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2020-07-29 01:04:43,850 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2020-07-29 01:04:43,852 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:04:43" (1/1) ... [2020-07-29 01:04:43,855 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3b368e2f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:43, skipping insertion in model container [2020-07-29 01:04:43,855 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:04:43" (1/1) ... [2020-07-29 01:04:43,863 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2020-07-29 01:04:43,933 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:04:44,532 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:04:44,564 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2020-07-29 01:04:44,565 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@62bf5655 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:44, skipping insertion in model container [2020-07-29 01:04:44,565 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2020-07-29 01:04:44,566 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.preprocessor [2020-07-29 01:04:44,570 INFO L168 Benchmark]: Toolchain (without parser) took 725.01 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 138.4 MB). Free memory was 950.8 MB in the beginning and 1.1 GB in the end (delta: -170.7 MB). Peak memory consumption was 15.3 MB. Max. memory is 11.5 GB. [2020-07-29 01:04:44,571 INFO L168 Benchmark]: CDTParser took 0.62 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:04:44,572 INFO L168 Benchmark]: CACSL2BoogieTranslator took 719.72 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 138.4 MB). Free memory was 950.8 MB in the beginning and 1.1 GB in the end (delta: -170.7 MB). Peak memory consumption was 15.3 MB. Max. memory is 11.5 GB. [2020-07-29 01:04:44,576 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.62 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 719.72 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 138.4 MB). Free memory was 950.8 MB in the beginning and 1.1 GB in the end (delta: -170.7 MB). Peak memory consumption was 15.3 MB. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... ### Bit-precise run ### This is Ultimate 0.1.25-8bd4bc6 [2020-07-29 01:04:46,335 INFO L177 SettingsManager]: Resetting all preferences to default values... [2020-07-29 01:04:46,338 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2020-07-29 01:04:46,355 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2020-07-29 01:04:46,356 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2020-07-29 01:04:46,358 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2020-07-29 01:04:46,360 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2020-07-29 01:04:46,371 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2020-07-29 01:04:46,373 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2020-07-29 01:04:46,376 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2020-07-29 01:04:46,378 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2020-07-29 01:04:46,380 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2020-07-29 01:04:46,381 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2020-07-29 01:04:46,385 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2020-07-29 01:04:46,387 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2020-07-29 01:04:46,389 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2020-07-29 01:04:46,392 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2020-07-29 01:04:46,393 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2020-07-29 01:04:46,396 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2020-07-29 01:04:46,401 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2020-07-29 01:04:46,406 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2020-07-29 01:04:46,410 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2020-07-29 01:04:46,412 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2020-07-29 01:04:46,413 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2020-07-29 01:04:46,416 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2020-07-29 01:04:46,416 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2020-07-29 01:04:46,417 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2020-07-29 01:04:46,419 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2020-07-29 01:04:46,420 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2020-07-29 01:04:46,421 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2020-07-29 01:04:46,422 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2020-07-29 01:04:46,423 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2020-07-29 01:04:46,424 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2020-07-29 01:04:46,425 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2020-07-29 01:04:46,427 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2020-07-29 01:04:46,427 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2020-07-29 01:04:46,428 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2020-07-29 01:04:46,428 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2020-07-29 01:04:46,428 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2020-07-29 01:04:46,429 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2020-07-29 01:04:46,431 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2020-07-29 01:04:46,433 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2020-07-29 01:04:46,470 INFO L113 SettingsManager]: Loading preferences was successful [2020-07-29 01:04:46,474 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2020-07-29 01:04:46,475 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2020-07-29 01:04:46,476 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2020-07-29 01:04:46,476 INFO L138 SettingsManager]: * Use SBE=true [2020-07-29 01:04:46,476 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2020-07-29 01:04:46,477 INFO L138 SettingsManager]: * sizeof long=4 [2020-07-29 01:04:46,477 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2020-07-29 01:04:46,478 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2020-07-29 01:04:46,478 INFO L138 SettingsManager]: * sizeof POINTER=4 [2020-07-29 01:04:46,479 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2020-07-29 01:04:46,479 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2020-07-29 01:04:46,480 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2020-07-29 01:04:46,480 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2020-07-29 01:04:46,480 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2020-07-29 01:04:46,481 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2020-07-29 01:04:46,481 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2020-07-29 01:04:46,481 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2020-07-29 01:04:46,481 INFO L138 SettingsManager]: * sizeof long double=12 [2020-07-29 01:04:46,482 INFO L138 SettingsManager]: * Use constant arrays=true [2020-07-29 01:04:46,482 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2020-07-29 01:04:46,482 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2020-07-29 01:04:46,483 INFO L138 SettingsManager]: * To the following directory=./dump/ [2020-07-29 01:04:46,483 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2020-07-29 01:04:46,483 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:04:46,483 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2020-07-29 01:04:46,484 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2020-07-29 01:04:46,484 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2020-07-29 01:04:46,484 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --rewrite-divk --print-success --lang smt [2020-07-29 01:04:46,485 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2020-07-29 01:04:46,485 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2020-07-29 01:04:46,485 INFO L138 SettingsManager]: * Logic for external solver=AUFBV Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0c4d407f41629f864eb5689f703f67280cbb5237 [2020-07-29 01:04:46,804 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2020-07-29 01:04:46,817 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2020-07-29 01:04:46,821 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2020-07-29 01:04:46,822 INFO L271 PluginConnector]: Initializing CDTParser... [2020-07-29 01:04:46,823 INFO L275 PluginConnector]: CDTParser initialized [2020-07-29 01:04:46,824 INFO L429 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i [2020-07-29 01:04:46,888 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1e435f928/8064bb9a2e3e411ca416f5ad1216aed0/FLAGc36ea6492 [2020-07-29 01:04:47,455 INFO L306 CDTParser]: Found 1 translation units. [2020-07-29 01:04:47,456 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test22_2-1.i [2020-07-29 01:04:47,472 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1e435f928/8064bb9a2e3e411ca416f5ad1216aed0/FLAGc36ea6492 [2020-07-29 01:04:47,704 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1e435f928/8064bb9a2e3e411ca416f5ad1216aed0 [2020-07-29 01:04:47,708 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2020-07-29 01:04:47,715 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2020-07-29 01:04:47,717 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2020-07-29 01:04:47,718 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2020-07-29 01:04:47,722 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2020-07-29 01:04:47,724 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:04:47" (1/1) ... [2020-07-29 01:04:47,727 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4b2d99fc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:47, skipping insertion in model container [2020-07-29 01:04:47,727 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:04:47" (1/1) ... [2020-07-29 01:04:47,735 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2020-07-29 01:04:47,787 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:04:48,269 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:04:48,295 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2020-07-29 01:04:48,308 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:04:48,431 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:04:48,451 INFO L203 MainTranslator]: Completed pre-run [2020-07-29 01:04:48,514 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:04:48,598 INFO L208 MainTranslator]: Completed translation [2020-07-29 01:04:48,599 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48 WrapperNode [2020-07-29 01:04:48,599 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2020-07-29 01:04:48,600 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2020-07-29 01:04:48,600 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2020-07-29 01:04:48,600 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2020-07-29 01:04:48,615 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,616 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,642 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,643 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,695 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,703 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,717 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... [2020-07-29 01:04:48,731 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2020-07-29 01:04:48,732 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2020-07-29 01:04:48,732 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2020-07-29 01:04:48,733 INFO L275 PluginConnector]: RCFGBuilder initialized [2020-07-29 01:04:48,740 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:04:48,799 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2020-07-29 01:04:48,799 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2020-07-29 01:04:48,800 INFO L138 BoogieDeclarations]: Found implementation of procedure ##fun~$Pointer$~TO~VOID [2020-07-29 01:04:48,800 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.setCurrentRoundingMode [2020-07-29 01:04:48,800 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_32 [2020-07-29 01:04:48,800 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_64 [2020-07-29 01:04:48,801 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint16_identity [2020-07-29 01:04:48,801 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint32_identity [2020-07-29 01:04:48,801 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint64_identity [2020-07-29 01:04:48,801 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_nonpositive [2020-07-29 01:04:48,802 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_positive [2020-07-29 01:04:48,802 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2020-07-29 01:04:48,802 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_zalloc [2020-07-29 01:04:48,802 INFO L138 BoogieDeclarations]: Found implementation of procedure LDV_INIT_LIST_HEAD [2020-07-29 01:04:48,803 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_add [2020-07-29 01:04:48,803 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_del [2020-07-29 01:04:48,803 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_add [2020-07-29 01:04:48,803 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_add_tail [2020-07-29 01:04:48,804 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_del [2020-07-29 01:04:48,804 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_alloc [2020-07-29 01:04:48,804 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_fill [2020-07-29 01:04:48,804 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_free [2020-07-29 01:04:48,805 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_submit_msg [2020-07-29 01:04:48,805 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_destroy_msgs [2020-07-29 01:04:48,805 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_dev_get_drvdata [2020-07-29 01:04:48,805 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_dev_set_drvdata [2020-07-29 01:04:48,806 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_atomic_add_return [2020-07-29 01:04:48,806 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_atomic_sub_return [2020-07-29 01:04:48,806 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_sub [2020-07-29 01:04:48,806 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_init [2020-07-29 01:04:48,807 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_get [2020-07-29 01:04:48,807 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_put [2020-07-29 01:04:48,807 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_del [2020-07-29 01:04:48,807 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_cleanup [2020-07-29 01:04:48,808 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_release [2020-07-29 01:04:48,808 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_put [2020-07-29 01:04:48,808 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_get [2020-07-29 01:04:48,808 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_init_internal [2020-07-29 01:04:48,809 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_init [2020-07-29 01:04:48,809 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_create [2020-07-29 01:04:48,809 INFO L138 BoogieDeclarations]: Found implementation of procedure f [2020-07-29 01:04:48,809 INFO L138 BoogieDeclarations]: Found implementation of procedure g [2020-07-29 01:04:48,810 INFO L138 BoogieDeclarations]: Found implementation of procedure entry_point [2020-07-29 01:04:48,810 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2020-07-29 01:04:48,810 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.C_memset [2020-07-29 01:04:48,810 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.meminit [2020-07-29 01:04:48,811 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.C_memcpy [2020-07-29 01:04:48,811 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2020-07-29 01:04:48,811 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2020-07-29 01:04:48,811 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2020-07-29 01:04:48,811 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2020-07-29 01:04:48,812 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2020-07-29 01:04:48,812 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2020-07-29 01:04:48,812 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2020-07-29 01:04:48,812 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2020-07-29 01:04:48,813 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2020-07-29 01:04:48,813 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2020-07-29 01:04:48,813 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2020-07-29 01:04:48,813 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2020-07-29 01:04:48,813 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2020-07-29 01:04:48,814 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2020-07-29 01:04:48,814 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2020-07-29 01:04:48,814 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2020-07-29 01:04:48,814 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_32 [2020-07-29 01:04:48,814 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_64 [2020-07-29 01:04:48,815 INFO L130 BoogieDeclarations]: Found specification of procedure __uint16_identity [2020-07-29 01:04:48,815 INFO L130 BoogieDeclarations]: Found specification of procedure __uint32_identity [2020-07-29 01:04:48,815 INFO L130 BoogieDeclarations]: Found specification of procedure __uint64_identity [2020-07-29 01:04:48,815 INFO L130 BoogieDeclarations]: Found specification of procedure select [2020-07-29 01:04:48,816 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2020-07-29 01:04:48,816 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2020-07-29 01:04:48,816 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2020-07-29 01:04:48,816 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2020-07-29 01:04:48,816 INFO L130 BoogieDeclarations]: Found specification of procedure random [2020-07-29 01:04:48,817 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2020-07-29 01:04:48,817 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2020-07-29 01:04:48,817 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2020-07-29 01:04:48,817 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2020-07-29 01:04:48,818 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2020-07-29 01:04:48,818 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2020-07-29 01:04:48,818 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2020-07-29 01:04:48,818 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2020-07-29 01:04:48,818 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2020-07-29 01:04:48,819 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2020-07-29 01:04:48,819 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2020-07-29 01:04:48,819 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2020-07-29 01:04:48,819 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2020-07-29 01:04:48,819 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2020-07-29 01:04:48,820 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2020-07-29 01:04:48,820 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2020-07-29 01:04:48,820 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2020-07-29 01:04:48,820 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2020-07-29 01:04:48,820 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2020-07-29 01:04:48,821 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2020-07-29 01:04:48,821 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2020-07-29 01:04:48,821 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2020-07-29 01:04:48,821 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2020-07-29 01:04:48,821 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2020-07-29 01:04:48,822 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2020-07-29 01:04:48,822 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2020-07-29 01:04:48,822 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2020-07-29 01:04:48,822 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2020-07-29 01:04:48,822 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure free [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2020-07-29 01:04:48,823 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2020-07-29 01:04:48,824 INFO L130 BoogieDeclarations]: Found specification of procedure aligned_alloc [2020-07-29 01:04:48,824 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2020-07-29 01:04:48,824 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2020-07-29 01:04:48,824 INFO L130 BoogieDeclarations]: Found specification of procedure at_quick_exit [2020-07-29 01:04:48,825 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2020-07-29 01:04:48,825 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2020-07-29 01:04:48,825 INFO L130 BoogieDeclarations]: Found specification of procedure quick_exit [2020-07-29 01:04:48,825 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2020-07-29 01:04:48,825 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2020-07-29 01:04:48,826 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2020-07-29 01:04:48,826 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2020-07-29 01:04:48,826 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2020-07-29 01:04:48,826 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2020-07-29 01:04:48,826 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2020-07-29 01:04:48,827 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2020-07-29 01:04:48,827 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2020-07-29 01:04:48,827 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2020-07-29 01:04:48,827 INFO L130 BoogieDeclarations]: Found specification of procedure system [2020-07-29 01:04:48,828 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2020-07-29 01:04:48,828 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2020-07-29 01:04:48,828 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2020-07-29 01:04:48,828 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2020-07-29 01:04:48,828 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2020-07-29 01:04:48,829 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2020-07-29 01:04:48,829 INFO L130 BoogieDeclarations]: Found specification of procedure div [2020-07-29 01:04:48,829 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2020-07-29 01:04:48,829 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2020-07-29 01:04:48,830 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2020-07-29 01:04:48,830 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2020-07-29 01:04:48,830 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2020-07-29 01:04:48,830 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2020-07-29 01:04:48,830 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2020-07-29 01:04:48,831 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2020-07-29 01:04:48,831 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2020-07-29 01:04:48,831 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2020-07-29 01:04:48,831 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2020-07-29 01:04:48,832 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2020-07-29 01:04:48,832 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2020-07-29 01:04:48,832 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2020-07-29 01:04:48,832 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2020-07-29 01:04:48,833 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2020-07-29 01:04:48,833 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2020-07-29 01:04:48,833 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2020-07-29 01:04:48,833 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2020-07-29 01:04:48,833 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2020-07-29 01:04:48,834 INFO L130 BoogieDeclarations]: Found specification of procedure kfree [2020-07-29 01:04:48,834 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2020-07-29 01:04:48,834 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_nonpositive [2020-07-29 01:04:48,834 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_positive [2020-07-29 01:04:48,835 INFO L130 BoogieDeclarations]: Found specification of procedure memcpy [2020-07-29 01:04:48,835 INFO L130 BoogieDeclarations]: Found specification of procedure memset [2020-07-29 01:04:48,835 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2020-07-29 01:04:48,835 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2020-07-29 01:04:48,836 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_zalloc [2020-07-29 01:04:48,836 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.meminit [2020-07-29 01:04:48,836 INFO L130 BoogieDeclarations]: Found specification of procedure LDV_INIT_LIST_HEAD [2020-07-29 01:04:48,836 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2020-07-29 01:04:48,836 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_add [2020-07-29 01:04:48,837 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_del [2020-07-29 01:04:48,837 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_add [2020-07-29 01:04:48,837 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2020-07-29 01:04:48,837 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_add_tail [2020-07-29 01:04:48,838 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_del [2020-07-29 01:04:48,838 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_alloc [2020-07-29 01:04:48,838 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_fill [2020-07-29 01:04:48,838 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.C_memcpy [2020-07-29 01:04:48,838 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_free [2020-07-29 01:04:48,839 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2020-07-29 01:04:48,839 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_submit_msg [2020-07-29 01:04:48,839 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_destroy_msgs [2020-07-29 01:04:48,839 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_dev_get_drvdata [2020-07-29 01:04:48,840 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_dev_set_drvdata [2020-07-29 01:04:48,840 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_atomic_add_return [2020-07-29 01:04:48,840 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2020-07-29 01:04:48,840 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2020-07-29 01:04:48,840 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_atomic_sub_return [2020-07-29 01:04:48,841 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_sub [2020-07-29 01:04:48,841 INFO L130 BoogieDeclarations]: Found specification of procedure ##fun~$Pointer$~TO~VOID [2020-07-29 01:04:48,841 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_init [2020-07-29 01:04:48,841 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_get [2020-07-29 01:04:48,842 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_put [2020-07-29 01:04:48,842 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_del [2020-07-29 01:04:48,842 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_cleanup [2020-07-29 01:04:48,842 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_release [2020-07-29 01:04:48,842 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_put [2020-07-29 01:04:48,843 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_get [2020-07-29 01:04:48,843 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_init_internal [2020-07-29 01:04:48,843 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_init [2020-07-29 01:04:48,843 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_create [2020-07-29 01:04:48,844 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.C_memset [2020-07-29 01:04:48,844 INFO L130 BoogieDeclarations]: Found specification of procedure f [2020-07-29 01:04:48,844 INFO L130 BoogieDeclarations]: Found specification of procedure g [2020-07-29 01:04:48,844 INFO L130 BoogieDeclarations]: Found specification of procedure entry_point [2020-07-29 01:04:48,845 INFO L130 BoogieDeclarations]: Found specification of procedure main [2020-07-29 01:04:48,845 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2020-07-29 01:04:48,845 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2020-07-29 01:04:48,845 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2020-07-29 01:04:48,846 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2020-07-29 01:04:48,846 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.setCurrentRoundingMode [2020-07-29 01:04:48,846 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~intINTTYPE4 [2020-07-29 01:04:48,846 INFO L130 BoogieDeclarations]: Found specification of procedure read~unchecked~intINTTYPE4 [2020-07-29 01:04:48,846 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~$Pointer$ [2020-07-29 01:04:48,847 INFO L130 BoogieDeclarations]: Found specification of procedure read~unchecked~$Pointer$ [2020-07-29 01:04:49,583 WARN L775 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2020-07-29 01:04:50,043 WARN L775 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2020-07-29 01:04:50,515 INFO L290 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2020-07-29 01:04:50,516 INFO L295 CfgBuilder]: Removed 1 assume(true) statements. [2020-07-29 01:04:50,520 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:04:50 BoogieIcfgContainer [2020-07-29 01:04:50,521 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2020-07-29 01:04:50,522 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2020-07-29 01:04:50,522 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2020-07-29 01:04:50,526 INFO L275 PluginConnector]: TraceAbstraction initialized [2020-07-29 01:04:50,526 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 29.07 01:04:47" (1/3) ... [2020-07-29 01:04:50,527 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@281f5eb3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:04:50, skipping insertion in model container [2020-07-29 01:04:50,527 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:04:48" (2/3) ... [2020-07-29 01:04:50,527 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@281f5eb3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:04:50, skipping insertion in model container [2020-07-29 01:04:50,528 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:04:50" (3/3) ... [2020-07-29 01:04:50,529 INFO L109 eAbstractionObserver]: Analyzing ICFG memleaks_test22_2-1.i [2020-07-29 01:04:50,544 INFO L157 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2020-07-29 01:04:50,555 INFO L169 ceAbstractionStarter]: Appying trace abstraction to program that has 71 error locations. [2020-07-29 01:04:50,574 INFO L251 AbstractCegarLoop]: Starting to check reachability of 71 error locations. [2020-07-29 01:04:50,601 INFO L375 AbstractCegarLoop]: Interprodecural is true [2020-07-29 01:04:50,601 INFO L376 AbstractCegarLoop]: Hoare is false [2020-07-29 01:04:50,602 INFO L377 AbstractCegarLoop]: Compute interpolants for FPandBP [2020-07-29 01:04:50,602 INFO L378 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2020-07-29 01:04:50,602 INFO L379 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2020-07-29 01:04:50,602 INFO L380 AbstractCegarLoop]: Difference is false [2020-07-29 01:04:50,602 INFO L381 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2020-07-29 01:04:50,602 INFO L385 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2020-07-29 01:04:50,623 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states. [2020-07-29 01:04:50,635 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:04:50,635 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:50,637 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:50,638 INFO L427 AbstractCegarLoop]: === Iteration 1 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:50,644 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:50,645 INFO L82 PathProgramCache]: Analyzing trace with hash -896940051, now seen corresponding path program 1 times [2020-07-29 01:04:50,660 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:50,660 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1451865937] [2020-07-29 01:04:50,660 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 2 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:50,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:50,845 INFO L263 TraceCheckSpWp]: Trace formula consists of 90 conjuncts, 5 conjunts are in the unsatisfiable core [2020-07-29 01:04:50,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:50,863 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:50,951 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:04:50,951 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:04:50,960 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:04:50,961 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:04:50,961 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:04:50,966 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:04:50,966 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_107|]. (= |#valid| (store |v_#valid_107| |ldv_malloc_#res.base| (_ bv1 1))) [2020-07-29 01:04:50,966 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) [2020-07-29 01:04:51,010 INFO L263 TraceCheckUtils]: 0: Hoare triple {95#true} call ULTIMATE.init(); {95#true} is VALID [2020-07-29 01:04:51,011 INFO L280 TraceCheckUtils]: 1: Hoare triple {95#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {95#true} is VALID [2020-07-29 01:04:51,012 INFO L280 TraceCheckUtils]: 2: Hoare triple {95#true} assume true; {95#true} is VALID [2020-07-29 01:04:51,012 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {95#true} {95#true} #437#return; {95#true} is VALID [2020-07-29 01:04:51,012 INFO L263 TraceCheckUtils]: 4: Hoare triple {95#true} call main(); {95#true} is VALID [2020-07-29 01:04:51,013 INFO L263 TraceCheckUtils]: 5: Hoare triple {95#true} call entry_point(); {95#true} is VALID [2020-07-29 01:04:51,013 INFO L280 TraceCheckUtils]: 6: Hoare triple {95#true} havoc ~kobj~2.base, ~kobj~2.offset; {95#true} is VALID [2020-07-29 01:04:51,013 INFO L263 TraceCheckUtils]: 7: Hoare triple {95#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {95#true} is VALID [2020-07-29 01:04:51,014 INFO L280 TraceCheckUtils]: 8: Hoare triple {95#true} havoc ~kobj~1.base, ~kobj~1.offset; {95#true} is VALID [2020-07-29 01:04:51,014 INFO L263 TraceCheckUtils]: 9: Hoare triple {95#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {95#true} is VALID [2020-07-29 01:04:51,014 INFO L280 TraceCheckUtils]: 10: Hoare triple {95#true} ~size := #in~size; {95#true} is VALID [2020-07-29 01:04:51,017 INFO L280 TraceCheckUtils]: 11: Hoare triple {95#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,018 INFO L280 TraceCheckUtils]: 12: Hoare triple {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,020 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {95#true} #417#return; {140#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:04:51,021 INFO L280 TraceCheckUtils]: 14: Hoare triple {140#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,022 INFO L280 TraceCheckUtils]: 15: Hoare triple {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,023 INFO L280 TraceCheckUtils]: 16: Hoare triple {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(1bv1 == #valid[~kobj~1.base]); {96#false} is VALID [2020-07-29 01:04:51,026 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:51,026 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:51,151 INFO L280 TraceCheckUtils]: 16: Hoare triple {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(1bv1 == #valid[~kobj~1.base]); {96#false} is VALID [2020-07-29 01:04:51,152 INFO L280 TraceCheckUtils]: 15: Hoare triple {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,153 INFO L280 TraceCheckUtils]: 14: Hoare triple {140#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {144#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,155 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {95#true} #417#return; {140#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:04:51,156 INFO L280 TraceCheckUtils]: 12: Hoare triple {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,159 INFO L280 TraceCheckUtils]: 11: Hoare triple {95#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {133#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:04:51,160 INFO L280 TraceCheckUtils]: 10: Hoare triple {95#true} ~size := #in~size; {95#true} is VALID [2020-07-29 01:04:51,160 INFO L263 TraceCheckUtils]: 9: Hoare triple {95#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {95#true} is VALID [2020-07-29 01:04:51,160 INFO L280 TraceCheckUtils]: 8: Hoare triple {95#true} havoc ~kobj~1.base, ~kobj~1.offset; {95#true} is VALID [2020-07-29 01:04:51,161 INFO L263 TraceCheckUtils]: 7: Hoare triple {95#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {95#true} is VALID [2020-07-29 01:04:51,161 INFO L280 TraceCheckUtils]: 6: Hoare triple {95#true} havoc ~kobj~2.base, ~kobj~2.offset; {95#true} is VALID [2020-07-29 01:04:51,161 INFO L263 TraceCheckUtils]: 5: Hoare triple {95#true} call entry_point(); {95#true} is VALID [2020-07-29 01:04:51,162 INFO L263 TraceCheckUtils]: 4: Hoare triple {95#true} call main(); {95#true} is VALID [2020-07-29 01:04:51,162 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {95#true} {95#true} #437#return; {95#true} is VALID [2020-07-29 01:04:51,162 INFO L280 TraceCheckUtils]: 2: Hoare triple {95#true} assume true; {95#true} is VALID [2020-07-29 01:04:51,163 INFO L280 TraceCheckUtils]: 1: Hoare triple {95#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {95#true} is VALID [2020-07-29 01:04:51,163 INFO L263 TraceCheckUtils]: 0: Hoare triple {95#true} call ULTIMATE.init(); {95#true} is VALID [2020-07-29 01:04:51,166 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:51,169 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1451865937] [2020-07-29 01:04:51,170 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:51,170 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4, 4] imperfect sequences [] total 4 [2020-07-29 01:04:51,172 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [566205235] [2020-07-29 01:04:51,180 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2020-07-29 01:04:51,195 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:51,209 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:04:51,253 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:51,253 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:04:51,253 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:51,265 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:04:51,266 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:51,269 INFO L87 Difference]: Start difference. First operand 92 states. Second operand 5 states. [2020-07-29 01:04:52,093 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:52,094 INFO L93 Difference]: Finished difference Result 74 states and 81 transitions. [2020-07-29 01:04:52,094 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:04:52,094 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2020-07-29 01:04:52,095 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:52,096 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:52,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 82 transitions. [2020-07-29 01:04:52,105 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:52,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 82 transitions. [2020-07-29 01:04:52,111 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 82 transitions. [2020-07-29 01:04:52,237 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 82 edges. 82 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:52,253 INFO L225 Difference]: With dead ends: 74 [2020-07-29 01:04:52,253 INFO L226 Difference]: Without dead ends: 71 [2020-07-29 01:04:52,255 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:52,274 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2020-07-29 01:04:52,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 65. [2020-07-29 01:04:52,294 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:52,294 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand 65 states. [2020-07-29 01:04:52,295 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand 65 states. [2020-07-29 01:04:52,295 INFO L87 Difference]: Start difference. First operand 71 states. Second operand 65 states. [2020-07-29 01:04:52,304 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:52,304 INFO L93 Difference]: Finished difference Result 71 states and 78 transitions. [2020-07-29 01:04:52,304 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 78 transitions. [2020-07-29 01:04:52,306 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:52,306 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:52,306 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 71 states. [2020-07-29 01:04:52,307 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 71 states. [2020-07-29 01:04:52,314 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:52,314 INFO L93 Difference]: Finished difference Result 71 states and 78 transitions. [2020-07-29 01:04:52,314 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 78 transitions. [2020-07-29 01:04:52,316 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:52,316 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:52,316 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:52,317 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:52,317 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2020-07-29 01:04:52,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 72 transitions. [2020-07-29 01:04:52,323 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 72 transitions. Word has length 17 [2020-07-29 01:04:52,323 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:52,324 INFO L479 AbstractCegarLoop]: Abstraction has 65 states and 72 transitions. [2020-07-29 01:04:52,324 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:04:52,324 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 72 transitions. [2020-07-29 01:04:52,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:04:52,325 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:52,325 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:52,538 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 mathsat -unsat_core_generation=3 [2020-07-29 01:04:52,539 INFO L427 AbstractCegarLoop]: === Iteration 2 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:52,540 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:52,540 INFO L82 PathProgramCache]: Analyzing trace with hash -896940050, now seen corresponding path program 1 times [2020-07-29 01:04:52,541 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:52,542 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1831562379] [2020-07-29 01:04:52,542 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 3 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:52,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:52,673 INFO L263 TraceCheckSpWp]: Trace formula consists of 90 conjuncts, 11 conjunts are in the unsatisfiable core [2020-07-29 01:04:52,688 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:52,690 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:52,721 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:04:52,722 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:04:52,729 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:04:52,729 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:04:52,730 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:04:52,735 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:04:52,735 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_88|]. (and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (store |v_#length_88| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|)) [2020-07-29 01:04:52,735 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|)) [2020-07-29 01:04:52,791 INFO L263 TraceCheckUtils]: 0: Hoare triple {482#true} call ULTIMATE.init(); {482#true} is VALID [2020-07-29 01:04:52,792 INFO L280 TraceCheckUtils]: 1: Hoare triple {482#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {482#true} is VALID [2020-07-29 01:04:52,792 INFO L280 TraceCheckUtils]: 2: Hoare triple {482#true} assume true; {482#true} is VALID [2020-07-29 01:04:52,792 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {482#true} {482#true} #437#return; {482#true} is VALID [2020-07-29 01:04:52,793 INFO L263 TraceCheckUtils]: 4: Hoare triple {482#true} call main(); {482#true} is VALID [2020-07-29 01:04:52,793 INFO L263 TraceCheckUtils]: 5: Hoare triple {482#true} call entry_point(); {482#true} is VALID [2020-07-29 01:04:52,793 INFO L280 TraceCheckUtils]: 6: Hoare triple {482#true} havoc ~kobj~2.base, ~kobj~2.offset; {482#true} is VALID [2020-07-29 01:04:52,794 INFO L263 TraceCheckUtils]: 7: Hoare triple {482#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {482#true} is VALID [2020-07-29 01:04:52,794 INFO L280 TraceCheckUtils]: 8: Hoare triple {482#true} havoc ~kobj~1.base, ~kobj~1.offset; {482#true} is VALID [2020-07-29 01:04:52,794 INFO L263 TraceCheckUtils]: 9: Hoare triple {482#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {482#true} is VALID [2020-07-29 01:04:52,795 INFO L280 TraceCheckUtils]: 10: Hoare triple {482#true} ~size := #in~size; {517#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2020-07-29 01:04:52,797 INFO L280 TraceCheckUtils]: 11: Hoare triple {517#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {521#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:04:52,798 INFO L280 TraceCheckUtils]: 12: Hoare triple {521#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} assume true; {521#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:04:52,799 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {521#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} {482#true} #417#return; {528#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} is VALID [2020-07-29 01:04:52,800 INFO L280 TraceCheckUtils]: 14: Hoare triple {528#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {532#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:04:52,801 INFO L280 TraceCheckUtils]: 15: Hoare triple {532#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {532#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:04:52,802 INFO L280 TraceCheckUtils]: 16: Hoare triple {532#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !((~bvule32(~bvadd32(16bv32, ~kobj~1.offset), #length[~kobj~1.base]) && ~bvule32(~kobj~1.offset, ~bvadd32(16bv32, ~kobj~1.offset))) && ~bvule32(0bv32, ~kobj~1.offset)); {483#false} is VALID [2020-07-29 01:04:52,803 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:52,803 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:53,357 INFO L280 TraceCheckUtils]: 16: Hoare triple {539#(and (bvule ldv_kobject_create_~kobj~1.offset (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} assume !((~bvule32(~bvadd32(16bv32, ~kobj~1.offset), #length[~kobj~1.base]) && ~bvule32(~kobj~1.offset, ~bvadd32(16bv32, ~kobj~1.offset))) && ~bvule32(0bv32, ~kobj~1.offset)); {483#false} is VALID [2020-07-29 01:04:53,358 INFO L280 TraceCheckUtils]: 15: Hoare triple {539#(and (bvule ldv_kobject_create_~kobj~1.offset (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {539#(and (bvule ldv_kobject_create_~kobj~1.offset (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:04:53,362 INFO L280 TraceCheckUtils]: 14: Hoare triple {546#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)) (bvule |ldv_kobject_create_#t~ret34.offset| (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32))))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {539#(and (bvule ldv_kobject_create_~kobj~1.offset (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:04:53,364 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {553#(or (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule |ldv_malloc_#res.offset| (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))) (not (= (_ bv16 32) |ldv_malloc_#in~size|)))} {482#true} #417#return; {546#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)) (bvule |ldv_kobject_create_#t~ret34.offset| (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32))))} is VALID [2020-07-29 01:04:53,365 INFO L280 TraceCheckUtils]: 12: Hoare triple {553#(or (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule |ldv_malloc_#res.offset| (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))) (not (= (_ bv16 32) |ldv_malloc_#in~size|)))} assume true; {553#(or (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule |ldv_malloc_#res.offset| (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))) (not (= (_ bv16 32) |ldv_malloc_#in~size|)))} is VALID [2020-07-29 01:04:53,368 INFO L280 TraceCheckUtils]: 11: Hoare triple {560#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv16 32) ldv_malloc_~size))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {553#(or (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule |ldv_malloc_#res.offset| (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))) (not (= (_ bv16 32) |ldv_malloc_#in~size|)))} is VALID [2020-07-29 01:04:53,370 INFO L280 TraceCheckUtils]: 10: Hoare triple {482#true} ~size := #in~size; {560#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv16 32) ldv_malloc_~size))} is VALID [2020-07-29 01:04:53,370 INFO L263 TraceCheckUtils]: 9: Hoare triple {482#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {482#true} is VALID [2020-07-29 01:04:53,370 INFO L280 TraceCheckUtils]: 8: Hoare triple {482#true} havoc ~kobj~1.base, ~kobj~1.offset; {482#true} is VALID [2020-07-29 01:04:53,370 INFO L263 TraceCheckUtils]: 7: Hoare triple {482#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {482#true} is VALID [2020-07-29 01:04:53,371 INFO L280 TraceCheckUtils]: 6: Hoare triple {482#true} havoc ~kobj~2.base, ~kobj~2.offset; {482#true} is VALID [2020-07-29 01:04:53,371 INFO L263 TraceCheckUtils]: 5: Hoare triple {482#true} call entry_point(); {482#true} is VALID [2020-07-29 01:04:53,371 INFO L263 TraceCheckUtils]: 4: Hoare triple {482#true} call main(); {482#true} is VALID [2020-07-29 01:04:53,371 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {482#true} {482#true} #437#return; {482#true} is VALID [2020-07-29 01:04:53,372 INFO L280 TraceCheckUtils]: 2: Hoare triple {482#true} assume true; {482#true} is VALID [2020-07-29 01:04:53,372 INFO L280 TraceCheckUtils]: 1: Hoare triple {482#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {482#true} is VALID [2020-07-29 01:04:53,372 INFO L263 TraceCheckUtils]: 0: Hoare triple {482#true} call ULTIMATE.init(); {482#true} is VALID [2020-07-29 01:04:53,373 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:53,374 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1831562379] [2020-07-29 01:04:53,374 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:53,374 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 9 [2020-07-29 01:04:53,374 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1451129480] [2020-07-29 01:04:53,376 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 17 [2020-07-29 01:04:53,376 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:53,376 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:04:53,412 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:53,413 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:04:53,413 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:53,413 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:04:53,413 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:04:53,414 INFO L87 Difference]: Start difference. First operand 65 states and 72 transitions. Second operand 10 states. [2020-07-29 01:04:55,393 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:55,394 INFO L93 Difference]: Finished difference Result 70 states and 77 transitions. [2020-07-29 01:04:55,394 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2020-07-29 01:04:55,394 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 17 [2020-07-29 01:04:55,394 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:55,395 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:04:55,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 78 transitions. [2020-07-29 01:04:55,400 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:04:55,404 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 78 transitions. [2020-07-29 01:04:55,404 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 78 transitions. [2020-07-29 01:04:55,535 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 78 edges. 78 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:55,538 INFO L225 Difference]: With dead ends: 70 [2020-07-29 01:04:55,538 INFO L226 Difference]: Without dead ends: 70 [2020-07-29 01:04:55,539 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 24 SyntacticMatches, 1 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=27, Invalid=83, Unknown=0, NotChecked=0, Total=110 [2020-07-29 01:04:55,541 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2020-07-29 01:04:55,548 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 65. [2020-07-29 01:04:55,548 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:55,548 INFO L82 GeneralOperation]: Start isEquivalent. First operand 70 states. Second operand 65 states. [2020-07-29 01:04:55,548 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 65 states. [2020-07-29 01:04:55,548 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 65 states. [2020-07-29 01:04:55,554 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:55,554 INFO L93 Difference]: Finished difference Result 70 states and 77 transitions. [2020-07-29 01:04:55,554 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 77 transitions. [2020-07-29 01:04:55,555 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:55,555 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:55,556 INFO L74 IsIncluded]: Start isIncluded. First operand 65 states. Second operand 70 states. [2020-07-29 01:04:55,556 INFO L87 Difference]: Start difference. First operand 65 states. Second operand 70 states. [2020-07-29 01:04:55,561 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:55,561 INFO L93 Difference]: Finished difference Result 70 states and 77 transitions. [2020-07-29 01:04:55,561 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 77 transitions. [2020-07-29 01:04:55,562 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:55,563 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:55,563 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:55,563 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:55,563 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 65 states. [2020-07-29 01:04:55,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 71 transitions. [2020-07-29 01:04:55,567 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 71 transitions. Word has length 17 [2020-07-29 01:04:55,567 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:55,567 INFO L479 AbstractCegarLoop]: Abstraction has 65 states and 71 transitions. [2020-07-29 01:04:55,568 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:04:55,568 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 71 transitions. [2020-07-29 01:04:55,568 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:04:55,568 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:55,569 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:55,780 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 mathsat -unsat_core_generation=3 [2020-07-29 01:04:55,782 INFO L427 AbstractCegarLoop]: === Iteration 3 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:55,782 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:55,782 INFO L82 PathProgramCache]: Analyzing trace with hash -868310900, now seen corresponding path program 1 times [2020-07-29 01:04:55,783 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:55,784 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1841051191] [2020-07-29 01:04:55,784 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 4 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:55,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:55,906 INFO L263 TraceCheckSpWp]: Trace formula consists of 84 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:04:55,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:55,916 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:55,986 INFO L263 TraceCheckUtils]: 0: Hoare triple {870#true} call ULTIMATE.init(); {870#true} is VALID [2020-07-29 01:04:55,986 INFO L280 TraceCheckUtils]: 1: Hoare triple {870#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {870#true} is VALID [2020-07-29 01:04:55,987 INFO L280 TraceCheckUtils]: 2: Hoare triple {870#true} assume true; {870#true} is VALID [2020-07-29 01:04:55,987 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {870#true} {870#true} #437#return; {870#true} is VALID [2020-07-29 01:04:55,988 INFO L263 TraceCheckUtils]: 4: Hoare triple {870#true} call main(); {870#true} is VALID [2020-07-29 01:04:55,989 INFO L263 TraceCheckUtils]: 5: Hoare triple {870#true} call entry_point(); {870#true} is VALID [2020-07-29 01:04:55,989 INFO L280 TraceCheckUtils]: 6: Hoare triple {870#true} havoc ~kobj~2.base, ~kobj~2.offset; {870#true} is VALID [2020-07-29 01:04:55,990 INFO L263 TraceCheckUtils]: 7: Hoare triple {870#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {870#true} is VALID [2020-07-29 01:04:55,990 INFO L280 TraceCheckUtils]: 8: Hoare triple {870#true} havoc ~kobj~1.base, ~kobj~1.offset; {870#true} is VALID [2020-07-29 01:04:55,990 INFO L263 TraceCheckUtils]: 9: Hoare triple {870#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {870#true} is VALID [2020-07-29 01:04:55,991 INFO L280 TraceCheckUtils]: 10: Hoare triple {870#true} ~size := #in~size; {870#true} is VALID [2020-07-29 01:04:55,993 INFO L280 TraceCheckUtils]: 11: Hoare triple {870#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:55,994 INFO L280 TraceCheckUtils]: 12: Hoare triple {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:55,996 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} {870#true} #417#return; {915#(and (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} is VALID [2020-07-29 01:04:55,997 INFO L280 TraceCheckUtils]: 14: Hoare triple {915#(and (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {919#(and (= (_ bv0 32) ldv_kobject_create_~kobj~1.base) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:04:55,998 INFO L280 TraceCheckUtils]: 15: Hoare triple {919#(and (= (_ bv0 32) ldv_kobject_create_~kobj~1.base) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {871#false} is VALID [2020-07-29 01:04:55,998 INFO L280 TraceCheckUtils]: 16: Hoare triple {871#false} assume !(1bv1 == #valid[~kobj~1.base]); {871#false} is VALID [2020-07-29 01:04:55,999 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:56,000 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:56,116 INFO L280 TraceCheckUtils]: 16: Hoare triple {871#false} assume !(1bv1 == #valid[~kobj~1.base]); {871#false} is VALID [2020-07-29 01:04:56,117 INFO L280 TraceCheckUtils]: 15: Hoare triple {919#(and (= (_ bv0 32) ldv_kobject_create_~kobj~1.base) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {871#false} is VALID [2020-07-29 01:04:56,118 INFO L280 TraceCheckUtils]: 14: Hoare triple {915#(and (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {919#(and (= (_ bv0 32) ldv_kobject_create_~kobj~1.base) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:04:56,120 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} {870#true} #417#return; {915#(and (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} is VALID [2020-07-29 01:04:56,121 INFO L280 TraceCheckUtils]: 12: Hoare triple {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:56,122 INFO L280 TraceCheckUtils]: 11: Hoare triple {870#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {908#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:56,123 INFO L280 TraceCheckUtils]: 10: Hoare triple {870#true} ~size := #in~size; {870#true} is VALID [2020-07-29 01:04:56,123 INFO L263 TraceCheckUtils]: 9: Hoare triple {870#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {870#true} is VALID [2020-07-29 01:04:56,123 INFO L280 TraceCheckUtils]: 8: Hoare triple {870#true} havoc ~kobj~1.base, ~kobj~1.offset; {870#true} is VALID [2020-07-29 01:04:56,123 INFO L263 TraceCheckUtils]: 7: Hoare triple {870#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {870#true} is VALID [2020-07-29 01:04:56,124 INFO L280 TraceCheckUtils]: 6: Hoare triple {870#true} havoc ~kobj~2.base, ~kobj~2.offset; {870#true} is VALID [2020-07-29 01:04:56,124 INFO L263 TraceCheckUtils]: 5: Hoare triple {870#true} call entry_point(); {870#true} is VALID [2020-07-29 01:04:56,125 INFO L263 TraceCheckUtils]: 4: Hoare triple {870#true} call main(); {870#true} is VALID [2020-07-29 01:04:56,125 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {870#true} {870#true} #437#return; {870#true} is VALID [2020-07-29 01:04:56,125 INFO L280 TraceCheckUtils]: 2: Hoare triple {870#true} assume true; {870#true} is VALID [2020-07-29 01:04:56,126 INFO L280 TraceCheckUtils]: 1: Hoare triple {870#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {870#true} is VALID [2020-07-29 01:04:56,126 INFO L263 TraceCheckUtils]: 0: Hoare triple {870#true} call ULTIMATE.init(); {870#true} is VALID [2020-07-29 01:04:56,128 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:56,129 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1841051191] [2020-07-29 01:04:56,129 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:56,129 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2020-07-29 01:04:56,130 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [779480002] [2020-07-29 01:04:56,130 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2020-07-29 01:04:56,130 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:56,131 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:04:56,156 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:56,156 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:04:56,156 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:56,156 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:04:56,157 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:56,157 INFO L87 Difference]: Start difference. First operand 65 states and 71 transitions. Second operand 5 states. [2020-07-29 01:04:56,536 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:56,537 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2020-07-29 01:04:56,537 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:04:56,537 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 17 [2020-07-29 01:04:56,538 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:56,538 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:56,541 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 69 transitions. [2020-07-29 01:04:56,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:56,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 69 transitions. [2020-07-29 01:04:56,545 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 69 transitions. [2020-07-29 01:04:56,670 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 69 edges. 69 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:56,674 INFO L225 Difference]: With dead ends: 64 [2020-07-29 01:04:56,674 INFO L226 Difference]: Without dead ends: 64 [2020-07-29 01:04:56,675 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:56,675 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2020-07-29 01:04:56,711 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 62. [2020-07-29 01:04:56,711 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:56,711 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:56,711 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:56,712 INFO L87 Difference]: Start difference. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:56,716 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:56,716 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2020-07-29 01:04:56,716 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 68 transitions. [2020-07-29 01:04:56,717 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:56,717 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:56,717 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand 64 states. [2020-07-29 01:04:56,717 INFO L87 Difference]: Start difference. First operand 62 states. Second operand 64 states. [2020-07-29 01:04:56,721 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:56,721 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2020-07-29 01:04:56,722 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 68 transitions. [2020-07-29 01:04:56,723 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:56,723 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:56,723 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:56,723 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:56,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 62 states. [2020-07-29 01:04:56,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 66 transitions. [2020-07-29 01:04:56,726 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 66 transitions. Word has length 17 [2020-07-29 01:04:56,727 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:56,727 INFO L479 AbstractCegarLoop]: Abstraction has 62 states and 66 transitions. [2020-07-29 01:04:56,727 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:04:56,727 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 66 transitions. [2020-07-29 01:04:56,731 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2020-07-29 01:04:56,731 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:56,731 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:56,932 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 mathsat -unsat_core_generation=3 [2020-07-29 01:04:56,933 INFO L427 AbstractCegarLoop]: === Iteration 4 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:56,934 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:56,935 INFO L82 PathProgramCache]: Analyzing trace with hash 2008128002, now seen corresponding path program 1 times [2020-07-29 01:04:56,935 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:56,936 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1440986184] [2020-07-29 01:04:56,936 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 5 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:57,061 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:57,065 INFO L263 TraceCheckSpWp]: Trace formula consists of 100 conjuncts, 5 conjunts are in the unsatisfiable core [2020-07-29 01:04:57,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:57,087 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:57,150 INFO L263 TraceCheckUtils]: 0: Hoare triple {1230#true} call ULTIMATE.init(); {1230#true} is VALID [2020-07-29 01:04:57,150 INFO L280 TraceCheckUtils]: 1: Hoare triple {1230#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1230#true} is VALID [2020-07-29 01:04:57,150 INFO L280 TraceCheckUtils]: 2: Hoare triple {1230#true} assume true; {1230#true} is VALID [2020-07-29 01:04:57,151 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1230#true} {1230#true} #437#return; {1230#true} is VALID [2020-07-29 01:04:57,151 INFO L263 TraceCheckUtils]: 4: Hoare triple {1230#true} call main(); {1230#true} is VALID [2020-07-29 01:04:57,151 INFO L263 TraceCheckUtils]: 5: Hoare triple {1230#true} call entry_point(); {1230#true} is VALID [2020-07-29 01:04:57,153 INFO L280 TraceCheckUtils]: 6: Hoare triple {1230#true} havoc ~kobj~2.base, ~kobj~2.offset; {1230#true} is VALID [2020-07-29 01:04:57,154 INFO L263 TraceCheckUtils]: 7: Hoare triple {1230#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1230#true} is VALID [2020-07-29 01:04:57,154 INFO L280 TraceCheckUtils]: 8: Hoare triple {1230#true} havoc ~kobj~1.base, ~kobj~1.offset; {1230#true} is VALID [2020-07-29 01:04:57,154 INFO L263 TraceCheckUtils]: 9: Hoare triple {1230#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1230#true} is VALID [2020-07-29 01:04:57,154 INFO L280 TraceCheckUtils]: 10: Hoare triple {1230#true} ~size := #in~size; {1230#true} is VALID [2020-07-29 01:04:57,159 INFO L280 TraceCheckUtils]: 11: Hoare triple {1230#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,160 INFO L280 TraceCheckUtils]: 12: Hoare triple {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,162 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {1230#true} #417#return; {1275#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,163 INFO L280 TraceCheckUtils]: 14: Hoare triple {1275#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1279#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:04:57,164 INFO L280 TraceCheckUtils]: 15: Hoare triple {1279#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume ~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32;#res.base, #res.offset := 0bv32, 0bv32; {1231#false} is VALID [2020-07-29 01:04:57,164 INFO L280 TraceCheckUtils]: 16: Hoare triple {1231#false} assume true; {1231#false} is VALID [2020-07-29 01:04:57,164 INFO L275 TraceCheckUtils]: 17: Hoare quadruple {1231#false} {1230#true} #427#return; {1231#false} is VALID [2020-07-29 01:04:57,165 INFO L280 TraceCheckUtils]: 18: Hoare triple {1231#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {1231#false} is VALID [2020-07-29 01:04:57,165 INFO L280 TraceCheckUtils]: 19: Hoare triple {1231#false} assume true; {1231#false} is VALID [2020-07-29 01:04:57,165 INFO L275 TraceCheckUtils]: 20: Hoare quadruple {1231#false} {1230#true} #401#return; {1231#false} is VALID [2020-07-29 01:04:57,167 INFO L280 TraceCheckUtils]: 21: Hoare triple {1231#false} assume !(#valid == old(#valid)); {1231#false} is VALID [2020-07-29 01:04:57,168 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:57,168 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:57,376 INFO L280 TraceCheckUtils]: 21: Hoare triple {1231#false} assume !(#valid == old(#valid)); {1231#false} is VALID [2020-07-29 01:04:57,377 INFO L275 TraceCheckUtils]: 20: Hoare quadruple {1231#false} {1230#true} #401#return; {1231#false} is VALID [2020-07-29 01:04:57,377 INFO L280 TraceCheckUtils]: 19: Hoare triple {1231#false} assume true; {1231#false} is VALID [2020-07-29 01:04:57,377 INFO L280 TraceCheckUtils]: 18: Hoare triple {1231#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {1231#false} is VALID [2020-07-29 01:04:57,377 INFO L275 TraceCheckUtils]: 17: Hoare quadruple {1231#false} {1230#true} #427#return; {1231#false} is VALID [2020-07-29 01:04:57,378 INFO L280 TraceCheckUtils]: 16: Hoare triple {1231#false} assume true; {1231#false} is VALID [2020-07-29 01:04:57,379 INFO L280 TraceCheckUtils]: 15: Hoare triple {1279#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume ~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32;#res.base, #res.offset := 0bv32, 0bv32; {1231#false} is VALID [2020-07-29 01:04:57,380 INFO L280 TraceCheckUtils]: 14: Hoare triple {1275#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1279#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:04:57,381 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {1230#true} #417#return; {1275#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,382 INFO L280 TraceCheckUtils]: 12: Hoare triple {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,383 INFO L280 TraceCheckUtils]: 11: Hoare triple {1230#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {1268#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:04:57,383 INFO L280 TraceCheckUtils]: 10: Hoare triple {1230#true} ~size := #in~size; {1230#true} is VALID [2020-07-29 01:04:57,383 INFO L263 TraceCheckUtils]: 9: Hoare triple {1230#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1230#true} is VALID [2020-07-29 01:04:57,383 INFO L280 TraceCheckUtils]: 8: Hoare triple {1230#true} havoc ~kobj~1.base, ~kobj~1.offset; {1230#true} is VALID [2020-07-29 01:04:57,384 INFO L263 TraceCheckUtils]: 7: Hoare triple {1230#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1230#true} is VALID [2020-07-29 01:04:57,384 INFO L280 TraceCheckUtils]: 6: Hoare triple {1230#true} havoc ~kobj~2.base, ~kobj~2.offset; {1230#true} is VALID [2020-07-29 01:04:57,384 INFO L263 TraceCheckUtils]: 5: Hoare triple {1230#true} call entry_point(); {1230#true} is VALID [2020-07-29 01:04:57,384 INFO L263 TraceCheckUtils]: 4: Hoare triple {1230#true} call main(); {1230#true} is VALID [2020-07-29 01:04:57,384 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1230#true} {1230#true} #437#return; {1230#true} is VALID [2020-07-29 01:04:57,385 INFO L280 TraceCheckUtils]: 2: Hoare triple {1230#true} assume true; {1230#true} is VALID [2020-07-29 01:04:57,385 INFO L280 TraceCheckUtils]: 1: Hoare triple {1230#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1230#true} is VALID [2020-07-29 01:04:57,385 INFO L263 TraceCheckUtils]: 0: Hoare triple {1230#true} call ULTIMATE.init(); {1230#true} is VALID [2020-07-29 01:04:57,386 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:57,390 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1440986184] [2020-07-29 01:04:57,390 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:57,390 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2020-07-29 01:04:57,390 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2080841839] [2020-07-29 01:04:57,391 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 22 [2020-07-29 01:04:57,393 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:57,393 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:04:57,420 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:57,420 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:04:57,421 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:57,421 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:04:57,421 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:57,422 INFO L87 Difference]: Start difference. First operand 62 states and 66 transitions. Second operand 5 states. [2020-07-29 01:04:57,751 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:57,751 INFO L93 Difference]: Finished difference Result 64 states and 67 transitions. [2020-07-29 01:04:57,751 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:04:57,751 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 22 [2020-07-29 01:04:57,752 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:57,752 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:57,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 68 transitions. [2020-07-29 01:04:57,755 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:04:57,758 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 68 transitions. [2020-07-29 01:04:57,758 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 68 transitions. [2020-07-29 01:04:57,853 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 68 edges. 68 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:57,856 INFO L225 Difference]: With dead ends: 64 [2020-07-29 01:04:57,856 INFO L226 Difference]: Without dead ends: 64 [2020-07-29 01:04:57,857 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 40 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:04:57,857 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2020-07-29 01:04:57,862 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 62. [2020-07-29 01:04:57,862 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:57,862 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:57,862 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:57,862 INFO L87 Difference]: Start difference. First operand 64 states. Second operand 62 states. [2020-07-29 01:04:57,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:57,866 INFO L93 Difference]: Finished difference Result 64 states and 67 transitions. [2020-07-29 01:04:57,866 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 67 transitions. [2020-07-29 01:04:57,867 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:57,867 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:57,867 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand 64 states. [2020-07-29 01:04:57,867 INFO L87 Difference]: Start difference. First operand 62 states. Second operand 64 states. [2020-07-29 01:04:57,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:57,871 INFO L93 Difference]: Finished difference Result 64 states and 67 transitions. [2020-07-29 01:04:57,871 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 67 transitions. [2020-07-29 01:04:57,872 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:57,872 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:57,872 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:57,872 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:57,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 62 states. [2020-07-29 01:04:57,875 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 65 transitions. [2020-07-29 01:04:57,875 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 65 transitions. Word has length 22 [2020-07-29 01:04:57,876 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:57,876 INFO L479 AbstractCegarLoop]: Abstraction has 62 states and 65 transitions. [2020-07-29 01:04:57,876 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:04:57,876 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 65 transitions. [2020-07-29 01:04:57,877 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2020-07-29 01:04:57,877 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:57,877 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:58,088 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 mathsat -unsat_core_generation=3 [2020-07-29 01:04:58,089 INFO L427 AbstractCegarLoop]: === Iteration 5 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:58,091 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:58,091 INFO L82 PathProgramCache]: Analyzing trace with hash 211176643, now seen corresponding path program 1 times [2020-07-29 01:04:58,092 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:58,092 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [863499746] [2020-07-29 01:04:58,092 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 6 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:58,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:58,218 INFO L263 TraceCheckSpWp]: Trace formula consists of 94 conjuncts, 8 conjunts are in the unsatisfiable core [2020-07-29 01:04:58,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:58,231 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:58,266 INFO L263 TraceCheckUtils]: 0: Hoare triple {1620#true} call ULTIMATE.init(); {1620#true} is VALID [2020-07-29 01:04:58,266 INFO L280 TraceCheckUtils]: 1: Hoare triple {1620#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1620#true} is VALID [2020-07-29 01:04:58,266 INFO L280 TraceCheckUtils]: 2: Hoare triple {1620#true} assume true; {1620#true} is VALID [2020-07-29 01:04:58,266 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1620#true} {1620#true} #437#return; {1620#true} is VALID [2020-07-29 01:04:58,267 INFO L263 TraceCheckUtils]: 4: Hoare triple {1620#true} call main(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,268 INFO L263 TraceCheckUtils]: 5: Hoare triple {1637#(= |#valid| |old(#valid)|)} call entry_point(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,268 INFO L280 TraceCheckUtils]: 6: Hoare triple {1637#(= |#valid| |old(#valid)|)} havoc ~kobj~2.base, ~kobj~2.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,269 INFO L263 TraceCheckUtils]: 7: Hoare triple {1637#(= |#valid| |old(#valid)|)} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,270 INFO L280 TraceCheckUtils]: 8: Hoare triple {1637#(= |#valid| |old(#valid)|)} havoc ~kobj~1.base, ~kobj~1.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,271 INFO L263 TraceCheckUtils]: 9: Hoare triple {1637#(= |#valid| |old(#valid)|)} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,271 INFO L280 TraceCheckUtils]: 10: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~size := #in~size; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,272 INFO L280 TraceCheckUtils]: 11: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,273 INFO L280 TraceCheckUtils]: 12: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,274 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #417#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,275 INFO L280 TraceCheckUtils]: 14: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,276 INFO L280 TraceCheckUtils]: 15: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume ~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32;#res.base, #res.offset := 0bv32, 0bv32; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,276 INFO L280 TraceCheckUtils]: 16: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,277 INFO L275 TraceCheckUtils]: 17: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #427#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,278 INFO L280 TraceCheckUtils]: 18: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,279 INFO L280 TraceCheckUtils]: 19: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,279 INFO L275 TraceCheckUtils]: 20: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #401#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,280 INFO L280 TraceCheckUtils]: 21: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume !(#valid == old(#valid)); {1621#false} is VALID [2020-07-29 01:04:58,282 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:58,282 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:58,449 INFO L280 TraceCheckUtils]: 21: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume !(#valid == old(#valid)); {1621#false} is VALID [2020-07-29 01:04:58,450 INFO L275 TraceCheckUtils]: 20: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #401#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,451 INFO L280 TraceCheckUtils]: 19: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,451 INFO L280 TraceCheckUtils]: 18: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,452 INFO L275 TraceCheckUtils]: 17: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #427#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,453 INFO L280 TraceCheckUtils]: 16: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,453 INFO L280 TraceCheckUtils]: 15: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume ~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32;#res.base, #res.offset := 0bv32, 0bv32; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,454 INFO L280 TraceCheckUtils]: 14: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,455 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1637#(= |#valid| |old(#valid)|)} {1637#(= |#valid| |old(#valid)|)} #417#return; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,456 INFO L280 TraceCheckUtils]: 12: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume true; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,456 INFO L280 TraceCheckUtils]: 11: Hoare triple {1637#(= |#valid| |old(#valid)|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,456 INFO L280 TraceCheckUtils]: 10: Hoare triple {1637#(= |#valid| |old(#valid)|)} ~size := #in~size; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,457 INFO L263 TraceCheckUtils]: 9: Hoare triple {1637#(= |#valid| |old(#valid)|)} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,457 INFO L280 TraceCheckUtils]: 8: Hoare triple {1637#(= |#valid| |old(#valid)|)} havoc ~kobj~1.base, ~kobj~1.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,458 INFO L263 TraceCheckUtils]: 7: Hoare triple {1637#(= |#valid| |old(#valid)|)} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,459 INFO L280 TraceCheckUtils]: 6: Hoare triple {1637#(= |#valid| |old(#valid)|)} havoc ~kobj~2.base, ~kobj~2.offset; {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,460 INFO L263 TraceCheckUtils]: 5: Hoare triple {1637#(= |#valid| |old(#valid)|)} call entry_point(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,461 INFO L263 TraceCheckUtils]: 4: Hoare triple {1620#true} call main(); {1637#(= |#valid| |old(#valid)|)} is VALID [2020-07-29 01:04:58,461 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1620#true} {1620#true} #437#return; {1620#true} is VALID [2020-07-29 01:04:58,461 INFO L280 TraceCheckUtils]: 2: Hoare triple {1620#true} assume true; {1620#true} is VALID [2020-07-29 01:04:58,462 INFO L280 TraceCheckUtils]: 1: Hoare triple {1620#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1620#true} is VALID [2020-07-29 01:04:58,462 INFO L263 TraceCheckUtils]: 0: Hoare triple {1620#true} call ULTIMATE.init(); {1620#true} is VALID [2020-07-29 01:04:58,463 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:58,463 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [863499746] [2020-07-29 01:04:58,463 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:58,463 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2, 2] imperfect sequences [] total 2 [2020-07-29 01:04:58,464 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1181786678] [2020-07-29 01:04:58,464 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 22 [2020-07-29 01:04:58,464 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:58,464 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2020-07-29 01:04:58,505 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:58,505 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2020-07-29 01:04:58,505 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:58,506 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2020-07-29 01:04:58,506 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2020-07-29 01:04:58,507 INFO L87 Difference]: Start difference. First operand 62 states and 65 transitions. Second operand 3 states. [2020-07-29 01:04:58,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:58,715 INFO L93 Difference]: Finished difference Result 68 states and 70 transitions. [2020-07-29 01:04:58,715 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2020-07-29 01:04:58,715 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 22 [2020-07-29 01:04:58,716 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:58,716 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2020-07-29 01:04:58,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 71 transitions. [2020-07-29 01:04:58,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2020-07-29 01:04:58,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 71 transitions. [2020-07-29 01:04:58,722 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 71 transitions. [2020-07-29 01:04:58,833 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 71 edges. 71 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:58,836 INFO L225 Difference]: With dead ends: 68 [2020-07-29 01:04:58,836 INFO L226 Difference]: Without dead ends: 58 [2020-07-29 01:04:58,837 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 42 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2020-07-29 01:04:58,837 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2020-07-29 01:04:58,841 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2020-07-29 01:04:58,841 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:58,841 INFO L82 GeneralOperation]: Start isEquivalent. First operand 58 states. Second operand 58 states. [2020-07-29 01:04:58,841 INFO L74 IsIncluded]: Start isIncluded. First operand 58 states. Second operand 58 states. [2020-07-29 01:04:58,842 INFO L87 Difference]: Start difference. First operand 58 states. Second operand 58 states. [2020-07-29 01:04:58,851 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:58,851 INFO L93 Difference]: Finished difference Result 58 states and 60 transitions. [2020-07-29 01:04:58,851 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 60 transitions. [2020-07-29 01:04:58,852 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:58,852 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:58,852 INFO L74 IsIncluded]: Start isIncluded. First operand 58 states. Second operand 58 states. [2020-07-29 01:04:58,856 INFO L87 Difference]: Start difference. First operand 58 states. Second operand 58 states. [2020-07-29 01:04:58,862 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:58,863 INFO L93 Difference]: Finished difference Result 58 states and 60 transitions. [2020-07-29 01:04:58,863 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 60 transitions. [2020-07-29 01:04:58,863 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:58,864 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:58,864 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:58,864 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:58,864 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 58 states. [2020-07-29 01:04:58,872 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 60 transitions. [2020-07-29 01:04:58,873 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 60 transitions. Word has length 22 [2020-07-29 01:04:58,873 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:58,873 INFO L479 AbstractCegarLoop]: Abstraction has 58 states and 60 transitions. [2020-07-29 01:04:58,873 INFO L480 AbstractCegarLoop]: Interpolant automaton has 3 states. [2020-07-29 01:04:58,873 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 60 transitions. [2020-07-29 01:04:58,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2020-07-29 01:04:58,874 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:58,874 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:04:59,077 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 mathsat -unsat_core_generation=3 [2020-07-29 01:04:59,077 INFO L427 AbstractCegarLoop]: === Iteration 6 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:04:59,077 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:04:59,078 INFO L82 PathProgramCache]: Analyzing trace with hash -45428445, now seen corresponding path program 1 times [2020-07-29 01:04:59,078 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:04:59,078 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1534585504] [2020-07-29 01:04:59,078 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 7 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with mathsat -unsat_core_generation=3 [2020-07-29 01:04:59,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:59,214 INFO L263 TraceCheckSpWp]: Trace formula consists of 143 conjuncts, 3 conjunts are in the unsatisfiable core [2020-07-29 01:04:59,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:04:59,229 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:04:59,269 INFO L263 TraceCheckUtils]: 0: Hoare triple {1996#true} call ULTIMATE.init(); {1996#true} is VALID [2020-07-29 01:04:59,270 INFO L280 TraceCheckUtils]: 1: Hoare triple {1996#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1996#true} is VALID [2020-07-29 01:04:59,270 INFO L280 TraceCheckUtils]: 2: Hoare triple {1996#true} assume true; {1996#true} is VALID [2020-07-29 01:04:59,270 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1996#true} {1996#true} #437#return; {1996#true} is VALID [2020-07-29 01:04:59,270 INFO L263 TraceCheckUtils]: 4: Hoare triple {1996#true} call main(); {1996#true} is VALID [2020-07-29 01:04:59,271 INFO L263 TraceCheckUtils]: 5: Hoare triple {1996#true} call entry_point(); {1996#true} is VALID [2020-07-29 01:04:59,271 INFO L280 TraceCheckUtils]: 6: Hoare triple {1996#true} havoc ~kobj~2.base, ~kobj~2.offset; {1996#true} is VALID [2020-07-29 01:04:59,271 INFO L263 TraceCheckUtils]: 7: Hoare triple {1996#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1996#true} is VALID [2020-07-29 01:04:59,271 INFO L280 TraceCheckUtils]: 8: Hoare triple {1996#true} havoc ~kobj~1.base, ~kobj~1.offset; {1996#true} is VALID [2020-07-29 01:04:59,272 INFO L263 TraceCheckUtils]: 9: Hoare triple {1996#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1996#true} is VALID [2020-07-29 01:04:59,272 INFO L280 TraceCheckUtils]: 10: Hoare triple {1996#true} ~size := #in~size; {1996#true} is VALID [2020-07-29 01:04:59,272 INFO L280 TraceCheckUtils]: 11: Hoare triple {1996#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {1996#true} is VALID [2020-07-29 01:04:59,273 INFO L280 TraceCheckUtils]: 12: Hoare triple {1996#true} assume true; {1996#true} is VALID [2020-07-29 01:04:59,273 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1996#true} {1996#true} #417#return; {1996#true} is VALID [2020-07-29 01:04:59,273 INFO L280 TraceCheckUtils]: 14: Hoare triple {1996#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1996#true} is VALID [2020-07-29 01:04:59,273 INFO L280 TraceCheckUtils]: 15: Hoare triple {1996#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {1996#true} is VALID [2020-07-29 01:04:59,274 INFO L263 TraceCheckUtils]: 16: Hoare triple {1996#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {1996#true} is VALID [2020-07-29 01:04:59,274 INFO L280 TraceCheckUtils]: 17: Hoare triple {1996#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {1996#true} is VALID [2020-07-29 01:04:59,275 INFO L280 TraceCheckUtils]: 18: Hoare triple {1996#true} #t~loopctr39 := 0bv32; {2055#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} is VALID [2020-07-29 01:04:59,276 INFO L280 TraceCheckUtils]: 19: Hoare triple {2055#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} assume !~bvslt32(#t~loopctr39, #amount); {2059#(not (bvslt (_ bv0 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:04:59,276 INFO L280 TraceCheckUtils]: 20: Hoare triple {2059#(not (bvslt (_ bv0 32) |#Ultimate.C_memset_#amount|))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2059#(not (bvslt (_ bv0 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:04:59,277 INFO L275 TraceCheckUtils]: 21: Hoare quadruple {2059#(not (bvslt (_ bv0 32) |#Ultimate.C_memset_#amount|))} {1996#true} #419#return; {1997#false} is VALID [2020-07-29 01:04:59,277 INFO L280 TraceCheckUtils]: 22: Hoare triple {1997#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L263 TraceCheckUtils]: 23: Hoare triple {1997#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L280 TraceCheckUtils]: 24: Hoare triple {1997#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L280 TraceCheckUtils]: 25: Hoare triple {1997#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L263 TraceCheckUtils]: 26: Hoare triple {1997#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L280 TraceCheckUtils]: 27: Hoare triple {1997#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {1997#false} is VALID [2020-07-29 01:04:59,278 INFO L280 TraceCheckUtils]: 28: Hoare triple {1997#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {1997#false} is VALID [2020-07-29 01:04:59,279 INFO L263 TraceCheckUtils]: 29: Hoare triple {1997#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {1997#false} is VALID [2020-07-29 01:04:59,279 INFO L280 TraceCheckUtils]: 30: Hoare triple {1997#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {1997#false} is VALID [2020-07-29 01:04:59,279 INFO L280 TraceCheckUtils]: 31: Hoare triple {1997#false} assume !(1bv1 == #valid[~kref.base]); {1997#false} is VALID [2020-07-29 01:04:59,280 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:59,280 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:04:59,380 INFO L280 TraceCheckUtils]: 31: Hoare triple {1997#false} assume !(1bv1 == #valid[~kref.base]); {1997#false} is VALID [2020-07-29 01:04:59,381 INFO L280 TraceCheckUtils]: 30: Hoare triple {1997#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {1997#false} is VALID [2020-07-29 01:04:59,381 INFO L263 TraceCheckUtils]: 29: Hoare triple {1997#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {1997#false} is VALID [2020-07-29 01:04:59,382 INFO L280 TraceCheckUtils]: 28: Hoare triple {1997#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {1997#false} is VALID [2020-07-29 01:04:59,382 INFO L280 TraceCheckUtils]: 27: Hoare triple {1997#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {1997#false} is VALID [2020-07-29 01:04:59,382 INFO L263 TraceCheckUtils]: 26: Hoare triple {1997#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {1997#false} is VALID [2020-07-29 01:04:59,382 INFO L280 TraceCheckUtils]: 25: Hoare triple {1997#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {1997#false} is VALID [2020-07-29 01:04:59,382 INFO L280 TraceCheckUtils]: 24: Hoare triple {1997#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {1997#false} is VALID [2020-07-29 01:04:59,383 INFO L263 TraceCheckUtils]: 23: Hoare triple {1997#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {1997#false} is VALID [2020-07-29 01:04:59,383 INFO L280 TraceCheckUtils]: 22: Hoare triple {1997#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {1997#false} is VALID [2020-07-29 01:04:59,385 INFO L275 TraceCheckUtils]: 21: Hoare quadruple {2129#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} {1996#true} #419#return; {1997#false} is VALID [2020-07-29 01:04:59,385 INFO L280 TraceCheckUtils]: 20: Hoare triple {2129#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2129#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:04:59,386 INFO L280 TraceCheckUtils]: 19: Hoare triple {2136#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume !~bvslt32(#t~loopctr39, #amount); {2129#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:04:59,387 INFO L280 TraceCheckUtils]: 18: Hoare triple {1996#true} #t~loopctr39 := 0bv32; {2136#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:04:59,387 INFO L280 TraceCheckUtils]: 17: Hoare triple {1996#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {1996#true} is VALID [2020-07-29 01:04:59,387 INFO L263 TraceCheckUtils]: 16: Hoare triple {1996#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {1996#true} is VALID [2020-07-29 01:04:59,387 INFO L280 TraceCheckUtils]: 15: Hoare triple {1996#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {1996#true} is VALID [2020-07-29 01:04:59,387 INFO L280 TraceCheckUtils]: 14: Hoare triple {1996#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {1996#true} is VALID [2020-07-29 01:04:59,387 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {1996#true} {1996#true} #417#return; {1996#true} is VALID [2020-07-29 01:04:59,388 INFO L280 TraceCheckUtils]: 12: Hoare triple {1996#true} assume true; {1996#true} is VALID [2020-07-29 01:04:59,388 INFO L280 TraceCheckUtils]: 11: Hoare triple {1996#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {1996#true} is VALID [2020-07-29 01:04:59,388 INFO L280 TraceCheckUtils]: 10: Hoare triple {1996#true} ~size := #in~size; {1996#true} is VALID [2020-07-29 01:04:59,388 INFO L263 TraceCheckUtils]: 9: Hoare triple {1996#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {1996#true} is VALID [2020-07-29 01:04:59,388 INFO L280 TraceCheckUtils]: 8: Hoare triple {1996#true} havoc ~kobj~1.base, ~kobj~1.offset; {1996#true} is VALID [2020-07-29 01:04:59,389 INFO L263 TraceCheckUtils]: 7: Hoare triple {1996#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {1996#true} is VALID [2020-07-29 01:04:59,389 INFO L280 TraceCheckUtils]: 6: Hoare triple {1996#true} havoc ~kobj~2.base, ~kobj~2.offset; {1996#true} is VALID [2020-07-29 01:04:59,389 INFO L263 TraceCheckUtils]: 5: Hoare triple {1996#true} call entry_point(); {1996#true} is VALID [2020-07-29 01:04:59,389 INFO L263 TraceCheckUtils]: 4: Hoare triple {1996#true} call main(); {1996#true} is VALID [2020-07-29 01:04:59,389 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1996#true} {1996#true} #437#return; {1996#true} is VALID [2020-07-29 01:04:59,390 INFO L280 TraceCheckUtils]: 2: Hoare triple {1996#true} assume true; {1996#true} is VALID [2020-07-29 01:04:59,390 INFO L280 TraceCheckUtils]: 1: Hoare triple {1996#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1996#true} is VALID [2020-07-29 01:04:59,390 INFO L263 TraceCheckUtils]: 0: Hoare triple {1996#true} call ULTIMATE.init(); {1996#true} is VALID [2020-07-29 01:04:59,391 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:04:59,391 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1534585504] [2020-07-29 01:04:59,392 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:04:59,392 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4, 4] imperfect sequences [] total 6 [2020-07-29 01:04:59,392 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [759982983] [2020-07-29 01:04:59,392 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 32 [2020-07-29 01:04:59,393 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:04:59,393 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:04:59,441 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:59,441 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:04:59,441 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:04:59,441 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:04:59,442 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:04:59,442 INFO L87 Difference]: Start difference. First operand 58 states and 60 transitions. Second operand 6 states. [2020-07-29 01:04:59,819 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:59,819 INFO L93 Difference]: Finished difference Result 64 states and 66 transitions. [2020-07-29 01:04:59,819 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2020-07-29 01:04:59,819 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 32 [2020-07-29 01:04:59,820 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:04:59,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:04:59,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 68 transitions. [2020-07-29 01:04:59,823 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:04:59,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 68 transitions. [2020-07-29 01:04:59,825 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 68 transitions. [2020-07-29 01:04:59,958 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 68 edges. 68 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:04:59,960 INFO L225 Difference]: With dead ends: 64 [2020-07-29 01:04:59,961 INFO L226 Difference]: Without dead ends: 60 [2020-07-29 01:04:59,961 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 64 GetRequests, 58 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=23, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:04:59,962 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2020-07-29 01:04:59,968 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2020-07-29 01:04:59,969 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:04:59,969 INFO L82 GeneralOperation]: Start isEquivalent. First operand 60 states. Second operand 60 states. [2020-07-29 01:04:59,969 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand 60 states. [2020-07-29 01:04:59,969 INFO L87 Difference]: Start difference. First operand 60 states. Second operand 60 states. [2020-07-29 01:04:59,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:59,975 INFO L93 Difference]: Finished difference Result 60 states and 62 transitions. [2020-07-29 01:04:59,976 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 62 transitions. [2020-07-29 01:04:59,976 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:59,976 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:59,977 INFO L74 IsIncluded]: Start isIncluded. First operand 60 states. Second operand 60 states. [2020-07-29 01:04:59,977 INFO L87 Difference]: Start difference. First operand 60 states. Second operand 60 states. [2020-07-29 01:04:59,980 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:04:59,981 INFO L93 Difference]: Finished difference Result 60 states and 62 transitions. [2020-07-29 01:04:59,981 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 62 transitions. [2020-07-29 01:04:59,981 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:04:59,981 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:04:59,982 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:04:59,982 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:04:59,982 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 60 states. [2020-07-29 01:04:59,985 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 62 transitions. [2020-07-29 01:04:59,986 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 62 transitions. Word has length 32 [2020-07-29 01:04:59,986 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:04:59,986 INFO L479 AbstractCegarLoop]: Abstraction has 60 states and 62 transitions. [2020-07-29 01:04:59,986 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:04:59,987 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 62 transitions. [2020-07-29 01:04:59,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2020-07-29 01:04:59,988 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:04:59,988 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:00,202 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 mathsat -unsat_core_generation=3 [2020-07-29 01:05:00,202 INFO L427 AbstractCegarLoop]: === Iteration 7 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:00,202 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:00,203 INFO L82 PathProgramCache]: Analyzing trace with hash -792080061, now seen corresponding path program 1 times [2020-07-29 01:05:00,203 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:00,204 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [391691659] [2020-07-29 01:05:00,204 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 8 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 8 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:00,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:00,374 INFO L263 TraceCheckSpWp]: Trace formula consists of 153 conjuncts, 5 conjunts are in the unsatisfiable core [2020-07-29 01:05:00,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:00,396 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:00,488 INFO L263 TraceCheckUtils]: 0: Hoare triple {2439#true} call ULTIMATE.init(); {2439#true} is VALID [2020-07-29 01:05:00,488 INFO L280 TraceCheckUtils]: 1: Hoare triple {2439#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2439#true} is VALID [2020-07-29 01:05:00,489 INFO L280 TraceCheckUtils]: 2: Hoare triple {2439#true} assume true; {2439#true} is VALID [2020-07-29 01:05:00,489 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2439#true} {2439#true} #437#return; {2439#true} is VALID [2020-07-29 01:05:00,490 INFO L263 TraceCheckUtils]: 4: Hoare triple {2439#true} call main(); {2439#true} is VALID [2020-07-29 01:05:00,490 INFO L263 TraceCheckUtils]: 5: Hoare triple {2439#true} call entry_point(); {2439#true} is VALID [2020-07-29 01:05:00,490 INFO L280 TraceCheckUtils]: 6: Hoare triple {2439#true} havoc ~kobj~2.base, ~kobj~2.offset; {2439#true} is VALID [2020-07-29 01:05:00,490 INFO L263 TraceCheckUtils]: 7: Hoare triple {2439#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {2439#true} is VALID [2020-07-29 01:05:00,514 INFO L280 TraceCheckUtils]: 8: Hoare triple {2439#true} havoc ~kobj~1.base, ~kobj~1.offset; {2439#true} is VALID [2020-07-29 01:05:00,514 INFO L263 TraceCheckUtils]: 9: Hoare triple {2439#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {2439#true} is VALID [2020-07-29 01:05:00,515 INFO L280 TraceCheckUtils]: 10: Hoare triple {2439#true} ~size := #in~size; {2439#true} is VALID [2020-07-29 01:05:00,516 INFO L280 TraceCheckUtils]: 11: Hoare triple {2439#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {2439#true} is VALID [2020-07-29 01:05:00,516 INFO L280 TraceCheckUtils]: 12: Hoare triple {2439#true} assume true; {2439#true} is VALID [2020-07-29 01:05:00,516 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {2439#true} {2439#true} #417#return; {2439#true} is VALID [2020-07-29 01:05:00,517 INFO L280 TraceCheckUtils]: 14: Hoare triple {2439#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {2439#true} is VALID [2020-07-29 01:05:00,517 INFO L280 TraceCheckUtils]: 15: Hoare triple {2439#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {2439#true} is VALID [2020-07-29 01:05:00,517 INFO L263 TraceCheckUtils]: 16: Hoare triple {2439#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {2439#true} is VALID [2020-07-29 01:05:00,517 INFO L280 TraceCheckUtils]: 17: Hoare triple {2439#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {2439#true} is VALID [2020-07-29 01:05:00,521 INFO L280 TraceCheckUtils]: 18: Hoare triple {2439#true} #t~loopctr39 := 0bv32; {2498#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} is VALID [2020-07-29 01:05:00,524 INFO L280 TraceCheckUtils]: 19: Hoare triple {2498#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2502#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:00,536 INFO L280 TraceCheckUtils]: 20: Hoare triple {2502#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2506#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_10| (_ BitVec 32))) (and (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_10|) (= (_ bv1 32) |v_#Ultimate.C_memset_#t~loopctr39_10|)))} is VALID [2020-07-29 01:05:00,538 INFO L280 TraceCheckUtils]: 21: Hoare triple {2506#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_10| (_ BitVec 32))) (and (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_10|) (= (_ bv1 32) |v_#Ultimate.C_memset_#t~loopctr39_10|)))} assume !~bvslt32(#t~loopctr39, #amount); {2510#(not (bvslt (_ bv2 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:00,539 INFO L280 TraceCheckUtils]: 22: Hoare triple {2510#(not (bvslt (_ bv2 32) |#Ultimate.C_memset_#amount|))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2510#(not (bvslt (_ bv2 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:00,541 INFO L275 TraceCheckUtils]: 23: Hoare quadruple {2510#(not (bvslt (_ bv2 32) |#Ultimate.C_memset_#amount|))} {2439#true} #419#return; {2440#false} is VALID [2020-07-29 01:05:00,541 INFO L280 TraceCheckUtils]: 24: Hoare triple {2440#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {2440#false} is VALID [2020-07-29 01:05:00,541 INFO L263 TraceCheckUtils]: 25: Hoare triple {2440#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {2440#false} is VALID [2020-07-29 01:05:00,542 INFO L280 TraceCheckUtils]: 26: Hoare triple {2440#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {2440#false} is VALID [2020-07-29 01:05:00,542 INFO L280 TraceCheckUtils]: 27: Hoare triple {2440#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {2440#false} is VALID [2020-07-29 01:05:00,542 INFO L263 TraceCheckUtils]: 28: Hoare triple {2440#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {2440#false} is VALID [2020-07-29 01:05:00,543 INFO L280 TraceCheckUtils]: 29: Hoare triple {2440#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {2440#false} is VALID [2020-07-29 01:05:00,543 INFO L280 TraceCheckUtils]: 30: Hoare triple {2440#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {2440#false} is VALID [2020-07-29 01:05:00,543 INFO L263 TraceCheckUtils]: 31: Hoare triple {2440#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {2440#false} is VALID [2020-07-29 01:05:00,543 INFO L280 TraceCheckUtils]: 32: Hoare triple {2440#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {2440#false} is VALID [2020-07-29 01:05:00,544 INFO L280 TraceCheckUtils]: 33: Hoare triple {2440#false} assume !(1bv1 == #valid[~kref.base]); {2440#false} is VALID [2020-07-29 01:05:00,547 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:00,547 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:00,757 INFO L280 TraceCheckUtils]: 33: Hoare triple {2440#false} assume !(1bv1 == #valid[~kref.base]); {2440#false} is VALID [2020-07-29 01:05:00,757 INFO L280 TraceCheckUtils]: 32: Hoare triple {2440#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {2440#false} is VALID [2020-07-29 01:05:00,758 INFO L263 TraceCheckUtils]: 31: Hoare triple {2440#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {2440#false} is VALID [2020-07-29 01:05:00,758 INFO L280 TraceCheckUtils]: 30: Hoare triple {2440#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {2440#false} is VALID [2020-07-29 01:05:00,758 INFO L280 TraceCheckUtils]: 29: Hoare triple {2440#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {2440#false} is VALID [2020-07-29 01:05:00,758 INFO L263 TraceCheckUtils]: 28: Hoare triple {2440#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {2440#false} is VALID [2020-07-29 01:05:00,758 INFO L280 TraceCheckUtils]: 27: Hoare triple {2440#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {2440#false} is VALID [2020-07-29 01:05:00,759 INFO L280 TraceCheckUtils]: 26: Hoare triple {2440#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {2440#false} is VALID [2020-07-29 01:05:00,759 INFO L263 TraceCheckUtils]: 25: Hoare triple {2440#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {2440#false} is VALID [2020-07-29 01:05:00,759 INFO L280 TraceCheckUtils]: 24: Hoare triple {2440#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {2440#false} is VALID [2020-07-29 01:05:00,760 INFO L275 TraceCheckUtils]: 23: Hoare quadruple {2580#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} {2439#true} #419#return; {2440#false} is VALID [2020-07-29 01:05:00,761 INFO L280 TraceCheckUtils]: 22: Hoare triple {2580#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2580#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:00,762 INFO L280 TraceCheckUtils]: 21: Hoare triple {2587#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume !~bvslt32(#t~loopctr39, #amount); {2580#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:00,763 INFO L280 TraceCheckUtils]: 20: Hoare triple {2591#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2587#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:00,768 INFO L280 TraceCheckUtils]: 19: Hoare triple {2595#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2591#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:00,769 INFO L280 TraceCheckUtils]: 18: Hoare triple {2439#true} #t~loopctr39 := 0bv32; {2595#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:00,769 INFO L280 TraceCheckUtils]: 17: Hoare triple {2439#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {2439#true} is VALID [2020-07-29 01:05:00,769 INFO L263 TraceCheckUtils]: 16: Hoare triple {2439#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {2439#true} is VALID [2020-07-29 01:05:00,770 INFO L280 TraceCheckUtils]: 15: Hoare triple {2439#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {2439#true} is VALID [2020-07-29 01:05:00,770 INFO L280 TraceCheckUtils]: 14: Hoare triple {2439#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {2439#true} is VALID [2020-07-29 01:05:00,770 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {2439#true} {2439#true} #417#return; {2439#true} is VALID [2020-07-29 01:05:00,771 INFO L280 TraceCheckUtils]: 12: Hoare triple {2439#true} assume true; {2439#true} is VALID [2020-07-29 01:05:00,772 INFO L280 TraceCheckUtils]: 11: Hoare triple {2439#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {2439#true} is VALID [2020-07-29 01:05:00,772 INFO L280 TraceCheckUtils]: 10: Hoare triple {2439#true} ~size := #in~size; {2439#true} is VALID [2020-07-29 01:05:00,772 INFO L263 TraceCheckUtils]: 9: Hoare triple {2439#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {2439#true} is VALID [2020-07-29 01:05:00,772 INFO L280 TraceCheckUtils]: 8: Hoare triple {2439#true} havoc ~kobj~1.base, ~kobj~1.offset; {2439#true} is VALID [2020-07-29 01:05:00,772 INFO L263 TraceCheckUtils]: 7: Hoare triple {2439#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {2439#true} is VALID [2020-07-29 01:05:00,773 INFO L280 TraceCheckUtils]: 6: Hoare triple {2439#true} havoc ~kobj~2.base, ~kobj~2.offset; {2439#true} is VALID [2020-07-29 01:05:00,773 INFO L263 TraceCheckUtils]: 5: Hoare triple {2439#true} call entry_point(); {2439#true} is VALID [2020-07-29 01:05:00,773 INFO L263 TraceCheckUtils]: 4: Hoare triple {2439#true} call main(); {2439#true} is VALID [2020-07-29 01:05:00,773 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2439#true} {2439#true} #437#return; {2439#true} is VALID [2020-07-29 01:05:00,773 INFO L280 TraceCheckUtils]: 2: Hoare triple {2439#true} assume true; {2439#true} is VALID [2020-07-29 01:05:00,774 INFO L280 TraceCheckUtils]: 1: Hoare triple {2439#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2439#true} is VALID [2020-07-29 01:05:00,774 INFO L263 TraceCheckUtils]: 0: Hoare triple {2439#true} call ULTIMATE.init(); {2439#true} is VALID [2020-07-29 01:05:00,775 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:00,775 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [391691659] [2020-07-29 01:05:00,775 INFO L220 FreeRefinementEngine]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2020-07-29 01:05:00,776 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 10 [2020-07-29 01:05:00,776 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1472123591] [2020-07-29 01:05:00,778 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 34 [2020-07-29 01:05:00,780 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:00,780 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:05:00,850 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:00,850 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:05:00,851 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:00,851 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:05:00,851 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:05:00,851 INFO L87 Difference]: Start difference. First operand 60 states and 62 transitions. Second operand 10 states. [2020-07-29 01:05:01,766 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:01,766 INFO L93 Difference]: Finished difference Result 68 states and 72 transitions. [2020-07-29 01:05:01,766 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:05:01,766 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 34 [2020-07-29 01:05:01,766 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:01,766 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:05:01,769 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 74 transitions. [2020-07-29 01:05:01,769 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:05:01,771 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 74 transitions. [2020-07-29 01:05:01,771 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 74 transitions. [2020-07-29 01:05:01,894 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:01,895 INFO L225 Difference]: With dead ends: 68 [2020-07-29 01:05:01,896 INFO L226 Difference]: Without dead ends: 64 [2020-07-29 01:05:01,896 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 70 GetRequests, 58 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=63, Invalid=93, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:05:01,896 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2020-07-29 01:05:01,902 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2020-07-29 01:05:01,903 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:01,903 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand 64 states. [2020-07-29 01:05:01,903 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand 64 states. [2020-07-29 01:05:01,903 INFO L87 Difference]: Start difference. First operand 64 states. Second operand 64 states. [2020-07-29 01:05:01,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:01,906 INFO L93 Difference]: Finished difference Result 64 states and 66 transitions. [2020-07-29 01:05:01,906 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2020-07-29 01:05:01,906 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:01,906 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:01,906 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand 64 states. [2020-07-29 01:05:01,907 INFO L87 Difference]: Start difference. First operand 64 states. Second operand 64 states. [2020-07-29 01:05:01,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:01,909 INFO L93 Difference]: Finished difference Result 64 states and 66 transitions. [2020-07-29 01:05:01,909 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2020-07-29 01:05:01,910 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:01,910 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:01,910 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:01,910 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:01,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 64 states. [2020-07-29 01:05:01,912 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 66 transitions. [2020-07-29 01:05:01,912 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 66 transitions. Word has length 34 [2020-07-29 01:05:01,913 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:01,913 INFO L479 AbstractCegarLoop]: Abstraction has 64 states and 66 transitions. [2020-07-29 01:05:01,913 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:05:01,913 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2020-07-29 01:05:01,914 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2020-07-29 01:05:01,914 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:01,914 INFO L422 BasicCegarLoop]: trace histogram [6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:02,125 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 mathsat -unsat_core_generation=3 [2020-07-29 01:05:02,126 INFO L427 AbstractCegarLoop]: === Iteration 8 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:02,127 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:02,127 INFO L82 PathProgramCache]: Analyzing trace with hash -1102366333, now seen corresponding path program 2 times [2020-07-29 01:05:02,128 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:02,128 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [381382741] [2020-07-29 01:05:02,128 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 9 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 9 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:02,263 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2020-07-29 01:05:02,264 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2020-07-29 01:05:02,268 INFO L263 TraceCheckSpWp]: Trace formula consists of 143 conjuncts, 12 conjunts are in the unsatisfiable core [2020-07-29 01:05:02,292 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:02,294 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:02,317 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:05:02,317 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:05:02,320 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:05:02,321 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:05:02,321 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:05:02,325 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:05:02,326 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_205|]. (= |#valid| (store |v_#valid_205| |ldv_malloc_#res.base| (_ bv1 1))) [2020-07-29 01:05:02,326 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) [2020-07-29 01:05:02,608 INFO L263 TraceCheckUtils]: 0: Hoare triple {2918#true} call ULTIMATE.init(); {2918#true} is VALID [2020-07-29 01:05:02,608 INFO L280 TraceCheckUtils]: 1: Hoare triple {2918#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2918#true} is VALID [2020-07-29 01:05:02,609 INFO L280 TraceCheckUtils]: 2: Hoare triple {2918#true} assume true; {2918#true} is VALID [2020-07-29 01:05:02,609 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2918#true} {2918#true} #437#return; {2918#true} is VALID [2020-07-29 01:05:02,609 INFO L263 TraceCheckUtils]: 4: Hoare triple {2918#true} call main(); {2918#true} is VALID [2020-07-29 01:05:02,610 INFO L263 TraceCheckUtils]: 5: Hoare triple {2918#true} call entry_point(); {2918#true} is VALID [2020-07-29 01:05:02,610 INFO L280 TraceCheckUtils]: 6: Hoare triple {2918#true} havoc ~kobj~2.base, ~kobj~2.offset; {2918#true} is VALID [2020-07-29 01:05:02,610 INFO L263 TraceCheckUtils]: 7: Hoare triple {2918#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {2918#true} is VALID [2020-07-29 01:05:02,610 INFO L280 TraceCheckUtils]: 8: Hoare triple {2918#true} havoc ~kobj~1.base, ~kobj~1.offset; {2918#true} is VALID [2020-07-29 01:05:02,610 INFO L263 TraceCheckUtils]: 9: Hoare triple {2918#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {2918#true} is VALID [2020-07-29 01:05:02,611 INFO L280 TraceCheckUtils]: 10: Hoare triple {2918#true} ~size := #in~size; {2918#true} is VALID [2020-07-29 01:05:02,612 INFO L280 TraceCheckUtils]: 11: Hoare triple {2918#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,612 INFO L280 TraceCheckUtils]: 12: Hoare triple {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,613 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {2918#true} #417#return; {2963#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:05:02,614 INFO L280 TraceCheckUtils]: 14: Hoare triple {2963#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,614 INFO L280 TraceCheckUtils]: 15: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,616 INFO L263 TraceCheckUtils]: 16: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,617 INFO L280 TraceCheckUtils]: 17: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,618 INFO L280 TraceCheckUtils]: 18: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} #t~loopctr39 := 0bv32; {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,618 INFO L280 TraceCheckUtils]: 19: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,619 INFO L280 TraceCheckUtils]: 20: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,619 INFO L280 TraceCheckUtils]: 21: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,620 INFO L280 TraceCheckUtils]: 22: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,622 INFO L280 TraceCheckUtils]: 23: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,622 INFO L280 TraceCheckUtils]: 24: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,623 INFO L280 TraceCheckUtils]: 25: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume !~bvslt32(#t~loopctr39, #amount); {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,623 INFO L280 TraceCheckUtils]: 26: Hoare triple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:02,624 INFO L275 TraceCheckUtils]: 27: Hoare quadruple {2974#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_1) (_ bv1 1)) (_ bv0 1)))} {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} #419#return; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,625 INFO L280 TraceCheckUtils]: 28: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} havoc #t~memset~res35.base, #t~memset~res35.offset; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,626 INFO L263 TraceCheckUtils]: 29: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {3014#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,626 INFO L280 TraceCheckUtils]: 30: Hoare triple {3014#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,627 INFO L280 TraceCheckUtils]: 31: Hoare triple {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,628 INFO L263 TraceCheckUtils]: 32: Hoare triple {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {3025#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,629 INFO L280 TraceCheckUtils]: 33: Hoare triple {3025#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,629 INFO L280 TraceCheckUtils]: 34: Hoare triple {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,630 INFO L263 TraceCheckUtils]: 35: Hoare triple {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {3036#(= (bvadd (select |#valid| |ldv_kref_init_#in~kref.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,631 INFO L280 TraceCheckUtils]: 36: Hoare triple {3036#(= (bvadd (select |#valid| |ldv_kref_init_#in~kref.base|) (_ bv1 1)) (_ bv0 1))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {3040#(= (_ bv1 1) (select |#valid| ldv_kref_init_~kref.base))} is VALID [2020-07-29 01:05:02,631 INFO L280 TraceCheckUtils]: 37: Hoare triple {3040#(= (_ bv1 1) (select |#valid| ldv_kref_init_~kref.base))} assume !(1bv1 == #valid[~kref.base]); {2919#false} is VALID [2020-07-29 01:05:02,636 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2020-07-29 01:05:02,637 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:02,802 INFO L280 TraceCheckUtils]: 37: Hoare triple {3040#(= (_ bv1 1) (select |#valid| ldv_kref_init_~kref.base))} assume !(1bv1 == #valid[~kref.base]); {2919#false} is VALID [2020-07-29 01:05:02,803 INFO L280 TraceCheckUtils]: 36: Hoare triple {3036#(= (bvadd (select |#valid| |ldv_kref_init_#in~kref.base|) (_ bv1 1)) (_ bv0 1))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {3040#(= (_ bv1 1) (select |#valid| ldv_kref_init_~kref.base))} is VALID [2020-07-29 01:05:02,804 INFO L263 TraceCheckUtils]: 35: Hoare triple {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {3036#(= (bvadd (select |#valid| |ldv_kref_init_#in~kref.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,805 INFO L280 TraceCheckUtils]: 34: Hoare triple {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,805 INFO L280 TraceCheckUtils]: 33: Hoare triple {3025#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3029#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,806 INFO L263 TraceCheckUtils]: 32: Hoare triple {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {3025#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,807 INFO L280 TraceCheckUtils]: 31: Hoare triple {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,808 INFO L280 TraceCheckUtils]: 30: Hoare triple {3014#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3018#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,809 INFO L263 TraceCheckUtils]: 29: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {3014#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,809 INFO L280 TraceCheckUtils]: 28: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} havoc #t~memset~res35.base, #t~memset~res35.offset; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,810 INFO L275 TraceCheckUtils]: 27: Hoare quadruple {2918#true} {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} #419#return; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,811 INFO L280 TraceCheckUtils]: 26: Hoare triple {2918#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {2918#true} is VALID [2020-07-29 01:05:02,811 INFO L280 TraceCheckUtils]: 25: Hoare triple {2918#true} assume !~bvslt32(#t~loopctr39, #amount); {2918#true} is VALID [2020-07-29 01:05:02,811 INFO L280 TraceCheckUtils]: 24: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,811 INFO L280 TraceCheckUtils]: 23: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,811 INFO L280 TraceCheckUtils]: 22: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,812 INFO L280 TraceCheckUtils]: 21: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,812 INFO L280 TraceCheckUtils]: 20: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,812 INFO L280 TraceCheckUtils]: 19: Hoare triple {2918#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {2918#true} is VALID [2020-07-29 01:05:02,812 INFO L280 TraceCheckUtils]: 18: Hoare triple {2918#true} #t~loopctr39 := 0bv32; {2918#true} is VALID [2020-07-29 01:05:02,812 INFO L280 TraceCheckUtils]: 17: Hoare triple {2918#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {2918#true} is VALID [2020-07-29 01:05:02,813 INFO L263 TraceCheckUtils]: 16: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {2918#true} is VALID [2020-07-29 01:05:02,817 INFO L280 TraceCheckUtils]: 15: Hoare triple {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,817 INFO L280 TraceCheckUtils]: 14: Hoare triple {2963#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {2967#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,821 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {2918#true} #417#return; {2963#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:05:02,821 INFO L280 TraceCheckUtils]: 12: Hoare triple {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,823 INFO L280 TraceCheckUtils]: 11: Hoare triple {2918#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {2956#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:02,823 INFO L280 TraceCheckUtils]: 10: Hoare triple {2918#true} ~size := #in~size; {2918#true} is VALID [2020-07-29 01:05:02,823 INFO L263 TraceCheckUtils]: 9: Hoare triple {2918#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {2918#true} is VALID [2020-07-29 01:05:02,823 INFO L280 TraceCheckUtils]: 8: Hoare triple {2918#true} havoc ~kobj~1.base, ~kobj~1.offset; {2918#true} is VALID [2020-07-29 01:05:02,823 INFO L263 TraceCheckUtils]: 7: Hoare triple {2918#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {2918#true} is VALID [2020-07-29 01:05:02,823 INFO L280 TraceCheckUtils]: 6: Hoare triple {2918#true} havoc ~kobj~2.base, ~kobj~2.offset; {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L263 TraceCheckUtils]: 5: Hoare triple {2918#true} call entry_point(); {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L263 TraceCheckUtils]: 4: Hoare triple {2918#true} call main(); {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2918#true} {2918#true} #437#return; {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L280 TraceCheckUtils]: 2: Hoare triple {2918#true} assume true; {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L280 TraceCheckUtils]: 1: Hoare triple {2918#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2918#true} is VALID [2020-07-29 01:05:02,824 INFO L263 TraceCheckUtils]: 0: Hoare triple {2918#true} call ULTIMATE.init(); {2918#true} is VALID [2020-07-29 01:05:02,826 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2020-07-29 01:05:02,826 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [381382741] [2020-07-29 01:05:02,826 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:02,826 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11, 10] imperfect sequences [] total 11 [2020-07-29 01:05:02,827 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1382273038] [2020-07-29 01:05:02,827 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 38 [2020-07-29 01:05:02,828 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:02,829 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2020-07-29 01:05:02,920 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:02,920 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2020-07-29 01:05:02,920 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:02,920 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2020-07-29 01:05:02,920 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=102, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:05:02,921 INFO L87 Difference]: Start difference. First operand 64 states and 66 transitions. Second operand 12 states. [2020-07-29 01:05:04,853 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:04,853 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2020-07-29 01:05:04,853 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2020-07-29 01:05:04,853 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 38 [2020-07-29 01:05:04,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:04,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:05:04,856 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 60 transitions. [2020-07-29 01:05:04,857 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:05:04,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 60 transitions. [2020-07-29 01:05:04,859 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 60 transitions. [2020-07-29 01:05:04,988 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 60 edges. 60 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:04,990 INFO L225 Difference]: With dead ends: 63 [2020-07-29 01:05:04,991 INFO L226 Difference]: Without dead ends: 63 [2020-07-29 01:05:04,991 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 78 GetRequests, 62 SyntacticMatches, 3 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=45, Invalid=165, Unknown=0, NotChecked=0, Total=210 [2020-07-29 01:05:04,992 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2020-07-29 01:05:04,997 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2020-07-29 01:05:04,999 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:05,000 INFO L82 GeneralOperation]: Start isEquivalent. First operand 63 states. Second operand 63 states. [2020-07-29 01:05:05,000 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand 63 states. [2020-07-29 01:05:05,000 INFO L87 Difference]: Start difference. First operand 63 states. Second operand 63 states. [2020-07-29 01:05:05,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:05,003 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2020-07-29 01:05:05,003 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2020-07-29 01:05:05,003 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:05,004 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:05,004 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand 63 states. [2020-07-29 01:05:05,004 INFO L87 Difference]: Start difference. First operand 63 states. Second operand 63 states. [2020-07-29 01:05:05,006 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:05,007 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2020-07-29 01:05:05,007 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2020-07-29 01:05:05,007 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:05,008 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:05,008 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:05,008 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:05,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 63 states. [2020-07-29 01:05:05,010 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 65 transitions. [2020-07-29 01:05:05,011 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 65 transitions. Word has length 38 [2020-07-29 01:05:05,011 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:05,011 INFO L479 AbstractCegarLoop]: Abstraction has 63 states and 65 transitions. [2020-07-29 01:05:05,011 INFO L480 AbstractCegarLoop]: Interpolant automaton has 12 states. [2020-07-29 01:05:05,011 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2020-07-29 01:05:05,012 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2020-07-29 01:05:05,012 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:05,013 INFO L422 BasicCegarLoop]: trace histogram [6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:05,234 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 mathsat -unsat_core_generation=3 [2020-07-29 01:05:05,236 INFO L427 AbstractCegarLoop]: === Iteration 9 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:05,236 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:05,236 INFO L82 PathProgramCache]: Analyzing trace with hash -1102366332, now seen corresponding path program 1 times [2020-07-29 01:05:05,237 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:05,240 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [642732311] [2020-07-29 01:05:05,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 10 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 10 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:05,403 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:05,407 INFO L263 TraceCheckSpWp]: Trace formula consists of 173 conjuncts, 9 conjunts are in the unsatisfiable core [2020-07-29 01:05:05,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:05,425 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:05,557 INFO L263 TraceCheckUtils]: 0: Hoare triple {3415#true} call ULTIMATE.init(); {3415#true} is VALID [2020-07-29 01:05:05,557 INFO L280 TraceCheckUtils]: 1: Hoare triple {3415#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3415#true} is VALID [2020-07-29 01:05:05,557 INFO L280 TraceCheckUtils]: 2: Hoare triple {3415#true} assume true; {3415#true} is VALID [2020-07-29 01:05:05,558 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3415#true} {3415#true} #437#return; {3415#true} is VALID [2020-07-29 01:05:05,558 INFO L263 TraceCheckUtils]: 4: Hoare triple {3415#true} call main(); {3415#true} is VALID [2020-07-29 01:05:05,558 INFO L263 TraceCheckUtils]: 5: Hoare triple {3415#true} call entry_point(); {3415#true} is VALID [2020-07-29 01:05:05,558 INFO L280 TraceCheckUtils]: 6: Hoare triple {3415#true} havoc ~kobj~2.base, ~kobj~2.offset; {3415#true} is VALID [2020-07-29 01:05:05,559 INFO L263 TraceCheckUtils]: 7: Hoare triple {3415#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {3415#true} is VALID [2020-07-29 01:05:05,559 INFO L280 TraceCheckUtils]: 8: Hoare triple {3415#true} havoc ~kobj~1.base, ~kobj~1.offset; {3415#true} is VALID [2020-07-29 01:05:05,559 INFO L263 TraceCheckUtils]: 9: Hoare triple {3415#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {3415#true} is VALID [2020-07-29 01:05:05,559 INFO L280 TraceCheckUtils]: 10: Hoare triple {3415#true} ~size := #in~size; {3415#true} is VALID [2020-07-29 01:05:05,560 INFO L280 TraceCheckUtils]: 11: Hoare triple {3415#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {3415#true} is VALID [2020-07-29 01:05:05,560 INFO L280 TraceCheckUtils]: 12: Hoare triple {3415#true} assume true; {3415#true} is VALID [2020-07-29 01:05:05,560 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {3415#true} {3415#true} #417#return; {3415#true} is VALID [2020-07-29 01:05:05,560 INFO L280 TraceCheckUtils]: 14: Hoare triple {3415#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {3415#true} is VALID [2020-07-29 01:05:05,561 INFO L280 TraceCheckUtils]: 15: Hoare triple {3415#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {3415#true} is VALID [2020-07-29 01:05:05,561 INFO L263 TraceCheckUtils]: 16: Hoare triple {3415#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {3415#true} is VALID [2020-07-29 01:05:05,561 INFO L280 TraceCheckUtils]: 17: Hoare triple {3415#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {3415#true} is VALID [2020-07-29 01:05:05,562 INFO L280 TraceCheckUtils]: 18: Hoare triple {3415#true} #t~loopctr39 := 0bv32; {3474#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} is VALID [2020-07-29 01:05:05,563 INFO L280 TraceCheckUtils]: 19: Hoare triple {3474#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3478#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,564 INFO L280 TraceCheckUtils]: 20: Hoare triple {3478#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3482#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967294 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,564 INFO L280 TraceCheckUtils]: 21: Hoare triple {3482#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967294 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3486#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967293 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,565 INFO L280 TraceCheckUtils]: 22: Hoare triple {3486#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967293 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3490#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967292 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,566 INFO L280 TraceCheckUtils]: 23: Hoare triple {3490#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967292 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3494#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967291 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,567 INFO L280 TraceCheckUtils]: 24: Hoare triple {3494#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967291 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3498#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967290 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:05,568 INFO L280 TraceCheckUtils]: 25: Hoare triple {3498#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967290 32)) (_ bv0 32))} assume !~bvslt32(#t~loopctr39, #amount); {3502#(not (bvslt (_ bv6 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:05,568 INFO L280 TraceCheckUtils]: 26: Hoare triple {3502#(not (bvslt (_ bv6 32) |#Ultimate.C_memset_#amount|))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {3502#(not (bvslt (_ bv6 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:05,569 INFO L275 TraceCheckUtils]: 27: Hoare quadruple {3502#(not (bvslt (_ bv6 32) |#Ultimate.C_memset_#amount|))} {3415#true} #419#return; {3416#false} is VALID [2020-07-29 01:05:05,569 INFO L280 TraceCheckUtils]: 28: Hoare triple {3416#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L263 TraceCheckUtils]: 29: Hoare triple {3416#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L280 TraceCheckUtils]: 30: Hoare triple {3416#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L280 TraceCheckUtils]: 31: Hoare triple {3416#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L263 TraceCheckUtils]: 32: Hoare triple {3416#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L280 TraceCheckUtils]: 33: Hoare triple {3416#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3416#false} is VALID [2020-07-29 01:05:05,570 INFO L280 TraceCheckUtils]: 34: Hoare triple {3416#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3416#false} is VALID [2020-07-29 01:05:05,571 INFO L263 TraceCheckUtils]: 35: Hoare triple {3416#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {3416#false} is VALID [2020-07-29 01:05:05,571 INFO L280 TraceCheckUtils]: 36: Hoare triple {3416#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {3416#false} is VALID [2020-07-29 01:05:05,571 INFO L280 TraceCheckUtils]: 37: Hoare triple {3416#false} assume !((~bvule32(~bvadd32(4bv32, ~kref.offset), #length[~kref.base]) && ~bvule32(~kref.offset, ~bvadd32(4bv32, ~kref.offset))) && ~bvule32(0bv32, ~kref.offset)); {3416#false} is VALID [2020-07-29 01:05:05,572 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:05,573 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:06,007 INFO L280 TraceCheckUtils]: 37: Hoare triple {3416#false} assume !((~bvule32(~bvadd32(4bv32, ~kref.offset), #length[~kref.base]) && ~bvule32(~kref.offset, ~bvadd32(4bv32, ~kref.offset))) && ~bvule32(0bv32, ~kref.offset)); {3416#false} is VALID [2020-07-29 01:05:06,007 INFO L280 TraceCheckUtils]: 36: Hoare triple {3416#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {3416#false} is VALID [2020-07-29 01:05:06,008 INFO L263 TraceCheckUtils]: 35: Hoare triple {3416#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {3416#false} is VALID [2020-07-29 01:05:06,008 INFO L280 TraceCheckUtils]: 34: Hoare triple {3416#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3416#false} is VALID [2020-07-29 01:05:06,008 INFO L280 TraceCheckUtils]: 33: Hoare triple {3416#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3416#false} is VALID [2020-07-29 01:05:06,009 INFO L263 TraceCheckUtils]: 32: Hoare triple {3416#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {3416#false} is VALID [2020-07-29 01:05:06,009 INFO L280 TraceCheckUtils]: 31: Hoare triple {3416#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {3416#false} is VALID [2020-07-29 01:05:06,009 INFO L280 TraceCheckUtils]: 30: Hoare triple {3416#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {3416#false} is VALID [2020-07-29 01:05:06,009 INFO L263 TraceCheckUtils]: 29: Hoare triple {3416#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {3416#false} is VALID [2020-07-29 01:05:06,010 INFO L280 TraceCheckUtils]: 28: Hoare triple {3416#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {3416#false} is VALID [2020-07-29 01:05:06,011 INFO L275 TraceCheckUtils]: 27: Hoare quadruple {3572#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} {3415#true} #419#return; {3416#false} is VALID [2020-07-29 01:05:06,011 INFO L280 TraceCheckUtils]: 26: Hoare triple {3572#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {3572#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:06,011 INFO L280 TraceCheckUtils]: 25: Hoare triple {3579#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume !~bvslt32(#t~loopctr39, #amount); {3572#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:06,012 INFO L280 TraceCheckUtils]: 24: Hoare triple {3583#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3579#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:06,018 INFO L280 TraceCheckUtils]: 23: Hoare triple {3587#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3583#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:06,022 INFO L280 TraceCheckUtils]: 22: Hoare triple {3591#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv3 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3587#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:06,026 INFO L280 TraceCheckUtils]: 21: Hoare triple {3595#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3591#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv3 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:06,030 INFO L280 TraceCheckUtils]: 20: Hoare triple {3599#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv5 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3595#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:06,034 INFO L280 TraceCheckUtils]: 19: Hoare triple {3603#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv6 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3599#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv5 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:06,035 INFO L280 TraceCheckUtils]: 18: Hoare triple {3415#true} #t~loopctr39 := 0bv32; {3603#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv6 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:06,035 INFO L280 TraceCheckUtils]: 17: Hoare triple {3415#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {3415#true} is VALID [2020-07-29 01:05:06,035 INFO L263 TraceCheckUtils]: 16: Hoare triple {3415#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L280 TraceCheckUtils]: 15: Hoare triple {3415#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L280 TraceCheckUtils]: 14: Hoare triple {3415#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {3415#true} {3415#true} #417#return; {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L280 TraceCheckUtils]: 12: Hoare triple {3415#true} assume true; {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L280 TraceCheckUtils]: 11: Hoare triple {3415#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {3415#true} is VALID [2020-07-29 01:05:06,036 INFO L280 TraceCheckUtils]: 10: Hoare triple {3415#true} ~size := #in~size; {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L263 TraceCheckUtils]: 9: Hoare triple {3415#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L280 TraceCheckUtils]: 8: Hoare triple {3415#true} havoc ~kobj~1.base, ~kobj~1.offset; {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L263 TraceCheckUtils]: 7: Hoare triple {3415#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L280 TraceCheckUtils]: 6: Hoare triple {3415#true} havoc ~kobj~2.base, ~kobj~2.offset; {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L263 TraceCheckUtils]: 5: Hoare triple {3415#true} call entry_point(); {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L263 TraceCheckUtils]: 4: Hoare triple {3415#true} call main(); {3415#true} is VALID [2020-07-29 01:05:06,037 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3415#true} {3415#true} #437#return; {3415#true} is VALID [2020-07-29 01:05:06,038 INFO L280 TraceCheckUtils]: 2: Hoare triple {3415#true} assume true; {3415#true} is VALID [2020-07-29 01:05:06,038 INFO L280 TraceCheckUtils]: 1: Hoare triple {3415#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3415#true} is VALID [2020-07-29 01:05:06,038 INFO L263 TraceCheckUtils]: 0: Hoare triple {3415#true} call ULTIMATE.init(); {3415#true} is VALID [2020-07-29 01:05:06,039 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:06,039 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [642732311] [2020-07-29 01:05:06,040 INFO L220 FreeRefinementEngine]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2020-07-29 01:05:06,040 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10] total 18 [2020-07-29 01:05:06,040 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1592920675] [2020-07-29 01:05:06,040 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 38 [2020-07-29 01:05:06,041 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:06,041 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 18 states. [2020-07-29 01:05:06,121 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:06,121 INFO L459 AbstractCegarLoop]: Interpolant automaton has 18 states [2020-07-29 01:05:06,121 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:06,121 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2020-07-29 01:05:06,122 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=97, Invalid=209, Unknown=0, NotChecked=0, Total=306 [2020-07-29 01:05:06,122 INFO L87 Difference]: Start difference. First operand 63 states and 65 transitions. Second operand 18 states. [2020-07-29 01:05:08,289 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:08,289 INFO L93 Difference]: Finished difference Result 75 states and 83 transitions. [2020-07-29 01:05:08,289 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2020-07-29 01:05:08,290 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 38 [2020-07-29 01:05:08,290 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:08,290 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 18 states. [2020-07-29 01:05:08,292 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 85 transitions. [2020-07-29 01:05:08,292 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 18 states. [2020-07-29 01:05:08,299 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 85 transitions. [2020-07-29 01:05:08,301 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 18 states and 85 transitions. [2020-07-29 01:05:08,452 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 85 edges. 85 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:08,455 INFO L225 Difference]: With dead ends: 75 [2020-07-29 01:05:08,455 INFO L226 Difference]: Without dead ends: 71 [2020-07-29 01:05:08,455 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 82 GetRequests, 58 SyntacticMatches, 1 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=223, Invalid=377, Unknown=0, NotChecked=0, Total=600 [2020-07-29 01:05:08,456 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2020-07-29 01:05:08,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2020-07-29 01:05:08,460 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:08,460 INFO L82 GeneralOperation]: Start isEquivalent. First operand 71 states. Second operand 71 states. [2020-07-29 01:05:08,460 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand 71 states. [2020-07-29 01:05:08,461 INFO L87 Difference]: Start difference. First operand 71 states. Second operand 71 states. [2020-07-29 01:05:08,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:08,464 INFO L93 Difference]: Finished difference Result 71 states and 73 transitions. [2020-07-29 01:05:08,464 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 73 transitions. [2020-07-29 01:05:08,464 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:08,465 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:08,465 INFO L74 IsIncluded]: Start isIncluded. First operand 71 states. Second operand 71 states. [2020-07-29 01:05:08,465 INFO L87 Difference]: Start difference. First operand 71 states. Second operand 71 states. [2020-07-29 01:05:08,466 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:08,467 INFO L93 Difference]: Finished difference Result 71 states and 73 transitions. [2020-07-29 01:05:08,467 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 73 transitions. [2020-07-29 01:05:08,467 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:08,468 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:08,468 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:08,468 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:08,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 71 states. [2020-07-29 01:05:08,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 73 transitions. [2020-07-29 01:05:08,470 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 73 transitions. Word has length 38 [2020-07-29 01:05:08,470 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:08,470 INFO L479 AbstractCegarLoop]: Abstraction has 71 states and 73 transitions. [2020-07-29 01:05:08,471 INFO L480 AbstractCegarLoop]: Interpolant automaton has 18 states. [2020-07-29 01:05:08,471 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 73 transitions. [2020-07-29 01:05:08,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2020-07-29 01:05:08,471 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:08,472 INFO L422 BasicCegarLoop]: trace histogram [14, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:08,676 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 mathsat -unsat_core_generation=3 [2020-07-29 01:05:08,677 INFO L427 AbstractCegarLoop]: === Iteration 10 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:08,678 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:08,678 INFO L82 PathProgramCache]: Analyzing trace with hash 2064886276, now seen corresponding path program 2 times [2020-07-29 01:05:08,679 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:08,679 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1447209501] [2020-07-29 01:05:08,680 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 11 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 11 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:08,811 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2020-07-29 01:05:08,811 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2020-07-29 01:05:08,814 INFO L263 TraceCheckSpWp]: Trace formula consists of 143 conjuncts, 24 conjunts are in the unsatisfiable core [2020-07-29 01:05:08,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:08,837 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:08,861 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:05:08,861 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:05:08,867 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:05:08,867 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:05:08,868 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:05:08,871 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:05:08,872 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_174|]. (and (= (store |v_#length_174| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|) (= (_ bv0 32) |ldv_malloc_#res.offset|)) [2020-07-29 01:05:08,872 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|)) [2020-07-29 01:05:09,255 INFO L263 TraceCheckUtils]: 0: Hoare triple {3962#true} call ULTIMATE.init(); {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L280 TraceCheckUtils]: 1: Hoare triple {3962#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L280 TraceCheckUtils]: 2: Hoare triple {3962#true} assume true; {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3962#true} {3962#true} #437#return; {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L263 TraceCheckUtils]: 4: Hoare triple {3962#true} call main(); {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L263 TraceCheckUtils]: 5: Hoare triple {3962#true} call entry_point(); {3962#true} is VALID [2020-07-29 01:05:09,256 INFO L280 TraceCheckUtils]: 6: Hoare triple {3962#true} havoc ~kobj~2.base, ~kobj~2.offset; {3962#true} is VALID [2020-07-29 01:05:09,257 INFO L263 TraceCheckUtils]: 7: Hoare triple {3962#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {3962#true} is VALID [2020-07-29 01:05:09,257 INFO L280 TraceCheckUtils]: 8: Hoare triple {3962#true} havoc ~kobj~1.base, ~kobj~1.offset; {3962#true} is VALID [2020-07-29 01:05:09,257 INFO L263 TraceCheckUtils]: 9: Hoare triple {3962#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {3962#true} is VALID [2020-07-29 01:05:09,257 INFO L280 TraceCheckUtils]: 10: Hoare triple {3962#true} ~size := #in~size; {3997#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2020-07-29 01:05:09,259 INFO L280 TraceCheckUtils]: 11: Hoare triple {3997#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {4001#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:05:09,260 INFO L280 TraceCheckUtils]: 12: Hoare triple {4001#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} assume true; {4001#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:05:09,261 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {4001#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} {3962#true} #417#return; {4008#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} is VALID [2020-07-29 01:05:09,268 INFO L280 TraceCheckUtils]: 14: Hoare triple {4008#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:09,269 INFO L280 TraceCheckUtils]: 15: Hoare triple {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:09,271 INFO L263 TraceCheckUtils]: 16: Hoare triple {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,271 INFO L280 TraceCheckUtils]: 17: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,272 INFO L280 TraceCheckUtils]: 18: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} #t~loopctr39 := 0bv32; {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,272 INFO L280 TraceCheckUtils]: 19: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,272 INFO L280 TraceCheckUtils]: 20: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,273 INFO L280 TraceCheckUtils]: 21: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,273 INFO L280 TraceCheckUtils]: 22: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,274 INFO L280 TraceCheckUtils]: 23: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,274 INFO L280 TraceCheckUtils]: 24: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,274 INFO L280 TraceCheckUtils]: 25: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,275 INFO L280 TraceCheckUtils]: 26: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,276 INFO L280 TraceCheckUtils]: 27: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,276 INFO L280 TraceCheckUtils]: 28: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,277 INFO L280 TraceCheckUtils]: 29: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,278 INFO L280 TraceCheckUtils]: 30: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,278 INFO L280 TraceCheckUtils]: 31: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,279 INFO L280 TraceCheckUtils]: 32: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,279 INFO L280 TraceCheckUtils]: 33: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume !~bvslt32(#t~loopctr39, #amount); {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,281 INFO L280 TraceCheckUtils]: 34: Hoare triple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} is VALID [2020-07-29 01:05:09,283 INFO L275 TraceCheckUtils]: 35: Hoare quadruple {4019#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_5)))} {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} #419#return; {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:09,284 INFO L280 TraceCheckUtils]: 36: Hoare triple {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} havoc #t~memset~res35.base, #t~memset~res35.offset; {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:09,285 INFO L263 TraceCheckUtils]: 37: Hoare triple {4012#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {4083#(and (= (_ bv16 32) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (= (_ bv0 32) |ldv_kobject_init_#in~kobj.offset|))} is VALID [2020-07-29 01:05:09,287 INFO L280 TraceCheckUtils]: 38: Hoare triple {4083#(and (= (_ bv16 32) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (= (_ bv0 32) |ldv_kobject_init_#in~kobj.offset|))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4087#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} is VALID [2020-07-29 01:05:09,295 INFO L280 TraceCheckUtils]: 39: Hoare triple {4087#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4087#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} is VALID [2020-07-29 01:05:09,297 INFO L263 TraceCheckUtils]: 40: Hoare triple {4087#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {4094#(and (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.offset|) (= (_ bv16 32) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} is VALID [2020-07-29 01:05:09,297 INFO L280 TraceCheckUtils]: 41: Hoare triple {4094#(and (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.offset|) (= (_ bv16 32) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4098#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} is VALID [2020-07-29 01:05:09,298 INFO L280 TraceCheckUtils]: 42: Hoare triple {4098#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4098#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} is VALID [2020-07-29 01:05:09,299 INFO L263 TraceCheckUtils]: 43: Hoare triple {4098#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {4105#(and (= (_ bv16 32) (select |#length| |ldv_kref_init_#in~kref.base|)) (= (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4294967284 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:09,300 INFO L280 TraceCheckUtils]: 44: Hoare triple {4105#(and (= (_ bv16 32) (select |#length| |ldv_kref_init_#in~kref.base|)) (= (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4294967284 32)) (_ bv0 32)))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {4109#(and (= (bvadd (select |#length| ldv_kref_init_~kref.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv12 32) ldv_kref_init_~kref.offset))} is VALID [2020-07-29 01:05:09,300 INFO L280 TraceCheckUtils]: 45: Hoare triple {4109#(and (= (bvadd (select |#length| ldv_kref_init_~kref.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv12 32) ldv_kref_init_~kref.offset))} assume !((~bvule32(~bvadd32(4bv32, ~kref.offset), #length[~kref.base]) && ~bvule32(~kref.offset, ~bvadd32(4bv32, ~kref.offset))) && ~bvule32(0bv32, ~kref.offset)); {3963#false} is VALID [2020-07-29 01:05:09,304 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 105 trivial. 0 not checked. [2020-07-29 01:05:09,305 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:10,974 INFO L280 TraceCheckUtils]: 45: Hoare triple {4113#(and (bvule (bvadd ldv_kref_init_~kref.offset (_ bv4 32)) (select |#length| ldv_kref_init_~kref.base)) (bvule ldv_kref_init_~kref.offset (bvadd ldv_kref_init_~kref.offset (_ bv4 32))))} assume !((~bvule32(~bvadd32(4bv32, ~kref.offset), #length[~kref.base]) && ~bvule32(~kref.offset, ~bvadd32(4bv32, ~kref.offset))) && ~bvule32(0bv32, ~kref.offset)); {3963#false} is VALID [2020-07-29 01:05:10,975 INFO L280 TraceCheckUtils]: 44: Hoare triple {4117#(and (bvule |ldv_kref_init_#in~kref.offset| (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4 32))) (bvule (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4 32)) (select |#length| |ldv_kref_init_#in~kref.base|)))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {4113#(and (bvule (bvadd ldv_kref_init_~kref.offset (_ bv4 32)) (select |#length| ldv_kref_init_~kref.base)) (bvule ldv_kref_init_~kref.offset (bvadd ldv_kref_init_~kref.offset (_ bv4 32))))} is VALID [2020-07-29 01:05:11,001 INFO L263 TraceCheckUtils]: 43: Hoare triple {4121#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {4117#(and (bvule |ldv_kref_init_#in~kref.offset| (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4 32))) (bvule (bvadd |ldv_kref_init_#in~kref.offset| (_ bv4 32)) (select |#length| |ldv_kref_init_#in~kref.base|)))} is VALID [2020-07-29 01:05:11,002 INFO L280 TraceCheckUtils]: 42: Hoare triple {4121#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4121#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} is VALID [2020-07-29 01:05:11,003 INFO L280 TraceCheckUtils]: 41: Hoare triple {4128#(and (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv12 32)) (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv16 32))) (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv16 32)) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4121#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} is VALID [2020-07-29 01:05:11,004 INFO L263 TraceCheckUtils]: 40: Hoare triple {4132#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_~kobj.base)) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32))))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {4128#(and (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv12 32)) (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv16 32))) (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv16 32)) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} is VALID [2020-07-29 01:05:11,005 INFO L280 TraceCheckUtils]: 39: Hoare triple {4132#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_~kobj.base)) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32))))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4132#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_~kobj.base)) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32))))} is VALID [2020-07-29 01:05:11,005 INFO L280 TraceCheckUtils]: 38: Hoare triple {4139#(and (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv16 32)) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv12 32)) (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv16 32))))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4132#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32)) (select |#length| ldv_kobject_init_~kobj.base)) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv12 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv16 32))))} is VALID [2020-07-29 01:05:11,006 INFO L263 TraceCheckUtils]: 37: Hoare triple {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {4139#(and (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv16 32)) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv12 32)) (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv16 32))))} is VALID [2020-07-29 01:05:11,007 INFO L280 TraceCheckUtils]: 36: Hoare triple {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} havoc #t~memset~res35.base, #t~memset~res35.offset; {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:05:11,008 INFO L275 TraceCheckUtils]: 35: Hoare quadruple {3962#true} {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} #419#return; {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:05:11,009 INFO L280 TraceCheckUtils]: 34: Hoare triple {3962#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {3962#true} is VALID [2020-07-29 01:05:11,009 INFO L280 TraceCheckUtils]: 33: Hoare triple {3962#true} assume !~bvslt32(#t~loopctr39, #amount); {3962#true} is VALID [2020-07-29 01:05:11,009 INFO L280 TraceCheckUtils]: 32: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,009 INFO L280 TraceCheckUtils]: 31: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,010 INFO L280 TraceCheckUtils]: 30: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,010 INFO L280 TraceCheckUtils]: 29: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,010 INFO L280 TraceCheckUtils]: 28: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,010 INFO L280 TraceCheckUtils]: 27: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,011 INFO L280 TraceCheckUtils]: 26: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,011 INFO L280 TraceCheckUtils]: 25: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,011 INFO L280 TraceCheckUtils]: 24: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,011 INFO L280 TraceCheckUtils]: 23: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,011 INFO L280 TraceCheckUtils]: 22: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L280 TraceCheckUtils]: 21: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L280 TraceCheckUtils]: 20: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L280 TraceCheckUtils]: 19: Hoare triple {3962#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L280 TraceCheckUtils]: 18: Hoare triple {3962#true} #t~loopctr39 := 0bv32; {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L280 TraceCheckUtils]: 17: Hoare triple {3962#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {3962#true} is VALID [2020-07-29 01:05:11,012 INFO L263 TraceCheckUtils]: 16: Hoare triple {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {3962#true} is VALID [2020-07-29 01:05:11,013 INFO L280 TraceCheckUtils]: 15: Hoare triple {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:05:11,014 INFO L280 TraceCheckUtils]: 14: Hoare triple {4213#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)) (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv12 32)) (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32))))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {4143#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv12 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32))) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv16 32)) (select |#length| ldv_kobject_create_~kobj~1.base)))} is VALID [2020-07-29 01:05:11,015 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {4220#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv12 32)) (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))))} {3962#true} #417#return; {4213#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)) (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv12 32)) (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv16 32))))} is VALID [2020-07-29 01:05:11,015 INFO L280 TraceCheckUtils]: 12: Hoare triple {4220#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv12 32)) (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))))} assume true; {4220#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv12 32)) (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))))} is VALID [2020-07-29 01:05:11,018 INFO L280 TraceCheckUtils]: 11: Hoare triple {4227#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv16 32) ldv_malloc_~size))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {4220#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv16 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv12 32)) (bvadd |ldv_malloc_#res.offset| (_ bv16 32)))))} is VALID [2020-07-29 01:05:11,019 INFO L280 TraceCheckUtils]: 10: Hoare triple {3962#true} ~size := #in~size; {4227#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv16 32) ldv_malloc_~size))} is VALID [2020-07-29 01:05:11,019 INFO L263 TraceCheckUtils]: 9: Hoare triple {3962#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {3962#true} is VALID [2020-07-29 01:05:11,019 INFO L280 TraceCheckUtils]: 8: Hoare triple {3962#true} havoc ~kobj~1.base, ~kobj~1.offset; {3962#true} is VALID [2020-07-29 01:05:11,019 INFO L263 TraceCheckUtils]: 7: Hoare triple {3962#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {3962#true} is VALID [2020-07-29 01:05:11,019 INFO L280 TraceCheckUtils]: 6: Hoare triple {3962#true} havoc ~kobj~2.base, ~kobj~2.offset; {3962#true} is VALID [2020-07-29 01:05:11,019 INFO L263 TraceCheckUtils]: 5: Hoare triple {3962#true} call entry_point(); {3962#true} is VALID [2020-07-29 01:05:11,020 INFO L263 TraceCheckUtils]: 4: Hoare triple {3962#true} call main(); {3962#true} is VALID [2020-07-29 01:05:11,020 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3962#true} {3962#true} #437#return; {3962#true} is VALID [2020-07-29 01:05:11,020 INFO L280 TraceCheckUtils]: 2: Hoare triple {3962#true} assume true; {3962#true} is VALID [2020-07-29 01:05:11,020 INFO L280 TraceCheckUtils]: 1: Hoare triple {3962#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3962#true} is VALID [2020-07-29 01:05:11,020 INFO L263 TraceCheckUtils]: 0: Hoare triple {3962#true} call ULTIMATE.init(); {3962#true} is VALID [2020-07-29 01:05:11,025 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 105 trivial. 0 not checked. [2020-07-29 01:05:11,026 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1447209501] [2020-07-29 01:05:11,026 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:11,027 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12, 11] imperfect sequences [] total 22 [2020-07-29 01:05:11,027 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [661813201] [2020-07-29 01:05:11,028 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 46 [2020-07-29 01:05:11,028 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:11,028 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 23 states. [2020-07-29 01:05:11,173 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:11,173 INFO L459 AbstractCegarLoop]: Interpolant automaton has 23 states [2020-07-29 01:05:11,174 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:11,174 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2020-07-29 01:05:11,175 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=445, Unknown=0, NotChecked=0, Total=506 [2020-07-29 01:05:11,175 INFO L87 Difference]: Start difference. First operand 71 states and 73 transitions. Second operand 23 states. [2020-07-29 01:05:16,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:16,005 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:16,005 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2020-07-29 01:05:16,006 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 46 [2020-07-29 01:05:16,006 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:16,006 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2020-07-29 01:05:16,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 59 transitions. [2020-07-29 01:05:16,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2020-07-29 01:05:16,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 59 transitions. [2020-07-29 01:05:16,011 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 59 transitions. [2020-07-29 01:05:16,131 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 59 edges. 59 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:16,133 INFO L225 Difference]: With dead ends: 70 [2020-07-29 01:05:16,133 INFO L226 Difference]: Without dead ends: 70 [2020-07-29 01:05:16,133 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 95 GetRequests, 68 SyntacticMatches, 2 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 135 ImplicationChecksByTransitivity, 1.2s TimeCoverageRelationStatistics Valid=88, Invalid=614, Unknown=0, NotChecked=0, Total=702 [2020-07-29 01:05:16,134 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2020-07-29 01:05:16,137 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2020-07-29 01:05:16,137 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:16,138 INFO L82 GeneralOperation]: Start isEquivalent. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:16,138 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:16,138 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:16,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:16,140 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:16,140 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:16,141 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:16,141 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:16,141 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:16,141 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:16,143 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:16,144 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:16,144 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:16,144 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:16,144 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:16,145 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:16,145 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:16,145 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 70 states. [2020-07-29 01:05:16,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 72 transitions. [2020-07-29 01:05:16,147 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 72 transitions. Word has length 46 [2020-07-29 01:05:16,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:16,147 INFO L479 AbstractCegarLoop]: Abstraction has 70 states and 72 transitions. [2020-07-29 01:05:16,148 INFO L480 AbstractCegarLoop]: Interpolant automaton has 23 states. [2020-07-29 01:05:16,148 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:16,148 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2020-07-29 01:05:16,149 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:16,149 INFO L422 BasicCegarLoop]: trace histogram [14, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:16,361 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 mathsat -unsat_core_generation=3 [2020-07-29 01:05:16,362 INFO L427 AbstractCegarLoop]: === Iteration 11 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:16,362 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:16,362 INFO L82 PathProgramCache]: Analyzing trace with hash -1743926468, now seen corresponding path program 1 times [2020-07-29 01:05:16,363 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:16,363 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2073054397] [2020-07-29 01:05:16,364 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 12 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 12 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:16,538 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:16,545 INFO L263 TraceCheckSpWp]: Trace formula consists of 232 conjuncts, 17 conjunts are in the unsatisfiable core [2020-07-29 01:05:16,567 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:16,569 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:17,005 INFO L263 TraceCheckUtils]: 0: Hoare triple {4548#true} call ULTIMATE.init(); {4548#true} is VALID [2020-07-29 01:05:17,006 INFO L280 TraceCheckUtils]: 1: Hoare triple {4548#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4548#true} is VALID [2020-07-29 01:05:17,006 INFO L280 TraceCheckUtils]: 2: Hoare triple {4548#true} assume true; {4548#true} is VALID [2020-07-29 01:05:17,006 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {4548#true} {4548#true} #437#return; {4548#true} is VALID [2020-07-29 01:05:17,006 INFO L263 TraceCheckUtils]: 4: Hoare triple {4548#true} call main(); {4548#true} is VALID [2020-07-29 01:05:17,007 INFO L263 TraceCheckUtils]: 5: Hoare triple {4548#true} call entry_point(); {4548#true} is VALID [2020-07-29 01:05:17,007 INFO L280 TraceCheckUtils]: 6: Hoare triple {4548#true} havoc ~kobj~2.base, ~kobj~2.offset; {4548#true} is VALID [2020-07-29 01:05:17,007 INFO L263 TraceCheckUtils]: 7: Hoare triple {4548#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {4548#true} is VALID [2020-07-29 01:05:17,007 INFO L280 TraceCheckUtils]: 8: Hoare triple {4548#true} havoc ~kobj~1.base, ~kobj~1.offset; {4548#true} is VALID [2020-07-29 01:05:17,007 INFO L263 TraceCheckUtils]: 9: Hoare triple {4548#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L280 TraceCheckUtils]: 10: Hoare triple {4548#true} ~size := #in~size; {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L280 TraceCheckUtils]: 11: Hoare triple {4548#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L280 TraceCheckUtils]: 12: Hoare triple {4548#true} assume true; {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {4548#true} {4548#true} #417#return; {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L280 TraceCheckUtils]: 14: Hoare triple {4548#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L280 TraceCheckUtils]: 15: Hoare triple {4548#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {4548#true} is VALID [2020-07-29 01:05:17,008 INFO L263 TraceCheckUtils]: 16: Hoare triple {4548#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {4548#true} is VALID [2020-07-29 01:05:17,009 INFO L280 TraceCheckUtils]: 17: Hoare triple {4548#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {4548#true} is VALID [2020-07-29 01:05:17,009 INFO L280 TraceCheckUtils]: 18: Hoare triple {4548#true} #t~loopctr39 := 0bv32; {4607#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} is VALID [2020-07-29 01:05:17,010 INFO L280 TraceCheckUtils]: 19: Hoare triple {4607#(= |#Ultimate.C_memset_#t~loopctr39| (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4611#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,011 INFO L280 TraceCheckUtils]: 20: Hoare triple {4611#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4615#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967294 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,011 INFO L280 TraceCheckUtils]: 21: Hoare triple {4615#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967294 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4619#(= (_ bv3 32) |#Ultimate.C_memset_#t~loopctr39|)} is VALID [2020-07-29 01:05:17,012 INFO L280 TraceCheckUtils]: 22: Hoare triple {4619#(= (_ bv3 32) |#Ultimate.C_memset_#t~loopctr39|)} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4623#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967292 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,013 INFO L280 TraceCheckUtils]: 23: Hoare triple {4623#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967292 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4627#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967291 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,019 INFO L280 TraceCheckUtils]: 24: Hoare triple {4627#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967291 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4631#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_72| (_ BitVec 32))) (and (= (_ bv5 32) |v_#Ultimate.C_memset_#t~loopctr39_72|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_72|)))} is VALID [2020-07-29 01:05:17,021 INFO L280 TraceCheckUtils]: 25: Hoare triple {4631#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_72| (_ BitVec 32))) (and (= (_ bv5 32) |v_#Ultimate.C_memset_#t~loopctr39_72|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_72|)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4635#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967289 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,022 INFO L280 TraceCheckUtils]: 26: Hoare triple {4635#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967289 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4639#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967288 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,028 INFO L280 TraceCheckUtils]: 27: Hoare triple {4639#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967288 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4643#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_75| (_ BitVec 32))) (and (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_75|) (= (_ bv8 32) |v_#Ultimate.C_memset_#t~loopctr39_75|)))} is VALID [2020-07-29 01:05:17,030 INFO L280 TraceCheckUtils]: 28: Hoare triple {4643#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_75| (_ BitVec 32))) (and (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_75|) (= (_ bv8 32) |v_#Ultimate.C_memset_#t~loopctr39_75|)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4647#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967286 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,031 INFO L280 TraceCheckUtils]: 29: Hoare triple {4647#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967286 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4651#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967285 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,038 INFO L280 TraceCheckUtils]: 30: Hoare triple {4651#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967285 32)) (_ bv0 32))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4655#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_78| (_ BitVec 32))) (and (= (_ bv11 32) |v_#Ultimate.C_memset_#t~loopctr39_78|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_78|)))} is VALID [2020-07-29 01:05:17,042 INFO L280 TraceCheckUtils]: 31: Hoare triple {4655#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_78| (_ BitVec 32))) (and (= (_ bv11 32) |v_#Ultimate.C_memset_#t~loopctr39_78|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_78|)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4659#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_79| (_ BitVec 32))) (and (= (_ bv12 32) |v_#Ultimate.C_memset_#t~loopctr39_79|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_79|)))} is VALID [2020-07-29 01:05:17,045 INFO L280 TraceCheckUtils]: 32: Hoare triple {4659#(exists ((|v_#Ultimate.C_memset_#t~loopctr39_79| (_ BitVec 32))) (and (= (_ bv12 32) |v_#Ultimate.C_memset_#t~loopctr39_79|) (= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967295 32)) |v_#Ultimate.C_memset_#t~loopctr39_79|)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4663#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967282 32)) (_ bv0 32))} is VALID [2020-07-29 01:05:17,046 INFO L280 TraceCheckUtils]: 33: Hoare triple {4663#(= (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4294967282 32)) (_ bv0 32))} assume !~bvslt32(#t~loopctr39, #amount); {4667#(not (bvslt (_ bv14 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:17,046 INFO L280 TraceCheckUtils]: 34: Hoare triple {4667#(not (bvslt (_ bv14 32) |#Ultimate.C_memset_#amount|))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {4667#(not (bvslt (_ bv14 32) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:17,047 INFO L275 TraceCheckUtils]: 35: Hoare quadruple {4667#(not (bvslt (_ bv14 32) |#Ultimate.C_memset_#amount|))} {4548#true} #419#return; {4549#false} is VALID [2020-07-29 01:05:17,047 INFO L280 TraceCheckUtils]: 36: Hoare triple {4549#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {4549#false} is VALID [2020-07-29 01:05:17,047 INFO L263 TraceCheckUtils]: 37: Hoare triple {4549#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {4549#false} is VALID [2020-07-29 01:05:17,047 INFO L280 TraceCheckUtils]: 38: Hoare triple {4549#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4549#false} is VALID [2020-07-29 01:05:17,048 INFO L280 TraceCheckUtils]: 39: Hoare triple {4549#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4549#false} is VALID [2020-07-29 01:05:17,048 INFO L263 TraceCheckUtils]: 40: Hoare triple {4549#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {4549#false} is VALID [2020-07-29 01:05:17,048 INFO L280 TraceCheckUtils]: 41: Hoare triple {4549#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4549#false} is VALID [2020-07-29 01:05:17,048 INFO L280 TraceCheckUtils]: 42: Hoare triple {4549#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4549#false} is VALID [2020-07-29 01:05:17,049 INFO L263 TraceCheckUtils]: 43: Hoare triple {4549#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {4549#false} is VALID [2020-07-29 01:05:17,049 INFO L280 TraceCheckUtils]: 44: Hoare triple {4549#false} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {4549#false} is VALID [2020-07-29 01:05:17,049 INFO L280 TraceCheckUtils]: 45: Hoare triple {4549#false} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {4549#false} is VALID [2020-07-29 01:05:17,050 INFO L280 TraceCheckUtils]: 46: Hoare triple {4549#false} assume true; {4549#false} is VALID [2020-07-29 01:05:17,050 INFO L275 TraceCheckUtils]: 47: Hoare quadruple {4549#false} {4549#false} #405#return; {4549#false} is VALID [2020-07-29 01:05:17,050 INFO L263 TraceCheckUtils]: 48: Hoare triple {4549#false} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {4549#false} is VALID [2020-07-29 01:05:17,050 INFO L280 TraceCheckUtils]: 49: Hoare triple {4549#false} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {4549#false} is VALID [2020-07-29 01:05:17,051 INFO L280 TraceCheckUtils]: 50: Hoare triple {4549#false} assume !(1bv1 == #valid[~list.base]); {4549#false} is VALID [2020-07-29 01:05:17,053 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 0 proven. 105 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:17,053 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:17,179 WARN L193 SmtUtils]: Spent 109.00 ms on a formula simplification that was a NOOP. DAG size: 50 [2020-07-29 01:05:18,294 INFO L280 TraceCheckUtils]: 50: Hoare triple {4549#false} assume !(1bv1 == #valid[~list.base]); {4549#false} is VALID [2020-07-29 01:05:18,294 INFO L280 TraceCheckUtils]: 49: Hoare triple {4549#false} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {4549#false} is VALID [2020-07-29 01:05:18,294 INFO L263 TraceCheckUtils]: 48: Hoare triple {4549#false} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {4549#false} is VALID [2020-07-29 01:05:18,294 INFO L275 TraceCheckUtils]: 47: Hoare quadruple {4548#true} {4549#false} #405#return; {4549#false} is VALID [2020-07-29 01:05:18,294 INFO L280 TraceCheckUtils]: 46: Hoare triple {4548#true} assume true; {4548#true} is VALID [2020-07-29 01:05:18,294 INFO L280 TraceCheckUtils]: 45: Hoare triple {4548#true} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {4548#true} is VALID [2020-07-29 01:05:18,295 INFO L280 TraceCheckUtils]: 44: Hoare triple {4548#true} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {4548#true} is VALID [2020-07-29 01:05:18,295 INFO L263 TraceCheckUtils]: 43: Hoare triple {4549#false} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {4548#true} is VALID [2020-07-29 01:05:18,295 INFO L280 TraceCheckUtils]: 42: Hoare triple {4549#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4549#false} is VALID [2020-07-29 01:05:18,295 INFO L280 TraceCheckUtils]: 41: Hoare triple {4549#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4549#false} is VALID [2020-07-29 01:05:18,295 INFO L263 TraceCheckUtils]: 40: Hoare triple {4549#false} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {4549#false} is VALID [2020-07-29 01:05:18,295 INFO L280 TraceCheckUtils]: 39: Hoare triple {4549#false} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {4549#false} is VALID [2020-07-29 01:05:18,295 INFO L280 TraceCheckUtils]: 38: Hoare triple {4549#false} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {4549#false} is VALID [2020-07-29 01:05:18,296 INFO L263 TraceCheckUtils]: 37: Hoare triple {4549#false} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {4549#false} is VALID [2020-07-29 01:05:18,296 INFO L280 TraceCheckUtils]: 36: Hoare triple {4549#false} havoc #t~memset~res35.base, #t~memset~res35.offset; {4549#false} is VALID [2020-07-29 01:05:18,297 INFO L275 TraceCheckUtils]: 35: Hoare quadruple {4767#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} {4548#true} #419#return; {4549#false} is VALID [2020-07-29 01:05:18,297 INFO L280 TraceCheckUtils]: 34: Hoare triple {4767#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {4767#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:18,298 INFO L280 TraceCheckUtils]: 33: Hoare triple {4774#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume !~bvslt32(#t~loopctr39, #amount); {4767#(not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:18,299 INFO L280 TraceCheckUtils]: 32: Hoare triple {4778#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4774#(or (bvslt |#Ultimate.C_memset_#t~loopctr39| |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,306 INFO L280 TraceCheckUtils]: 31: Hoare triple {4782#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4778#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv1 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,313 INFO L280 TraceCheckUtils]: 30: Hoare triple {4786#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv3 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4782#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv2 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,320 INFO L280 TraceCheckUtils]: 29: Hoare triple {4790#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4786#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv3 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:18,325 INFO L280 TraceCheckUtils]: 28: Hoare triple {4794#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv5 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4790#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv4 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,330 INFO L280 TraceCheckUtils]: 27: Hoare triple {4798#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv6 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4794#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv5 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:18,335 INFO L280 TraceCheckUtils]: 26: Hoare triple {4802#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv7 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4798#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv6 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,340 INFO L280 TraceCheckUtils]: 25: Hoare triple {4806#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv8 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4802#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv7 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,344 INFO L280 TraceCheckUtils]: 24: Hoare triple {4810#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv9 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4806#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv8 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,348 INFO L280 TraceCheckUtils]: 23: Hoare triple {4814#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv10 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4810#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv9 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:18,353 INFO L280 TraceCheckUtils]: 22: Hoare triple {4818#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv11 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4814#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv10 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,358 INFO L280 TraceCheckUtils]: 21: Hoare triple {4822#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv12 32)) |#Ultimate.C_memset_#amount|))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4818#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv11 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,362 INFO L280 TraceCheckUtils]: 20: Hoare triple {4826#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv13 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4822#(or (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))) (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv12 32)) |#Ultimate.C_memset_#amount|))} is VALID [2020-07-29 01:05:18,367 INFO L280 TraceCheckUtils]: 19: Hoare triple {4830#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv14 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {4826#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv13 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,368 INFO L280 TraceCheckUtils]: 18: Hoare triple {4548#true} #t~loopctr39 := 0bv32; {4830#(or (bvslt (bvadd |#Ultimate.C_memset_#t~loopctr39| (_ bv14 32)) |#Ultimate.C_memset_#amount|) (not (= (bvadd |#Ultimate.C_memset_#amount| (_ bv4294967280 32)) (_ bv0 32))))} is VALID [2020-07-29 01:05:18,368 INFO L280 TraceCheckUtils]: 17: Hoare triple {4548#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {4548#true} is VALID [2020-07-29 01:05:18,368 INFO L263 TraceCheckUtils]: 16: Hoare triple {4548#true} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {4548#true} is VALID [2020-07-29 01:05:18,368 INFO L280 TraceCheckUtils]: 15: Hoare triple {4548#true} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {4548#true} is VALID [2020-07-29 01:05:18,368 INFO L280 TraceCheckUtils]: 14: Hoare triple {4548#true} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {4548#true} is VALID [2020-07-29 01:05:18,369 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {4548#true} {4548#true} #417#return; {4548#true} is VALID [2020-07-29 01:05:18,369 INFO L280 TraceCheckUtils]: 12: Hoare triple {4548#true} assume true; {4548#true} is VALID [2020-07-29 01:05:18,369 INFO L280 TraceCheckUtils]: 11: Hoare triple {4548#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {4548#true} is VALID [2020-07-29 01:05:18,369 INFO L280 TraceCheckUtils]: 10: Hoare triple {4548#true} ~size := #in~size; {4548#true} is VALID [2020-07-29 01:05:18,369 INFO L263 TraceCheckUtils]: 9: Hoare triple {4548#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L280 TraceCheckUtils]: 8: Hoare triple {4548#true} havoc ~kobj~1.base, ~kobj~1.offset; {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L263 TraceCheckUtils]: 7: Hoare triple {4548#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L280 TraceCheckUtils]: 6: Hoare triple {4548#true} havoc ~kobj~2.base, ~kobj~2.offset; {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L263 TraceCheckUtils]: 5: Hoare triple {4548#true} call entry_point(); {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L263 TraceCheckUtils]: 4: Hoare triple {4548#true} call main(); {4548#true} is VALID [2020-07-29 01:05:18,370 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {4548#true} {4548#true} #437#return; {4548#true} is VALID [2020-07-29 01:05:18,371 INFO L280 TraceCheckUtils]: 2: Hoare triple {4548#true} assume true; {4548#true} is VALID [2020-07-29 01:05:18,371 INFO L280 TraceCheckUtils]: 1: Hoare triple {4548#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4548#true} is VALID [2020-07-29 01:05:18,371 INFO L263 TraceCheckUtils]: 0: Hoare triple {4548#true} call ULTIMATE.init(); {4548#true} is VALID [2020-07-29 01:05:18,379 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 0 proven. 105 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:05:18,380 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2073054397] [2020-07-29 01:05:18,380 INFO L220 FreeRefinementEngine]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2020-07-29 01:05:18,380 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 18] total 34 [2020-07-29 01:05:18,380 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1689285217] [2020-07-29 01:05:18,381 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 51 [2020-07-29 01:05:18,381 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:18,382 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 34 states. [2020-07-29 01:05:18,525 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:18,525 INFO L459 AbstractCegarLoop]: Interpolant automaton has 34 states [2020-07-29 01:05:18,526 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:18,526 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2020-07-29 01:05:18,527 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=230, Invalid=892, Unknown=0, NotChecked=0, Total=1122 [2020-07-29 01:05:18,527 INFO L87 Difference]: Start difference. First operand 70 states and 72 transitions. Second operand 34 states. [2020-07-29 01:05:22,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:22,601 INFO L93 Difference]: Finished difference Result 76 states and 78 transitions. [2020-07-29 01:05:22,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2020-07-29 01:05:22,602 INFO L78 Accepts]: Start accepts. Automaton has 34 states. Word has length 51 [2020-07-29 01:05:22,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:22,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 34 states. [2020-07-29 01:05:22,604 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 20 states to 20 states and 80 transitions. [2020-07-29 01:05:22,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 34 states. [2020-07-29 01:05:22,606 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 20 states to 20 states and 80 transitions. [2020-07-29 01:05:22,606 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 20 states and 80 transitions. [2020-07-29 01:05:22,735 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 80 edges. 80 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:22,736 INFO L225 Difference]: With dead ends: 76 [2020-07-29 01:05:22,736 INFO L226 Difference]: Without dead ends: 72 [2020-07-29 01:05:22,737 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 68 SyntacticMatches, 1 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 104 ImplicationChecksByTransitivity, 1.3s TimeCoverageRelationStatistics Valid=250, Invalid=940, Unknown=0, NotChecked=0, Total=1190 [2020-07-29 01:05:22,738 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2020-07-29 01:05:22,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2020-07-29 01:05:22,744 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:22,744 INFO L82 GeneralOperation]: Start isEquivalent. First operand 72 states. Second operand 72 states. [2020-07-29 01:05:22,745 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand 72 states. [2020-07-29 01:05:22,745 INFO L87 Difference]: Start difference. First operand 72 states. Second operand 72 states. [2020-07-29 01:05:22,747 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:22,747 INFO L93 Difference]: Finished difference Result 72 states and 74 transitions. [2020-07-29 01:05:22,747 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 74 transitions. [2020-07-29 01:05:22,748 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:22,748 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:22,748 INFO L74 IsIncluded]: Start isIncluded. First operand 72 states. Second operand 72 states. [2020-07-29 01:05:22,748 INFO L87 Difference]: Start difference. First operand 72 states. Second operand 72 states. [2020-07-29 01:05:22,751 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:22,751 INFO L93 Difference]: Finished difference Result 72 states and 74 transitions. [2020-07-29 01:05:22,752 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 74 transitions. [2020-07-29 01:05:22,752 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:22,752 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:22,752 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:22,753 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:22,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 72 states. [2020-07-29 01:05:22,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 74 transitions. [2020-07-29 01:05:22,756 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 74 transitions. Word has length 51 [2020-07-29 01:05:22,758 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:22,758 INFO L479 AbstractCegarLoop]: Abstraction has 72 states and 74 transitions. [2020-07-29 01:05:22,758 INFO L480 AbstractCegarLoop]: Interpolant automaton has 34 states. [2020-07-29 01:05:22,759 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 74 transitions. [2020-07-29 01:05:22,761 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2020-07-29 01:05:22,761 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:22,761 INFO L422 BasicCegarLoop]: trace histogram [16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:22,984 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 mathsat -unsat_core_generation=3 [2020-07-29 01:05:22,984 INFO L427 AbstractCegarLoop]: === Iteration 12 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:22,985 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:22,985 INFO L82 PathProgramCache]: Analyzing trace with hash 845780764, now seen corresponding path program 2 times [2020-07-29 01:05:22,986 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:22,988 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [809572466] [2020-07-29 01:05:22,988 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 13 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 13 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:23,133 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2020-07-29 01:05:23,134 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2020-07-29 01:05:23,137 INFO L263 TraceCheckSpWp]: Trace formula consists of 162 conjuncts, 12 conjunts are in the unsatisfiable core [2020-07-29 01:05:23,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:23,162 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:23,181 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:05:23,182 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:05:23,185 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:05:23,185 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:05:23,186 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:05:23,189 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:05:23,189 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_237|]. (= |#valid| (store |v_#valid_237| |ldv_malloc_#res.base| (_ bv1 1))) [2020-07-29 01:05:23,189 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) [2020-07-29 01:05:23,563 INFO L263 TraceCheckUtils]: 0: Hoare triple {5181#true} call ULTIMATE.init(); {5181#true} is VALID [2020-07-29 01:05:23,564 INFO L280 TraceCheckUtils]: 1: Hoare triple {5181#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5181#true} is VALID [2020-07-29 01:05:23,564 INFO L280 TraceCheckUtils]: 2: Hoare triple {5181#true} assume true; {5181#true} is VALID [2020-07-29 01:05:23,564 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5181#true} {5181#true} #437#return; {5181#true} is VALID [2020-07-29 01:05:23,564 INFO L263 TraceCheckUtils]: 4: Hoare triple {5181#true} call main(); {5181#true} is VALID [2020-07-29 01:05:23,564 INFO L263 TraceCheckUtils]: 5: Hoare triple {5181#true} call entry_point(); {5181#true} is VALID [2020-07-29 01:05:23,565 INFO L280 TraceCheckUtils]: 6: Hoare triple {5181#true} havoc ~kobj~2.base, ~kobj~2.offset; {5181#true} is VALID [2020-07-29 01:05:23,565 INFO L263 TraceCheckUtils]: 7: Hoare triple {5181#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {5181#true} is VALID [2020-07-29 01:05:23,565 INFO L280 TraceCheckUtils]: 8: Hoare triple {5181#true} havoc ~kobj~1.base, ~kobj~1.offset; {5181#true} is VALID [2020-07-29 01:05:23,565 INFO L263 TraceCheckUtils]: 9: Hoare triple {5181#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {5181#true} is VALID [2020-07-29 01:05:23,566 INFO L280 TraceCheckUtils]: 10: Hoare triple {5181#true} ~size := #in~size; {5181#true} is VALID [2020-07-29 01:05:23,568 INFO L280 TraceCheckUtils]: 11: Hoare triple {5181#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,569 INFO L280 TraceCheckUtils]: 12: Hoare triple {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,570 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {5181#true} #417#return; {5226#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:05:23,571 INFO L280 TraceCheckUtils]: 14: Hoare triple {5226#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,572 INFO L280 TraceCheckUtils]: 15: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,574 INFO L263 TraceCheckUtils]: 16: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,575 INFO L280 TraceCheckUtils]: 17: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,575 INFO L280 TraceCheckUtils]: 18: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} #t~loopctr39 := 0bv32; {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,576 INFO L280 TraceCheckUtils]: 19: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,577 INFO L280 TraceCheckUtils]: 20: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,577 INFO L280 TraceCheckUtils]: 21: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,578 INFO L280 TraceCheckUtils]: 22: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,578 INFO L280 TraceCheckUtils]: 23: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,579 INFO L280 TraceCheckUtils]: 24: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,580 INFO L280 TraceCheckUtils]: 25: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,580 INFO L280 TraceCheckUtils]: 26: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,581 INFO L280 TraceCheckUtils]: 27: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,582 INFO L280 TraceCheckUtils]: 28: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,583 INFO L280 TraceCheckUtils]: 29: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,584 INFO L280 TraceCheckUtils]: 30: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,584 INFO L280 TraceCheckUtils]: 31: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,585 INFO L280 TraceCheckUtils]: 32: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,586 INFO L280 TraceCheckUtils]: 33: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,586 INFO L280 TraceCheckUtils]: 34: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,587 INFO L280 TraceCheckUtils]: 35: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume !~bvslt32(#t~loopctr39, #amount); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,588 INFO L280 TraceCheckUtils]: 36: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,589 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} #419#return; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,590 INFO L280 TraceCheckUtils]: 38: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} havoc #t~memset~res35.base, #t~memset~res35.offset; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,591 INFO L263 TraceCheckUtils]: 39: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {5307#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,592 INFO L280 TraceCheckUtils]: 40: Hoare triple {5307#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,592 INFO L280 TraceCheckUtils]: 41: Hoare triple {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,593 INFO L263 TraceCheckUtils]: 42: Hoare triple {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {5318#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,594 INFO L280 TraceCheckUtils]: 43: Hoare triple {5318#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,595 INFO L280 TraceCheckUtils]: 44: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,598 INFO L263 TraceCheckUtils]: 45: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,598 INFO L280 TraceCheckUtils]: 46: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,599 INFO L280 TraceCheckUtils]: 47: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,600 INFO L280 TraceCheckUtils]: 48: Hoare triple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} assume true; {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} is VALID [2020-07-29 01:05:23,601 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {5237#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9 (_ BitVec 32))) (= (bvadd (select |#valid| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_9) (_ bv1 1)) (_ bv0 1)))} {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} #405#return; {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,602 INFO L263 TraceCheckUtils]: 50: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {5344#(= (bvadd (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,603 INFO L280 TraceCheckUtils]: 51: Hoare triple {5344#(= (bvadd (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1)) (_ bv0 1))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {5348#(= (bvadd (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,603 INFO L280 TraceCheckUtils]: 52: Hoare triple {5348#(= (bvadd (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1)) (_ bv0 1))} assume !(1bv1 == #valid[~list.base]); {5182#false} is VALID [2020-07-29 01:05:23,610 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:23,610 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:23,767 INFO L280 TraceCheckUtils]: 52: Hoare triple {5348#(= (bvadd (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1)) (_ bv0 1))} assume !(1bv1 == #valid[~list.base]); {5182#false} is VALID [2020-07-29 01:05:23,768 INFO L280 TraceCheckUtils]: 51: Hoare triple {5344#(= (bvadd (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1)) (_ bv0 1))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {5348#(= (bvadd (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,769 INFO L263 TraceCheckUtils]: 50: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {5344#(= (bvadd (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,770 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {5181#true} {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} #405#return; {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,770 INFO L280 TraceCheckUtils]: 48: Hoare triple {5181#true} assume true; {5181#true} is VALID [2020-07-29 01:05:23,770 INFO L280 TraceCheckUtils]: 47: Hoare triple {5181#true} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {5181#true} is VALID [2020-07-29 01:05:23,770 INFO L280 TraceCheckUtils]: 46: Hoare triple {5181#true} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {5181#true} is VALID [2020-07-29 01:05:23,771 INFO L263 TraceCheckUtils]: 45: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {5181#true} is VALID [2020-07-29 01:05:23,771 INFO L280 TraceCheckUtils]: 44: Hoare triple {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,772 INFO L280 TraceCheckUtils]: 43: Hoare triple {5318#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5322#(= (bvadd (select |#valid| ldv_kobject_init_internal_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,773 INFO L263 TraceCheckUtils]: 42: Hoare triple {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {5318#(= (bvadd (select |#valid| |ldv_kobject_init_internal_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,774 INFO L280 TraceCheckUtils]: 41: Hoare triple {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,775 INFO L280 TraceCheckUtils]: 40: Hoare triple {5307#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5311#(= (bvadd (select |#valid| ldv_kobject_init_~kobj.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,776 INFO L263 TraceCheckUtils]: 39: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {5307#(= (bvadd (select |#valid| |ldv_kobject_init_#in~kobj.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,777 INFO L280 TraceCheckUtils]: 38: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} havoc #t~memset~res35.base, #t~memset~res35.offset; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,778 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {5181#true} {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} #419#return; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,778 INFO L280 TraceCheckUtils]: 36: Hoare triple {5181#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {5181#true} is VALID [2020-07-29 01:05:23,778 INFO L280 TraceCheckUtils]: 35: Hoare triple {5181#true} assume !~bvslt32(#t~loopctr39, #amount); {5181#true} is VALID [2020-07-29 01:05:23,778 INFO L280 TraceCheckUtils]: 34: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 33: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 32: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 31: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 30: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 29: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 28: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,779 INFO L280 TraceCheckUtils]: 27: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 26: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 25: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 24: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 23: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 22: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 21: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,780 INFO L280 TraceCheckUtils]: 20: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,781 INFO L280 TraceCheckUtils]: 19: Hoare triple {5181#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5181#true} is VALID [2020-07-29 01:05:23,781 INFO L280 TraceCheckUtils]: 18: Hoare triple {5181#true} #t~loopctr39 := 0bv32; {5181#true} is VALID [2020-07-29 01:05:23,781 INFO L280 TraceCheckUtils]: 17: Hoare triple {5181#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {5181#true} is VALID [2020-07-29 01:05:23,781 INFO L263 TraceCheckUtils]: 16: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {5181#true} is VALID [2020-07-29 01:05:23,782 INFO L280 TraceCheckUtils]: 15: Hoare triple {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,782 INFO L280 TraceCheckUtils]: 14: Hoare triple {5226#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {5230#(= (bvadd (select |#valid| ldv_kobject_create_~kobj~1.base) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,783 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} {5181#true} #417#return; {5226#(= (_ bv1 1) (select |#valid| |ldv_kobject_create_#t~ret34.base|))} is VALID [2020-07-29 01:05:23,783 INFO L280 TraceCheckUtils]: 12: Hoare triple {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} assume true; {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,785 INFO L280 TraceCheckUtils]: 11: Hoare triple {5181#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {5219#(= (bvadd (select |#valid| |ldv_malloc_#res.base|) (_ bv1 1)) (_ bv0 1))} is VALID [2020-07-29 01:05:23,785 INFO L280 TraceCheckUtils]: 10: Hoare triple {5181#true} ~size := #in~size; {5181#true} is VALID [2020-07-29 01:05:23,785 INFO L263 TraceCheckUtils]: 9: Hoare triple {5181#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {5181#true} is VALID [2020-07-29 01:05:23,785 INFO L280 TraceCheckUtils]: 8: Hoare triple {5181#true} havoc ~kobj~1.base, ~kobj~1.offset; {5181#true} is VALID [2020-07-29 01:05:23,785 INFO L263 TraceCheckUtils]: 7: Hoare triple {5181#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L280 TraceCheckUtils]: 6: Hoare triple {5181#true} havoc ~kobj~2.base, ~kobj~2.offset; {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L263 TraceCheckUtils]: 5: Hoare triple {5181#true} call entry_point(); {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L263 TraceCheckUtils]: 4: Hoare triple {5181#true} call main(); {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5181#true} {5181#true} #437#return; {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L280 TraceCheckUtils]: 2: Hoare triple {5181#true} assume true; {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L280 TraceCheckUtils]: 1: Hoare triple {5181#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5181#true} is VALID [2020-07-29 01:05:23,786 INFO L263 TraceCheckUtils]: 0: Hoare triple {5181#true} call ULTIMATE.init(); {5181#true} is VALID [2020-07-29 01:05:23,789 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:23,789 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [809572466] [2020-07-29 01:05:23,789 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:23,789 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11, 10] imperfect sequences [] total 11 [2020-07-29 01:05:23,789 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [78599537] [2020-07-29 01:05:23,790 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 53 [2020-07-29 01:05:23,790 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:23,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2020-07-29 01:05:23,866 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 50 edges. 50 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:23,867 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2020-07-29 01:05:23,867 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:23,867 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2020-07-29 01:05:23,867 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=102, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:05:23,868 INFO L87 Difference]: Start difference. First operand 72 states and 74 transitions. Second operand 12 states. [2020-07-29 01:05:25,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:25,648 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:25,648 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2020-07-29 01:05:25,648 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 53 [2020-07-29 01:05:25,648 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:25,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:05:25,650 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 58 transitions. [2020-07-29 01:05:25,650 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:05:25,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 58 transitions. [2020-07-29 01:05:25,653 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 58 transitions. [2020-07-29 01:05:25,770 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 58 edges. 58 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:25,771 INFO L225 Difference]: With dead ends: 70 [2020-07-29 01:05:25,771 INFO L226 Difference]: Without dead ends: 70 [2020-07-29 01:05:25,772 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 108 GetRequests, 90 SyntacticMatches, 5 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=45, Invalid=165, Unknown=0, NotChecked=0, Total=210 [2020-07-29 01:05:25,772 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2020-07-29 01:05:25,774 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2020-07-29 01:05:25,775 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:25,775 INFO L82 GeneralOperation]: Start isEquivalent. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:25,775 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:25,776 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:25,777 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:25,778 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:25,778 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:25,778 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:25,779 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:25,779 INFO L74 IsIncluded]: Start isIncluded. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:25,779 INFO L87 Difference]: Start difference. First operand 70 states. Second operand 70 states. [2020-07-29 01:05:25,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:25,780 INFO L93 Difference]: Finished difference Result 70 states and 72 transitions. [2020-07-29 01:05:25,781 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:25,781 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:25,781 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:25,781 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:25,781 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:25,781 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 70 states. [2020-07-29 01:05:25,783 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 72 transitions. [2020-07-29 01:05:25,783 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 72 transitions. Word has length 53 [2020-07-29 01:05:25,783 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:25,784 INFO L479 AbstractCegarLoop]: Abstraction has 70 states and 72 transitions. [2020-07-29 01:05:25,784 INFO L480 AbstractCegarLoop]: Interpolant automaton has 12 states. [2020-07-29 01:05:25,784 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 72 transitions. [2020-07-29 01:05:25,785 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2020-07-29 01:05:25,785 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:25,785 INFO L422 BasicCegarLoop]: trace histogram [16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:25,997 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 mathsat -unsat_core_generation=3 [2020-07-29 01:05:25,998 INFO L427 AbstractCegarLoop]: === Iteration 13 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:25,999 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:25,999 INFO L82 PathProgramCache]: Analyzing trace with hash 845780765, now seen corresponding path program 1 times [2020-07-29 01:05:26,000 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:26,000 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [410815888] [2020-07-29 01:05:26,000 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 14 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 14 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:26,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:26,226 INFO L263 TraceCheckSpWp]: Trace formula consists of 242 conjuncts, 24 conjunts are in the unsatisfiable core [2020-07-29 01:05:26,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:26,254 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:26,275 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:05:26,276 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:05:26,282 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:05:26,282 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:05:26,282 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:10, output treesize:9 [2020-07-29 01:05:26,287 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:05:26,287 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#length_200|]. (and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= |#length| (store |v_#length_200| |ldv_malloc_#res.base| |ldv_malloc_#in~size|))) [2020-07-29 01:05:26,287 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|)) [2020-07-29 01:05:26,711 INFO L263 TraceCheckUtils]: 0: Hoare triple {5796#true} call ULTIMATE.init(); {5796#true} is VALID [2020-07-29 01:05:26,712 INFO L280 TraceCheckUtils]: 1: Hoare triple {5796#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5796#true} is VALID [2020-07-29 01:05:26,712 INFO L280 TraceCheckUtils]: 2: Hoare triple {5796#true} assume true; {5796#true} is VALID [2020-07-29 01:05:26,713 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5796#true} {5796#true} #437#return; {5796#true} is VALID [2020-07-29 01:05:26,713 INFO L263 TraceCheckUtils]: 4: Hoare triple {5796#true} call main(); {5796#true} is VALID [2020-07-29 01:05:26,713 INFO L263 TraceCheckUtils]: 5: Hoare triple {5796#true} call entry_point(); {5796#true} is VALID [2020-07-29 01:05:26,713 INFO L280 TraceCheckUtils]: 6: Hoare triple {5796#true} havoc ~kobj~2.base, ~kobj~2.offset; {5796#true} is VALID [2020-07-29 01:05:26,713 INFO L263 TraceCheckUtils]: 7: Hoare triple {5796#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {5796#true} is VALID [2020-07-29 01:05:26,714 INFO L280 TraceCheckUtils]: 8: Hoare triple {5796#true} havoc ~kobj~1.base, ~kobj~1.offset; {5796#true} is VALID [2020-07-29 01:05:26,714 INFO L263 TraceCheckUtils]: 9: Hoare triple {5796#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {5796#true} is VALID [2020-07-29 01:05:26,721 INFO L280 TraceCheckUtils]: 10: Hoare triple {5796#true} ~size := #in~size; {5831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2020-07-29 01:05:26,724 INFO L280 TraceCheckUtils]: 11: Hoare triple {5831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {5835#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:05:26,725 INFO L280 TraceCheckUtils]: 12: Hoare triple {5835#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} assume true; {5835#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} is VALID [2020-07-29 01:05:26,729 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {5835#(and (= (_ bv0 32) |ldv_malloc_#res.offset|) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|))} {5796#true} #417#return; {5842#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} is VALID [2020-07-29 01:05:26,730 INFO L280 TraceCheckUtils]: 14: Hoare triple {5842#(and (= (bvadd (select |#length| |ldv_kobject_create_#t~ret34.base|) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) |ldv_kobject_create_#t~ret34.offset|))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:26,731 INFO L280 TraceCheckUtils]: 15: Hoare triple {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:26,733 INFO L263 TraceCheckUtils]: 16: Hoare triple {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,734 INFO L280 TraceCheckUtils]: 17: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,735 INFO L280 TraceCheckUtils]: 18: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} #t~loopctr39 := 0bv32; {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,735 INFO L280 TraceCheckUtils]: 19: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,736 INFO L280 TraceCheckUtils]: 20: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,736 INFO L280 TraceCheckUtils]: 21: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,737 INFO L280 TraceCheckUtils]: 22: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,737 INFO L280 TraceCheckUtils]: 23: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,738 INFO L280 TraceCheckUtils]: 24: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,739 INFO L280 TraceCheckUtils]: 25: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,741 INFO L280 TraceCheckUtils]: 26: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,742 INFO L280 TraceCheckUtils]: 27: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,743 INFO L280 TraceCheckUtils]: 28: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,743 INFO L280 TraceCheckUtils]: 29: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,744 INFO L280 TraceCheckUtils]: 30: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,744 INFO L280 TraceCheckUtils]: 31: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,745 INFO L280 TraceCheckUtils]: 32: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,745 INFO L280 TraceCheckUtils]: 33: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,746 INFO L280 TraceCheckUtils]: 34: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,747 INFO L280 TraceCheckUtils]: 35: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume !~bvslt32(#t~loopctr39, #amount); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,747 INFO L280 TraceCheckUtils]: 36: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,748 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} #419#return; {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:26,749 INFO L280 TraceCheckUtils]: 38: Hoare triple {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} havoc #t~memset~res35.base, #t~memset~res35.offset; {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} is VALID [2020-07-29 01:05:26,750 INFO L263 TraceCheckUtils]: 39: Hoare triple {5846#(and (= (_ bv16 32) (select |#length| ldv_kobject_create_~kobj~1.base)) (= (_ bv0 32) ldv_kobject_create_~kobj~1.offset))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {5923#(and (= (_ bv16 32) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (= (_ bv0 32) |ldv_kobject_init_#in~kobj.offset|))} is VALID [2020-07-29 01:05:26,751 INFO L280 TraceCheckUtils]: 40: Hoare triple {5923#(and (= (_ bv16 32) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (= (_ bv0 32) |ldv_kobject_init_#in~kobj.offset|))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5927#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} is VALID [2020-07-29 01:05:26,752 INFO L280 TraceCheckUtils]: 41: Hoare triple {5927#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5927#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} is VALID [2020-07-29 01:05:26,753 INFO L263 TraceCheckUtils]: 42: Hoare triple {5927#(and (= (bvadd (select |#length| ldv_kobject_init_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_~kobj.offset))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {5934#(and (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.offset|) (= (_ bv16 32) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} is VALID [2020-07-29 01:05:26,754 INFO L280 TraceCheckUtils]: 43: Hoare triple {5934#(and (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.offset|) (= (_ bv16 32) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} is VALID [2020-07-29 01:05:26,754 INFO L280 TraceCheckUtils]: 44: Hoare triple {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} is VALID [2020-07-29 01:05:26,756 INFO L263 TraceCheckUtils]: 45: Hoare triple {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,757 INFO L280 TraceCheckUtils]: 46: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,758 INFO L280 TraceCheckUtils]: 47: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,758 INFO L280 TraceCheckUtils]: 48: Hoare triple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} assume true; {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} is VALID [2020-07-29 01:05:26,759 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {5853#(exists ((v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13 (_ BitVec 32))) (= (_ bv16 32) (select |#length| v_ldv_kobject_create_~kobj~1.base_BEFORE_CALL_13)))} {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} #405#return; {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} is VALID [2020-07-29 01:05:26,760 INFO L263 TraceCheckUtils]: 50: Hoare triple {5938#(and (= (bvadd (select |#length| ldv_kobject_init_internal_~kobj.base) (_ bv4294967280 32)) (_ bv0 32)) (= (_ bv0 32) ldv_kobject_init_internal_~kobj.offset))} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {5960#(and (= (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4294967292 32)) (_ bv0 32)) (= (bvadd (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv4294967280 32)) (_ bv0 32)))} is VALID [2020-07-29 01:05:26,765 INFO L280 TraceCheckUtils]: 51: Hoare triple {5960#(and (= (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4294967292 32)) (_ bv0 32)) (= (bvadd (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv4294967280 32)) (_ bv0 32)))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {5964#(and (= (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4294967292 32)) (_ bv0 32)) (= (_ bv16 32) (select |#length| LDV_INIT_LIST_HEAD_~list.base)))} is VALID [2020-07-29 01:05:26,766 INFO L280 TraceCheckUtils]: 52: Hoare triple {5964#(and (= (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4294967292 32)) (_ bv0 32)) (= (_ bv16 32) (select |#length| LDV_INIT_LIST_HEAD_~list.base)))} assume !((~bvule32(~bvadd32(4bv32, ~list.offset), #length[~list.base]) && ~bvule32(~list.offset, ~bvadd32(4bv32, ~list.offset))) && ~bvule32(0bv32, ~list.offset)); {5797#false} is VALID [2020-07-29 01:05:26,772 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:26,773 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:28,395 INFO L280 TraceCheckUtils]: 52: Hoare triple {5968#(and (bvule (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4 32)) (select |#length| LDV_INIT_LIST_HEAD_~list.base)) (bvule LDV_INIT_LIST_HEAD_~list.offset (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4 32))))} assume !((~bvule32(~bvadd32(4bv32, ~list.offset), #length[~list.base]) && ~bvule32(~list.offset, ~bvadd32(4bv32, ~list.offset))) && ~bvule32(0bv32, ~list.offset)); {5797#false} is VALID [2020-07-29 01:05:28,396 INFO L280 TraceCheckUtils]: 51: Hoare triple {5972#(and (bvule |LDV_INIT_LIST_HEAD_#in~list.offset| (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4 32))) (bvule (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4 32)) (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|)))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {5968#(and (bvule (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4 32)) (select |#length| LDV_INIT_LIST_HEAD_~list.base)) (bvule LDV_INIT_LIST_HEAD_~list.offset (bvadd LDV_INIT_LIST_HEAD_~list.offset (_ bv4 32))))} is VALID [2020-07-29 01:05:28,433 INFO L263 TraceCheckUtils]: 50: Hoare triple {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} call LDV_INIT_LIST_HEAD(~kobj.base, ~bvadd32(4bv32, ~kobj.offset)); {5972#(and (bvule |LDV_INIT_LIST_HEAD_#in~list.offset| (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4 32))) (bvule (bvadd |LDV_INIT_LIST_HEAD_#in~list.offset| (_ bv4 32)) (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|)))} is VALID [2020-07-29 01:05:28,434 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {5796#true} {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} #405#return; {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} is VALID [2020-07-29 01:05:28,434 INFO L280 TraceCheckUtils]: 48: Hoare triple {5796#true} assume true; {5796#true} is VALID [2020-07-29 01:05:28,434 INFO L280 TraceCheckUtils]: 47: Hoare triple {5796#true} SUMMARY for call write~intINTTYPE4(1bv32, ~kref.base, ~kref.offset, 4bv32); srcloc: L682 {5796#true} is VALID [2020-07-29 01:05:28,434 INFO L280 TraceCheckUtils]: 46: Hoare triple {5796#true} ~kref.base, ~kref.offset := #in~kref.base, #in~kref.offset; {5796#true} is VALID [2020-07-29 01:05:28,434 INFO L263 TraceCheckUtils]: 45: Hoare triple {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} call ldv_kref_init(~kobj.base, ~bvadd32(12bv32, ~kobj.offset)); {5796#true} is VALID [2020-07-29 01:05:28,435 INFO L280 TraceCheckUtils]: 44: Hoare triple {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} is VALID [2020-07-29 01:05:28,436 INFO L280 TraceCheckUtils]: 43: Hoare triple {5998#(and (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv4 32)) (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv8 32))) (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv8 32)) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {5976#(and (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_internal_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_internal_~kobj.base)))} is VALID [2020-07-29 01:05:28,437 INFO L263 TraceCheckUtils]: 42: Hoare triple {6002#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_~kobj.base)))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {5998#(and (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv4 32)) (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv8 32))) (bvule (bvadd |ldv_kobject_init_internal_#in~kobj.offset| (_ bv8 32)) (select |#length| |ldv_kobject_init_internal_#in~kobj.base|)))} is VALID [2020-07-29 01:05:28,438 INFO L280 TraceCheckUtils]: 41: Hoare triple {6002#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_~kobj.base)))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {6002#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_~kobj.base)))} is VALID [2020-07-29 01:05:28,439 INFO L280 TraceCheckUtils]: 40: Hoare triple {6009#(and (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv8 32)) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv4 32)) (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv8 32))))} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {6002#(and (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv4 32)) (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32))) (bvule (bvadd ldv_kobject_init_~kobj.offset (_ bv8 32)) (select |#length| ldv_kobject_init_~kobj.base)))} is VALID [2020-07-29 01:05:28,440 INFO L263 TraceCheckUtils]: 39: Hoare triple {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {6009#(and (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv8 32)) (select |#length| |ldv_kobject_init_#in~kobj.base|)) (bvule (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv4 32)) (bvadd |ldv_kobject_init_#in~kobj.offset| (_ bv8 32))))} is VALID [2020-07-29 01:05:28,441 INFO L280 TraceCheckUtils]: 38: Hoare triple {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} havoc #t~memset~res35.base, #t~memset~res35.offset; {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} is VALID [2020-07-29 01:05:28,441 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {5796#true} {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} #419#return; {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 36: Hoare triple {5796#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 35: Hoare triple {5796#true} assume !~bvslt32(#t~loopctr39, #amount); {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 34: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 33: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 32: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 31: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,442 INFO L280 TraceCheckUtils]: 30: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 29: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 28: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 27: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 26: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 25: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 24: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,443 INFO L280 TraceCheckUtils]: 23: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 22: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 21: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 20: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 19: Hoare triple {5796#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 18: Hoare triple {5796#true} #t~loopctr39 := 0bv32; {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L280 TraceCheckUtils]: 17: Hoare triple {5796#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {5796#true} is VALID [2020-07-29 01:05:28,444 INFO L263 TraceCheckUtils]: 16: Hoare triple {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {5796#true} is VALID [2020-07-29 01:05:28,445 INFO L280 TraceCheckUtils]: 15: Hoare triple {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} is VALID [2020-07-29 01:05:28,446 INFO L280 TraceCheckUtils]: 14: Hoare triple {6089#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv4 32)) (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv8 32))) (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv8 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {6013#(and (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32)) (select |#length| ldv_kobject_create_~kobj~1.base)) (bvule (bvadd ldv_kobject_create_~kobj~1.offset (_ bv4 32)) (bvadd ldv_kobject_create_~kobj~1.offset (_ bv8 32))))} is VALID [2020-07-29 01:05:28,448 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {6096#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv8 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv4 32)) (bvadd |ldv_malloc_#res.offset| (_ bv8 32)))))} {5796#true} #417#return; {6089#(and (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv4 32)) (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv8 32))) (bvule (bvadd |ldv_kobject_create_#t~ret34.offset| (_ bv8 32)) (select |#length| |ldv_kobject_create_#t~ret34.base|)))} is VALID [2020-07-29 01:05:28,448 INFO L280 TraceCheckUtils]: 12: Hoare triple {6096#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv8 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv4 32)) (bvadd |ldv_malloc_#res.offset| (_ bv8 32)))))} assume true; {6096#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv8 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv4 32)) (bvadd |ldv_malloc_#res.offset| (_ bv8 32)))))} is VALID [2020-07-29 01:05:28,450 INFO L280 TraceCheckUtils]: 11: Hoare triple {6103#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv8 32) ldv_malloc_~size))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {6096#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (and (bvule (bvadd |ldv_malloc_#res.offset| (_ bv8 32)) (select |#length| |ldv_malloc_#res.base|)) (bvule (bvadd |ldv_malloc_#res.offset| (_ bv4 32)) (bvadd |ldv_malloc_#res.offset| (_ bv8 32)))))} is VALID [2020-07-29 01:05:28,451 INFO L280 TraceCheckUtils]: 10: Hoare triple {5796#true} ~size := #in~size; {6103#(or (not (= (_ bv16 32) |ldv_malloc_#in~size|)) (bvule (_ bv8 32) ldv_malloc_~size))} is VALID [2020-07-29 01:05:28,451 INFO L263 TraceCheckUtils]: 9: Hoare triple {5796#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {5796#true} is VALID [2020-07-29 01:05:28,451 INFO L280 TraceCheckUtils]: 8: Hoare triple {5796#true} havoc ~kobj~1.base, ~kobj~1.offset; {5796#true} is VALID [2020-07-29 01:05:28,451 INFO L263 TraceCheckUtils]: 7: Hoare triple {5796#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {5796#true} is VALID [2020-07-29 01:05:28,451 INFO L280 TraceCheckUtils]: 6: Hoare triple {5796#true} havoc ~kobj~2.base, ~kobj~2.offset; {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L263 TraceCheckUtils]: 5: Hoare triple {5796#true} call entry_point(); {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L263 TraceCheckUtils]: 4: Hoare triple {5796#true} call main(); {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5796#true} {5796#true} #437#return; {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L280 TraceCheckUtils]: 2: Hoare triple {5796#true} assume true; {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L280 TraceCheckUtils]: 1: Hoare triple {5796#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5796#true} is VALID [2020-07-29 01:05:28,452 INFO L263 TraceCheckUtils]: 0: Hoare triple {5796#true} call ULTIMATE.init(); {5796#true} is VALID [2020-07-29 01:05:28,456 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:28,456 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [410815888] [2020-07-29 01:05:28,456 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:28,457 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12, 11] imperfect sequences [] total 22 [2020-07-29 01:05:28,457 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1015487176] [2020-07-29 01:05:28,457 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 53 [2020-07-29 01:05:28,458 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:28,458 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 23 states. [2020-07-29 01:05:28,630 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 66 edges. 66 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:28,631 INFO L459 AbstractCegarLoop]: Interpolant automaton has 23 states [2020-07-29 01:05:28,631 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:28,631 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2020-07-29 01:05:28,631 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=445, Unknown=0, NotChecked=0, Total=506 [2020-07-29 01:05:28,631 INFO L87 Difference]: Start difference. First operand 70 states and 72 transitions. Second operand 23 states. [2020-07-29 01:05:33,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:33,468 INFO L93 Difference]: Finished difference Result 68 states and 70 transitions. [2020-07-29 01:05:33,468 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2020-07-29 01:05:33,468 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 53 [2020-07-29 01:05:33,469 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:33,469 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2020-07-29 01:05:33,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 56 transitions. [2020-07-29 01:05:33,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 23 states. [2020-07-29 01:05:33,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 56 transitions. [2020-07-29 01:05:33,472 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 56 transitions. [2020-07-29 01:05:33,584 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:33,585 INFO L225 Difference]: With dead ends: 68 [2020-07-29 01:05:33,586 INFO L226 Difference]: Without dead ends: 68 [2020-07-29 01:05:33,587 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 80 SyntacticMatches, 4 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 140 ImplicationChecksByTransitivity, 1.2s TimeCoverageRelationStatistics Valid=88, Invalid=614, Unknown=0, NotChecked=0, Total=702 [2020-07-29 01:05:33,587 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2020-07-29 01:05:33,589 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2020-07-29 01:05:33,590 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:33,590 INFO L82 GeneralOperation]: Start isEquivalent. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:33,590 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:33,590 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:33,592 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:33,592 INFO L93 Difference]: Finished difference Result 68 states and 70 transitions. [2020-07-29 01:05:33,593 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 70 transitions. [2020-07-29 01:05:33,593 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:33,593 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:33,593 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:33,594 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:33,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:33,596 INFO L93 Difference]: Finished difference Result 68 states and 70 transitions. [2020-07-29 01:05:33,596 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 70 transitions. [2020-07-29 01:05:33,596 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:33,596 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:33,597 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:33,597 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:33,597 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2020-07-29 01:05:33,598 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 70 transitions. [2020-07-29 01:05:33,599 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 70 transitions. Word has length 53 [2020-07-29 01:05:33,599 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:33,599 INFO L479 AbstractCegarLoop]: Abstraction has 68 states and 70 transitions. [2020-07-29 01:05:33,599 INFO L480 AbstractCegarLoop]: Interpolant automaton has 23 states. [2020-07-29 01:05:33,600 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 70 transitions. [2020-07-29 01:05:33,600 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2020-07-29 01:05:33,600 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:33,601 INFO L422 BasicCegarLoop]: trace histogram [16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:33,813 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 mathsat -unsat_core_generation=3 [2020-07-29 01:05:33,814 INFO L427 AbstractCegarLoop]: === Iteration 14 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:33,815 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:33,815 INFO L82 PathProgramCache]: Analyzing trace with hash -1516815243, now seen corresponding path program 1 times [2020-07-29 01:05:33,816 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:33,816 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [773547028] [2020-07-29 01:05:33,816 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 15 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 15 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:33,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:33,985 INFO L263 TraceCheckSpWp]: Trace formula consists of 214 conjuncts, 7 conjunts are in the unsatisfiable core [2020-07-29 01:05:34,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:34,004 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:34,093 INFO L263 TraceCheckUtils]: 0: Hoare triple {6416#true} call ULTIMATE.init(); {6416#true} is VALID [2020-07-29 01:05:34,094 INFO L280 TraceCheckUtils]: 1: Hoare triple {6416#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6416#true} is VALID [2020-07-29 01:05:34,094 INFO L280 TraceCheckUtils]: 2: Hoare triple {6416#true} assume true; {6416#true} is VALID [2020-07-29 01:05:34,094 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {6416#true} {6416#true} #437#return; {6416#true} is VALID [2020-07-29 01:05:34,095 INFO L263 TraceCheckUtils]: 4: Hoare triple {6416#true} call main(); {6416#true} is VALID [2020-07-29 01:05:34,095 INFO L263 TraceCheckUtils]: 5: Hoare triple {6416#true} call entry_point(); {6416#true} is VALID [2020-07-29 01:05:34,095 INFO L280 TraceCheckUtils]: 6: Hoare triple {6416#true} havoc ~kobj~2.base, ~kobj~2.offset; {6416#true} is VALID [2020-07-29 01:05:34,095 INFO L263 TraceCheckUtils]: 7: Hoare triple {6416#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {6416#true} is VALID [2020-07-29 01:05:34,095 INFO L280 TraceCheckUtils]: 8: Hoare triple {6416#true} havoc ~kobj~1.base, ~kobj~1.offset; {6416#true} is VALID [2020-07-29 01:05:34,096 INFO L263 TraceCheckUtils]: 9: Hoare triple {6416#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {6416#true} is VALID [2020-07-29 01:05:34,096 INFO L280 TraceCheckUtils]: 10: Hoare triple {6416#true} ~size := #in~size; {6416#true} is VALID [2020-07-29 01:05:34,097 INFO L280 TraceCheckUtils]: 11: Hoare triple {6416#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,097 INFO L280 TraceCheckUtils]: 12: Hoare triple {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,098 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {6416#true} #417#return; {6461#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,098 INFO L280 TraceCheckUtils]: 14: Hoare triple {6461#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,099 INFO L280 TraceCheckUtils]: 15: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,099 INFO L263 TraceCheckUtils]: 16: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {6416#true} is VALID [2020-07-29 01:05:34,099 INFO L280 TraceCheckUtils]: 17: Hoare triple {6416#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {6416#true} is VALID [2020-07-29 01:05:34,099 INFO L280 TraceCheckUtils]: 18: Hoare triple {6416#true} #t~loopctr39 := 0bv32; {6416#true} is VALID [2020-07-29 01:05:34,099 INFO L280 TraceCheckUtils]: 19: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 20: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 21: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 22: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 23: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 24: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,100 INFO L280 TraceCheckUtils]: 25: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 26: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 27: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 28: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 29: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 30: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,101 INFO L280 TraceCheckUtils]: 31: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,102 INFO L280 TraceCheckUtils]: 32: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,102 INFO L280 TraceCheckUtils]: 33: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,102 INFO L280 TraceCheckUtils]: 34: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,102 INFO L280 TraceCheckUtils]: 35: Hoare triple {6416#true} assume !~bvslt32(#t~loopctr39, #amount); {6416#true} is VALID [2020-07-29 01:05:34,102 INFO L280 TraceCheckUtils]: 36: Hoare triple {6416#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {6416#true} is VALID [2020-07-29 01:05:34,103 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {6416#true} {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #419#return; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,104 INFO L280 TraceCheckUtils]: 38: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} havoc #t~memset~res35.base, #t~memset~res35.offset; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,104 INFO L263 TraceCheckUtils]: 39: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {6416#true} is VALID [2020-07-29 01:05:34,104 INFO L280 TraceCheckUtils]: 40: Hoare triple {6416#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {6544#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} is VALID [2020-07-29 01:05:34,105 INFO L280 TraceCheckUtils]: 41: Hoare triple {6544#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} assume ~kobj.base == 0bv32 && ~kobj.offset == 0bv32; {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:34,105 INFO L280 TraceCheckUtils]: 42: Hoare triple {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} assume true; {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:34,111 INFO L275 TraceCheckUtils]: 43: Hoare quadruple {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #421#return; {6417#false} is VALID [2020-07-29 01:05:34,111 INFO L280 TraceCheckUtils]: 44: Hoare triple {6417#false} #res.base, #res.offset := ~kobj~1.base, ~kobj~1.offset; {6417#false} is VALID [2020-07-29 01:05:34,112 INFO L280 TraceCheckUtils]: 45: Hoare triple {6417#false} assume true; {6417#false} is VALID [2020-07-29 01:05:34,112 INFO L275 TraceCheckUtils]: 46: Hoare quadruple {6417#false} {6416#true} #427#return; {6417#false} is VALID [2020-07-29 01:05:34,112 INFO L280 TraceCheckUtils]: 47: Hoare triple {6417#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {6417#false} is VALID [2020-07-29 01:05:34,112 INFO L280 TraceCheckUtils]: 48: Hoare triple {6417#false} assume true; {6417#false} is VALID [2020-07-29 01:05:34,112 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {6417#false} {6416#true} #401#return; {6417#false} is VALID [2020-07-29 01:05:34,113 INFO L280 TraceCheckUtils]: 50: Hoare triple {6417#false} assume !(#valid == old(#valid)); {6417#false} is VALID [2020-07-29 01:05:34,116 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:34,116 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:34,439 INFO L280 TraceCheckUtils]: 50: Hoare triple {6417#false} assume !(#valid == old(#valid)); {6417#false} is VALID [2020-07-29 01:05:34,439 INFO L275 TraceCheckUtils]: 49: Hoare quadruple {6417#false} {6416#true} #401#return; {6417#false} is VALID [2020-07-29 01:05:34,439 INFO L280 TraceCheckUtils]: 48: Hoare triple {6417#false} assume true; {6417#false} is VALID [2020-07-29 01:05:34,440 INFO L280 TraceCheckUtils]: 47: Hoare triple {6417#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {6417#false} is VALID [2020-07-29 01:05:34,440 INFO L275 TraceCheckUtils]: 46: Hoare quadruple {6417#false} {6416#true} #427#return; {6417#false} is VALID [2020-07-29 01:05:34,440 INFO L280 TraceCheckUtils]: 45: Hoare triple {6417#false} assume true; {6417#false} is VALID [2020-07-29 01:05:34,440 INFO L280 TraceCheckUtils]: 44: Hoare triple {6417#false} #res.base, #res.offset := ~kobj~1.base, ~kobj~1.offset; {6417#false} is VALID [2020-07-29 01:05:34,441 INFO L275 TraceCheckUtils]: 43: Hoare quadruple {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #421#return; {6417#false} is VALID [2020-07-29 01:05:34,442 INFO L280 TraceCheckUtils]: 42: Hoare triple {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} assume true; {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:34,442 INFO L280 TraceCheckUtils]: 41: Hoare triple {6612#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} assume ~kobj.base == 0bv32 && ~kobj.offset == 0bv32; {6548#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:34,443 INFO L280 TraceCheckUtils]: 40: Hoare triple {6416#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {6612#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,443 INFO L263 TraceCheckUtils]: 39: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {6416#true} is VALID [2020-07-29 01:05:34,443 INFO L280 TraceCheckUtils]: 38: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} havoc #t~memset~res35.base, #t~memset~res35.offset; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,444 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {6416#true} {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #419#return; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,444 INFO L280 TraceCheckUtils]: 36: Hoare triple {6416#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {6416#true} is VALID [2020-07-29 01:05:34,444 INFO L280 TraceCheckUtils]: 35: Hoare triple {6416#true} assume !~bvslt32(#t~loopctr39, #amount); {6416#true} is VALID [2020-07-29 01:05:34,444 INFO L280 TraceCheckUtils]: 34: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,444 INFO L280 TraceCheckUtils]: 33: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 32: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 31: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 30: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 29: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 28: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 27: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,445 INFO L280 TraceCheckUtils]: 26: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 25: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 24: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 23: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 22: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 21: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 20: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,446 INFO L280 TraceCheckUtils]: 19: Hoare triple {6416#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {6416#true} is VALID [2020-07-29 01:05:34,447 INFO L280 TraceCheckUtils]: 18: Hoare triple {6416#true} #t~loopctr39 := 0bv32; {6416#true} is VALID [2020-07-29 01:05:34,447 INFO L280 TraceCheckUtils]: 17: Hoare triple {6416#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {6416#true} is VALID [2020-07-29 01:05:34,447 INFO L263 TraceCheckUtils]: 16: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {6416#true} is VALID [2020-07-29 01:05:34,447 INFO L280 TraceCheckUtils]: 15: Hoare triple {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,448 INFO L280 TraceCheckUtils]: 14: Hoare triple {6461#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {6465#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:34,448 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {6416#true} #417#return; {6461#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,449 INFO L280 TraceCheckUtils]: 12: Hoare triple {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,449 INFO L280 TraceCheckUtils]: 11: Hoare triple {6416#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {6454#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:34,450 INFO L280 TraceCheckUtils]: 10: Hoare triple {6416#true} ~size := #in~size; {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L263 TraceCheckUtils]: 9: Hoare triple {6416#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L280 TraceCheckUtils]: 8: Hoare triple {6416#true} havoc ~kobj~1.base, ~kobj~1.offset; {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L263 TraceCheckUtils]: 7: Hoare triple {6416#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L280 TraceCheckUtils]: 6: Hoare triple {6416#true} havoc ~kobj~2.base, ~kobj~2.offset; {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L263 TraceCheckUtils]: 5: Hoare triple {6416#true} call entry_point(); {6416#true} is VALID [2020-07-29 01:05:34,450 INFO L263 TraceCheckUtils]: 4: Hoare triple {6416#true} call main(); {6416#true} is VALID [2020-07-29 01:05:34,451 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {6416#true} {6416#true} #437#return; {6416#true} is VALID [2020-07-29 01:05:34,451 INFO L280 TraceCheckUtils]: 2: Hoare triple {6416#true} assume true; {6416#true} is VALID [2020-07-29 01:05:34,451 INFO L280 TraceCheckUtils]: 1: Hoare triple {6416#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6416#true} is VALID [2020-07-29 01:05:34,451 INFO L263 TraceCheckUtils]: 0: Hoare triple {6416#true} call ULTIMATE.init(); {6416#true} is VALID [2020-07-29 01:05:34,454 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:34,454 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [773547028] [2020-07-29 01:05:34,454 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:34,455 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7, 7] imperfect sequences [] total 8 [2020-07-29 01:05:34,455 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1144944308] [2020-07-29 01:05:34,455 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 51 [2020-07-29 01:05:34,455 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:34,456 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states. [2020-07-29 01:05:34,501 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:34,501 INFO L459 AbstractCegarLoop]: Interpolant automaton has 8 states [2020-07-29 01:05:34,502 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:34,502 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2020-07-29 01:05:34,502 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2020-07-29 01:05:34,502 INFO L87 Difference]: Start difference. First operand 68 states and 70 transitions. Second operand 8 states. [2020-07-29 01:05:35,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:35,054 INFO L93 Difference]: Finished difference Result 70 states and 71 transitions. [2020-07-29 01:05:35,054 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:05:35,054 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 51 [2020-07-29 01:05:35,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:35,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2020-07-29 01:05:35,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 56 transitions. [2020-07-29 01:05:35,057 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2020-07-29 01:05:35,058 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 56 transitions. [2020-07-29 01:05:35,058 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 56 transitions. [2020-07-29 01:05:35,131 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 56 edges. 56 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:35,133 INFO L225 Difference]: With dead ends: 70 [2020-07-29 01:05:35,133 INFO L226 Difference]: Without dead ends: 68 [2020-07-29 01:05:35,134 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 95 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:05:35,134 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2020-07-29 01:05:35,137 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2020-07-29 01:05:35,137 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:35,137 INFO L82 GeneralOperation]: Start isEquivalent. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:35,137 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:35,138 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:35,139 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:35,139 INFO L93 Difference]: Finished difference Result 68 states and 69 transitions. [2020-07-29 01:05:35,140 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 69 transitions. [2020-07-29 01:05:35,140 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:35,140 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:35,140 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:35,141 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:35,142 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:35,143 INFO L93 Difference]: Finished difference Result 68 states and 69 transitions. [2020-07-29 01:05:35,143 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 69 transitions. [2020-07-29 01:05:35,143 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:35,143 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:35,144 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:35,144 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:35,144 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2020-07-29 01:05:35,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 69 transitions. [2020-07-29 01:05:35,146 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 69 transitions. Word has length 51 [2020-07-29 01:05:35,146 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:35,146 INFO L479 AbstractCegarLoop]: Abstraction has 68 states and 69 transitions. [2020-07-29 01:05:35,146 INFO L480 AbstractCegarLoop]: Interpolant automaton has 8 states. [2020-07-29 01:05:35,147 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 69 transitions. [2020-07-29 01:05:35,147 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2020-07-29 01:05:35,148 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:35,148 INFO L422 BasicCegarLoop]: trace histogram [16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:35,360 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 mathsat -unsat_core_generation=3 [2020-07-29 01:05:35,361 INFO L427 AbstractCegarLoop]: === Iteration 15 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:35,362 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:35,362 INFO L82 PathProgramCache]: Analyzing trace with hash 240473020, now seen corresponding path program 1 times [2020-07-29 01:05:35,363 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:35,363 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [815515863] [2020-07-29 01:05:35,363 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 16 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 16 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:35,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:35,552 INFO L263 TraceCheckSpWp]: Trace formula consists of 227 conjuncts, 9 conjunts are in the unsatisfiable core [2020-07-29 01:05:35,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:05:35,571 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:05:35,691 INFO L263 TraceCheckUtils]: 0: Hoare triple {7005#true} call ULTIMATE.init(); {7005#true} is VALID [2020-07-29 01:05:35,691 INFO L280 TraceCheckUtils]: 1: Hoare triple {7005#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7005#true} is VALID [2020-07-29 01:05:35,691 INFO L280 TraceCheckUtils]: 2: Hoare triple {7005#true} assume true; {7005#true} is VALID [2020-07-29 01:05:35,691 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {7005#true} {7005#true} #437#return; {7005#true} is VALID [2020-07-29 01:05:35,692 INFO L263 TraceCheckUtils]: 4: Hoare triple {7005#true} call main(); {7005#true} is VALID [2020-07-29 01:05:35,692 INFO L263 TraceCheckUtils]: 5: Hoare triple {7005#true} call entry_point(); {7005#true} is VALID [2020-07-29 01:05:35,692 INFO L280 TraceCheckUtils]: 6: Hoare triple {7005#true} havoc ~kobj~2.base, ~kobj~2.offset; {7005#true} is VALID [2020-07-29 01:05:35,692 INFO L263 TraceCheckUtils]: 7: Hoare triple {7005#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {7005#true} is VALID [2020-07-29 01:05:35,693 INFO L280 TraceCheckUtils]: 8: Hoare triple {7005#true} havoc ~kobj~1.base, ~kobj~1.offset; {7005#true} is VALID [2020-07-29 01:05:35,693 INFO L263 TraceCheckUtils]: 9: Hoare triple {7005#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {7005#true} is VALID [2020-07-29 01:05:35,693 INFO L280 TraceCheckUtils]: 10: Hoare triple {7005#true} ~size := #in~size; {7005#true} is VALID [2020-07-29 01:05:35,694 INFO L280 TraceCheckUtils]: 11: Hoare triple {7005#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:35,694 INFO L280 TraceCheckUtils]: 12: Hoare triple {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:35,695 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {7005#true} #417#return; {7050#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:35,695 INFO L280 TraceCheckUtils]: 14: Hoare triple {7050#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:35,696 INFO L280 TraceCheckUtils]: 15: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:35,696 INFO L263 TraceCheckUtils]: 16: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {7005#true} is VALID [2020-07-29 01:05:35,696 INFO L280 TraceCheckUtils]: 17: Hoare triple {7005#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {7005#true} is VALID [2020-07-29 01:05:35,696 INFO L280 TraceCheckUtils]: 18: Hoare triple {7005#true} #t~loopctr39 := 0bv32; {7005#true} is VALID [2020-07-29 01:05:35,696 INFO L280 TraceCheckUtils]: 19: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,696 INFO L280 TraceCheckUtils]: 20: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 21: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 22: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 23: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 24: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 25: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 26: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,697 INFO L280 TraceCheckUtils]: 27: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,698 INFO L280 TraceCheckUtils]: 28: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,698 INFO L280 TraceCheckUtils]: 29: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,698 INFO L280 TraceCheckUtils]: 30: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,698 INFO L280 TraceCheckUtils]: 31: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,699 INFO L280 TraceCheckUtils]: 32: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,699 INFO L280 TraceCheckUtils]: 33: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,700 INFO L280 TraceCheckUtils]: 34: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:35,700 INFO L280 TraceCheckUtils]: 35: Hoare triple {7005#true} assume !~bvslt32(#t~loopctr39, #amount); {7005#true} is VALID [2020-07-29 01:05:35,700 INFO L280 TraceCheckUtils]: 36: Hoare triple {7005#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {7005#true} is VALID [2020-07-29 01:05:35,701 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {7005#true} {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #419#return; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:35,701 INFO L280 TraceCheckUtils]: 38: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} havoc #t~memset~res35.base, #t~memset~res35.offset; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:35,701 INFO L263 TraceCheckUtils]: 39: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {7005#true} is VALID [2020-07-29 01:05:35,702 INFO L280 TraceCheckUtils]: 40: Hoare triple {7005#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {7133#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} is VALID [2020-07-29 01:05:35,703 INFO L280 TraceCheckUtils]: 41: Hoare triple {7133#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {7133#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} is VALID [2020-07-29 01:05:35,703 INFO L263 TraceCheckUtils]: 42: Hoare triple {7133#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {7005#true} is VALID [2020-07-29 01:05:35,703 INFO L280 TraceCheckUtils]: 43: Hoare triple {7005#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {7143#(= ldv_kobject_init_internal_~kobj.base |ldv_kobject_init_internal_#in~kobj.base|)} is VALID [2020-07-29 01:05:35,704 INFO L280 TraceCheckUtils]: 44: Hoare triple {7143#(= ldv_kobject_init_internal_~kobj.base |ldv_kobject_init_internal_#in~kobj.base|)} assume ~kobj.base == 0bv32 && ~kobj.offset == 0bv32; {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} is VALID [2020-07-29 01:05:35,704 INFO L280 TraceCheckUtils]: 45: Hoare triple {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} assume true; {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} is VALID [2020-07-29 01:05:35,705 INFO L275 TraceCheckUtils]: 46: Hoare quadruple {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} {7133#(= |ldv_kobject_init_#in~kobj.base| ldv_kobject_init_~kobj.base)} #393#return; {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:35,706 INFO L280 TraceCheckUtils]: 47: Hoare triple {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} assume true; {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:35,706 INFO L275 TraceCheckUtils]: 48: Hoare quadruple {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #421#return; {7006#false} is VALID [2020-07-29 01:05:35,706 INFO L280 TraceCheckUtils]: 49: Hoare triple {7006#false} #res.base, #res.offset := ~kobj~1.base, ~kobj~1.offset; {7006#false} is VALID [2020-07-29 01:05:35,706 INFO L280 TraceCheckUtils]: 50: Hoare triple {7006#false} assume true; {7006#false} is VALID [2020-07-29 01:05:35,707 INFO L275 TraceCheckUtils]: 51: Hoare quadruple {7006#false} {7005#true} #427#return; {7006#false} is VALID [2020-07-29 01:05:35,707 INFO L280 TraceCheckUtils]: 52: Hoare triple {7006#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {7006#false} is VALID [2020-07-29 01:05:35,707 INFO L280 TraceCheckUtils]: 53: Hoare triple {7006#false} assume true; {7006#false} is VALID [2020-07-29 01:05:35,707 INFO L275 TraceCheckUtils]: 54: Hoare quadruple {7006#false} {7005#true} #401#return; {7006#false} is VALID [2020-07-29 01:05:35,707 INFO L280 TraceCheckUtils]: 55: Hoare triple {7006#false} assume !(#valid == old(#valid)); {7006#false} is VALID [2020-07-29 01:05:35,709 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:35,709 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2020-07-29 01:05:36,048 INFO L523 QuantifierPusher]: Distributing 2 disjuncts over 2 conjuncts [2020-07-29 01:05:36,148 INFO L280 TraceCheckUtils]: 55: Hoare triple {7006#false} assume !(#valid == old(#valid)); {7006#false} is VALID [2020-07-29 01:05:36,149 INFO L275 TraceCheckUtils]: 54: Hoare quadruple {7006#false} {7005#true} #401#return; {7006#false} is VALID [2020-07-29 01:05:36,149 INFO L280 TraceCheckUtils]: 53: Hoare triple {7006#false} assume true; {7006#false} is VALID [2020-07-29 01:05:36,149 INFO L280 TraceCheckUtils]: 52: Hoare triple {7006#false} ~kobj~2.base, ~kobj~2.offset := #t~ret38.base, #t~ret38.offset;havoc #t~ret38.base, #t~ret38.offset; {7006#false} is VALID [2020-07-29 01:05:36,149 INFO L275 TraceCheckUtils]: 51: Hoare quadruple {7006#false} {7005#true} #427#return; {7006#false} is VALID [2020-07-29 01:05:36,150 INFO L280 TraceCheckUtils]: 50: Hoare triple {7006#false} assume true; {7006#false} is VALID [2020-07-29 01:05:36,150 INFO L280 TraceCheckUtils]: 49: Hoare triple {7006#false} #res.base, #res.offset := ~kobj~1.base, ~kobj~1.offset; {7006#false} is VALID [2020-07-29 01:05:36,151 INFO L275 TraceCheckUtils]: 48: Hoare quadruple {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #421#return; {7006#false} is VALID [2020-07-29 01:05:36,151 INFO L280 TraceCheckUtils]: 47: Hoare triple {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} assume true; {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:36,152 INFO L275 TraceCheckUtils]: 46: Hoare quadruple {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} {7218#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} #393#return; {7154#(= |ldv_kobject_init_#in~kobj.base| (_ bv0 32))} is VALID [2020-07-29 01:05:36,153 INFO L280 TraceCheckUtils]: 45: Hoare triple {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} assume true; {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} is VALID [2020-07-29 01:05:36,153 INFO L280 TraceCheckUtils]: 44: Hoare triple {7228#(or (not (= ldv_kobject_init_internal_~kobj.base (_ bv0 32))) (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|))} assume ~kobj.base == 0bv32 && ~kobj.offset == 0bv32; {7147#(= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|)} is VALID [2020-07-29 01:05:36,154 INFO L280 TraceCheckUtils]: 43: Hoare triple {7005#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {7228#(or (not (= ldv_kobject_init_internal_~kobj.base (_ bv0 32))) (= (_ bv0 32) |ldv_kobject_init_internal_#in~kobj.base|))} is VALID [2020-07-29 01:05:36,154 INFO L263 TraceCheckUtils]: 42: Hoare triple {7218#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} call ldv_kobject_init_internal(~kobj.base, ~kobj.offset); {7005#true} is VALID [2020-07-29 01:05:36,154 INFO L280 TraceCheckUtils]: 41: Hoare triple {7218#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} assume !(~kobj.base == 0bv32 && ~kobj.offset == 0bv32); {7218#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:36,154 INFO L280 TraceCheckUtils]: 40: Hoare triple {7005#true} ~kobj.base, ~kobj.offset := #in~kobj.base, #in~kobj.offset; {7218#(or (not (= (_ bv0 32) ldv_kobject_init_~kobj.base)) (= |ldv_kobject_init_#in~kobj.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:36,155 INFO L263 TraceCheckUtils]: 39: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call ldv_kobject_init(~kobj~1.base, ~kobj~1.offset); {7005#true} is VALID [2020-07-29 01:05:36,155 INFO L280 TraceCheckUtils]: 38: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} havoc #t~memset~res35.base, #t~memset~res35.offset; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:36,156 INFO L275 TraceCheckUtils]: 37: Hoare quadruple {7005#true} {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} #419#return; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:36,156 INFO L280 TraceCheckUtils]: 36: Hoare triple {7005#true} assume #res.base == #ptr.base && #res.offset == #ptr.offset; {7005#true} is VALID [2020-07-29 01:05:36,156 INFO L280 TraceCheckUtils]: 35: Hoare triple {7005#true} assume !~bvslt32(#t~loopctr39, #amount); {7005#true} is VALID [2020-07-29 01:05:36,157 INFO L280 TraceCheckUtils]: 34: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,157 INFO L280 TraceCheckUtils]: 33: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,157 INFO L280 TraceCheckUtils]: 32: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,157 INFO L280 TraceCheckUtils]: 31: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,157 INFO L280 TraceCheckUtils]: 30: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,158 INFO L280 TraceCheckUtils]: 29: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,158 INFO L280 TraceCheckUtils]: 28: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,158 INFO L280 TraceCheckUtils]: 27: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,158 INFO L280 TraceCheckUtils]: 26: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 25: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 24: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 23: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 22: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 21: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 20: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,159 INFO L280 TraceCheckUtils]: 19: Hoare triple {7005#true} assume ~bvslt32(#t~loopctr39, #amount);#memory_int := #memory_int[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := #value[8:0]];#memory_$Pointer$.base, #memory_$Pointer$.offset := #memory_$Pointer$.base[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := 0bv32], #memory_$Pointer$.offset[#ptr.base,~bvadd32(#ptr.offset, #t~loopctr39) := ~zero_extendFrom8To32(#value[8:0])];#t~loopctr39 := ~bvadd32(1bv32, #t~loopctr39); {7005#true} is VALID [2020-07-29 01:05:36,160 INFO L280 TraceCheckUtils]: 18: Hoare triple {7005#true} #t~loopctr39 := 0bv32; {7005#true} is VALID [2020-07-29 01:05:36,160 INFO L280 TraceCheckUtils]: 17: Hoare triple {7005#true} assume 1bv1 == #valid[#ptr.base];assume (~bvule32(~bvadd32(#amount, #ptr.offset), #length[#ptr.base]) && ~bvule32(#ptr.offset, ~bvadd32(#amount, #ptr.offset))) && ~bvule32(0bv32, #ptr.offset); {7005#true} is VALID [2020-07-29 01:05:36,160 INFO L263 TraceCheckUtils]: 16: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} call #t~memset~res35.base, #t~memset~res35.offset := #Ultimate.C_memset(~kobj~1.base, ~kobj~1.offset, 0bv32, 16bv32); {7005#true} is VALID [2020-07-29 01:05:36,160 INFO L280 TraceCheckUtils]: 15: Hoare triple {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} assume !(~kobj~1.base == 0bv32 && ~kobj~1.offset == 0bv32); {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:36,164 INFO L280 TraceCheckUtils]: 14: Hoare triple {7050#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} ~kobj~1.base, ~kobj~1.offset := #t~ret34.base, #t~ret34.offset;havoc #t~ret34.base, #t~ret34.offset; {7054#(not (= (_ bv0 32) ldv_kobject_create_~kobj~1.base))} is VALID [2020-07-29 01:05:36,165 INFO L275 TraceCheckUtils]: 13: Hoare quadruple {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {7005#true} #417#return; {7050#(not (= |ldv_kobject_create_#t~ret34.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:36,165 INFO L280 TraceCheckUtils]: 12: Hoare triple {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:36,166 INFO L280 TraceCheckUtils]: 11: Hoare triple {7005#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset; {7043#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2020-07-29 01:05:36,166 INFO L280 TraceCheckUtils]: 10: Hoare triple {7005#true} ~size := #in~size; {7005#true} is VALID [2020-07-29 01:05:36,166 INFO L263 TraceCheckUtils]: 9: Hoare triple {7005#true} call #t~ret34.base, #t~ret34.offset := ldv_malloc(16bv32); {7005#true} is VALID [2020-07-29 01:05:36,166 INFO L280 TraceCheckUtils]: 8: Hoare triple {7005#true} havoc ~kobj~1.base, ~kobj~1.offset; {7005#true} is VALID [2020-07-29 01:05:36,166 INFO L263 TraceCheckUtils]: 7: Hoare triple {7005#true} call #t~ret38.base, #t~ret38.offset := ldv_kobject_create(); {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L280 TraceCheckUtils]: 6: Hoare triple {7005#true} havoc ~kobj~2.base, ~kobj~2.offset; {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L263 TraceCheckUtils]: 5: Hoare triple {7005#true} call entry_point(); {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L263 TraceCheckUtils]: 4: Hoare triple {7005#true} call main(); {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {7005#true} {7005#true} #437#return; {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L280 TraceCheckUtils]: 2: Hoare triple {7005#true} assume true; {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L280 TraceCheckUtils]: 1: Hoare triple {7005#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7005#true} is VALID [2020-07-29 01:05:36,167 INFO L263 TraceCheckUtils]: 0: Hoare triple {7005#true} call ULTIMATE.init(); {7005#true} is VALID [2020-07-29 01:05:36,169 INFO L134 CoverageAnalysis]: Checked inductivity of 136 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2020-07-29 01:05:36,170 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [815515863] [2020-07-29 01:05:36,170 INFO L220 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:05:36,170 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9, 9] imperfect sequences [] total 11 [2020-07-29 01:05:36,170 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1474551646] [2020-07-29 01:05:36,170 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 56 [2020-07-29 01:05:36,171 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:05:36,171 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states. [2020-07-29 01:05:36,228 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 47 edges. 47 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:36,228 INFO L459 AbstractCegarLoop]: Interpolant automaton has 11 states [2020-07-29 01:05:36,228 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2020-07-29 01:05:36,228 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2020-07-29 01:05:36,229 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2020-07-29 01:05:36,229 INFO L87 Difference]: Start difference. First operand 68 states and 69 transitions. Second operand 11 states. [2020-07-29 01:05:36,901 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:36,902 INFO L93 Difference]: Finished difference Result 72 states and 72 transitions. [2020-07-29 01:05:36,902 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:05:36,902 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 56 [2020-07-29 01:05:36,903 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:05:36,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2020-07-29 01:05:36,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 57 transitions. [2020-07-29 01:05:36,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2020-07-29 01:05:36,906 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 57 transitions. [2020-07-29 01:05:36,906 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 57 transitions. [2020-07-29 01:05:37,016 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 57 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:05:37,017 INFO L225 Difference]: With dead ends: 72 [2020-07-29 01:05:37,017 INFO L226 Difference]: Without dead ends: 68 [2020-07-29 01:05:37,017 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 102 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=123, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:05:37,018 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2020-07-29 01:05:37,025 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2020-07-29 01:05:37,027 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:05:37,028 INFO L82 GeneralOperation]: Start isEquivalent. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:37,028 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:37,028 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:37,030 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:37,031 INFO L93 Difference]: Finished difference Result 68 states and 68 transitions. [2020-07-29 01:05:37,031 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 68 transitions. [2020-07-29 01:05:37,032 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:37,032 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:37,032 INFO L74 IsIncluded]: Start isIncluded. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:37,032 INFO L87 Difference]: Start difference. First operand 68 states. Second operand 68 states. [2020-07-29 01:05:37,034 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:05:37,035 INFO L93 Difference]: Finished difference Result 68 states and 68 transitions. [2020-07-29 01:05:37,035 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 68 transitions. [2020-07-29 01:05:37,035 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:05:37,035 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:05:37,036 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:05:37,036 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:05:37,036 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 68 states. [2020-07-29 01:05:37,037 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 68 transitions. [2020-07-29 01:05:37,038 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 68 transitions. Word has length 56 [2020-07-29 01:05:37,038 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:05:37,039 INFO L479 AbstractCegarLoop]: Abstraction has 68 states and 68 transitions. [2020-07-29 01:05:37,039 INFO L480 AbstractCegarLoop]: Interpolant automaton has 11 states. [2020-07-29 01:05:37,040 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 68 transitions. [2020-07-29 01:05:37,041 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2020-07-29 01:05:37,041 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:05:37,041 INFO L422 BasicCegarLoop]: trace histogram [16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:05:37,254 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 mathsat -unsat_core_generation=3 [2020-07-29 01:05:37,255 INFO L427 AbstractCegarLoop]: === Iteration 16 === [ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION, ldv_list_addErr1REQUIRES_VIOLATION, ldv_list_addErr0REQUIRES_VIOLATION, ldv_kobject_createErr1REQUIRES_VIOLATION, ldv_kobject_createErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr4REQUIRES_VIOLATION, ldv_destroy_msgsErr3REQUIRES_VIOLATION, ldv_destroy_msgsErr2REQUIRES_VIOLATION, ldv_destroy_msgsErr1REQUIRES_VIOLATION, ldv_destroy_msgsErr0REQUIRES_VIOLATION, ldv_destroy_msgsErr5REQUIRES_VIOLATION, ldv_msg_fillErr1REQUIRES_VIOLATION, ldv_msg_fillErr5REQUIRES_VIOLATION, ldv_msg_fillErr0REQUIRES_VIOLATION, ldv_msg_fillErr4REQUIRES_VIOLATION, ldv_msg_fillErr2REQUIRES_VIOLATION, ldv_msg_fillErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr1REQUIRES_VIOLATION, ldv_atomic_add_returnErr0REQUIRES_VIOLATION, ldv_atomic_add_returnErr3REQUIRES_VIOLATION, ldv_atomic_add_returnErr2REQUIRES_VIOLATION, __ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_delErr1REQUIRES_VIOLATION, __ldv_list_delErr2REQUIRES_VIOLATION, __ldv_list_delErr3REQUIRES_VIOLATION, ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr1REQUIRES_VIOLATION, ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_kobject_cleanupErr0REQUIRES_VIOLATION, ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr1REQUIRES_VIOLATION, ldv_msg_freeErr0REQUIRES_VIOLATION, ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE, ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE, mainErr0ENSURES_VIOLATIONMEMORY_LEAK, LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION, LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION, ldv_list_delErr2REQUIRES_VIOLATION, ldv_list_delErr1REQUIRES_VIOLATION, ldv_list_delErr3REQUIRES_VIOLATION, ldv_list_delErr0REQUIRES_VIOLATION, __ldv_list_addErr5REQUIRES_VIOLATION, __ldv_list_addErr0REQUIRES_VIOLATION, __ldv_list_addErr1REQUIRES_VIOLATION, __ldv_list_addErr6REQUIRES_VIOLATION, __ldv_list_addErr7REQUIRES_VIOLATION, __ldv_list_addErr2REQUIRES_VIOLATION, __ldv_list_addErr3REQUIRES_VIOLATION, __ldv_list_addErr4REQUIRES_VIOLATION, ldv_dev_set_drvdataErr0REQUIRES_VIOLATION, ldv_dev_set_drvdataErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr1REQUIRES_VIOLATION, ldv_atomic_sub_returnErr0REQUIRES_VIOLATION, ldv_atomic_sub_returnErr3REQUIRES_VIOLATION, ldv_atomic_sub_returnErr2REQUIRES_VIOLATION, ldv_list_add_tailErr0REQUIRES_VIOLATION, ldv_list_add_tailErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr1REQUIRES_VIOLATION, ldv_dev_get_drvdataErr0REQUIRES_VIOLATION, ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION]=== [2020-07-29 01:05:37,256 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:05:37,257 INFO L82 PathProgramCache]: Analyzing trace with hash 214334517, now seen corresponding path program 1 times [2020-07-29 01:05:37,258 INFO L163 FreeRefinementEngine]: Executing refinement strategy WOLF [2020-07-29 01:05:37,258 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1546892716] [2020-07-29 01:05:37,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat Starting monitored process 17 with mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 17 with mathsat -unsat_core_generation=3 [2020-07-29 01:05:37,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:05:37,488 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:05:37,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:05:37,609 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:05:37,692 INFO L174 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2020-07-29 01:05:37,692 INFO L520 BasicCegarLoop]: Counterexample might be feasible [2020-07-29 01:05:37,902 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 mathsat -unsat_core_generation=3 [2020-07-29 01:05:37,929 WARN L417 cessorBacktranslator]: Generated EnsuresSpecification free ensures #res.base == #ptr.base && #res.offset == #ptr.offset; is not ensure(true) [2020-07-29 01:05:37,937 WARN L417 cessorBacktranslator]: Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) [2020-07-29 01:05:37,944 WARN L1295 BoogieBacktranslator]: Unfinished Backtranslation: BitvecLiteral 19bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# [2020-07-29 01:05:37,944 WARN L1295 BoogieBacktranslator]: Unfinished Backtranslation: BitvecLiteral 17bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# [2020-07-29 01:05:37,962 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 29.07 01:05:37 BoogieIcfgContainer [2020-07-29 01:05:37,963 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2020-07-29 01:05:37,963 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2020-07-29 01:05:37,963 INFO L271 PluginConnector]: Initializing Witness Printer... [2020-07-29 01:05:37,964 INFO L275 PluginConnector]: Witness Printer initialized [2020-07-29 01:05:37,964 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:04:50" (3/4) ... [2020-07-29 01:05:37,968 INFO L140 WitnessPrinter]: No result that supports witness generation found [2020-07-29 01:05:37,968 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2020-07-29 01:05:37,970 INFO L168 Benchmark]: Toolchain (without parser) took 50259.56 ms. Allocated memory was 1.0 GB in the beginning and 1.6 GB in the end (delta: 521.7 MB). Free memory was 954.9 MB in the beginning and 1.0 GB in the end (delta: -57.8 MB). Peak memory consumption was 463.8 MB. Max. memory is 11.5 GB. [2020-07-29 01:05:37,970 INFO L168 Benchmark]: CDTParser took 0.26 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:05:37,971 INFO L168 Benchmark]: CACSL2BoogieTranslator took 882.56 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 142.1 MB). Free memory was 949.5 MB in the beginning and 1.1 GB in the end (delta: -146.0 MB). Peak memory consumption was 20.6 MB. Max. memory is 11.5 GB. [2020-07-29 01:05:37,971 INFO L168 Benchmark]: Boogie Preprocessor took 131.82 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. [2020-07-29 01:05:37,972 INFO L168 Benchmark]: RCFGBuilder took 1788.48 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 926.7 MB in the end (delta: 162.1 MB). Peak memory consumption was 162.1 MB. Max. memory is 11.5 GB. [2020-07-29 01:05:37,972 INFO L168 Benchmark]: TraceAbstraction took 47440.82 ms. Allocated memory was 1.2 GB in the beginning and 1.6 GB in the end (delta: 379.6 MB). Free memory was 926.7 MB in the beginning and 1.0 GB in the end (delta: -86.1 MB). Peak memory consumption was 293.5 MB. Max. memory is 11.5 GB. [2020-07-29 01:05:37,973 INFO L168 Benchmark]: Witness Printer took 5.15 ms. Allocated memory is still 1.6 GB. Free memory is still 1.0 GB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:05:37,977 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 882.56 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 142.1 MB). Free memory was 949.5 MB in the beginning and 1.1 GB in the end (delta: -146.0 MB). Peak memory consumption was 20.6 MB. Max. memory is 11.5 GB. * Boogie Preprocessor took 131.82 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. * RCFGBuilder took 1788.48 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 926.7 MB in the end (delta: 162.1 MB). Peak memory consumption was 162.1 MB. Max. memory is 11.5 GB. * TraceAbstraction took 47440.82 ms. Allocated memory was 1.2 GB in the beginning and 1.6 GB in the end (delta: 379.6 MB). Free memory was 926.7 MB in the beginning and 1.0 GB in the end (delta: -86.1 MB). Peak memory consumption was 293.5 MB. Max. memory is 11.5 GB. * Witness Printer took 5.15 ms. Allocated memory is still 1.6 GB. Free memory is still 1.0 GB. There was no memory consumed. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.boogie.preprocessor: - GenericResult: Unfinished Backtranslation Generated EnsuresSpecification free ensures #res.base == #ptr.base && #res.offset == #ptr.offset; is not ensure(true) - GenericResult: Unfinished Backtranslation Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: BitvecLiteral 19bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: BitvecLiteral 17bv32 could not be translated for associated CType STRUCT~~ldv_list_head?next~*ldv_list_head?prev~*ldv_list_head# * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - UnprovableResult [Line: 761]: Unable to prove that all allocated memory was freed Unable to prove that all allocated memory was freed Reason: overapproximation of memtrack at line 761. Possible FailurePath: [L569] struct ldv_list_head ldv_global_msg_list = { &(ldv_global_msg_list), &(ldv_global_msg_list) }; VAL [\old(ldv_global_msg_list)=null, \old(ldv_global_msg_list)=null, ldv_global_msg_list={3:0}] [L762] CALL entry_point() VAL [ldv_global_msg_list={3:0}] [L758] struct ldv_kobject *kobj; VAL [ldv_global_msg_list={3:0}] [L759] CALL, EXPR ldv_kobject_create() VAL [ldv_global_msg_list={3:0}] [L740] struct ldv_kobject *kobj; VAL [ldv_global_msg_list={3:0}] [L741] CALL, EXPR ldv_malloc(sizeof(*kobj)) VAL [\old(size)=16, ldv_global_msg_list={3:0}] [L526] COND TRUE __VERIFIER_nondet_int() [L527] return malloc(size); VAL [\old(size)=16, \result={1:0}, ldv_global_msg_list={3:0}, malloc(size)={1:0}, size=16] [L741] RET, EXPR ldv_malloc(sizeof(*kobj)) VAL [ldv_global_msg_list={3:0}, ldv_malloc(sizeof(*kobj))={1:0}] [L741] kobj = ldv_malloc(sizeof(*kobj)) [L742] COND FALSE !(!kobj) VAL [kobj={1:0}, ldv_global_msg_list={3:0}] [L744] FCALL memset(kobj, 0, sizeof(*kobj)) VAL [kobj={1:0}, ldv_global_msg_list={3:0}, memset(kobj, 0, sizeof(*kobj))={1:0}] [L745] CALL ldv_kobject_init(kobj) VAL [kobj={1:0}, ldv_global_msg_list={3:0}] [L730] COND FALSE !(!kobj) VAL [kobj={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L733] CALL ldv_kobject_init_internal(kobj) VAL [kobj={1:0}, ldv_global_msg_list={3:0}] [L723] COND FALSE !(!kobj) VAL [kobj={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L725] CALL ldv_kref_init(&kobj->kref) VAL [kref={1:12}, ldv_global_msg_list={3:0}] [L682] ((&kref->refcount)->counter) = (1) VAL [kref={1:12}, kref={1:12}, ldv_global_msg_list={3:0}] [L725] RET ldv_kref_init(&kobj->kref) VAL [kobj={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L726] CALL LDV_INIT_LIST_HEAD(&kobj->entry) VAL [ldv_global_msg_list={3:0}, list={1:4}] [L540] list->next = list VAL [ldv_global_msg_list={3:0}, list={1:4}, list={1:4}] [L541] list->prev = list VAL [ldv_global_msg_list={3:0}, list={1:4}, list={1:4}] [L726] RET LDV_INIT_LIST_HEAD(&kobj->entry) VAL [kobj={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L733] RET ldv_kobject_init_internal(kobj) VAL [kobj={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L745] RET ldv_kobject_init(kobj) VAL [kobj={1:0}, ldv_global_msg_list={3:0}] [L746] return kobj; VAL [\result={1:0}, kobj={1:0}, ldv_global_msg_list={3:0}] [L759] RET, EXPR ldv_kobject_create() VAL [ldv_global_msg_list={3:0}, ldv_kobject_create()={1:0}] [L759] kobj = ldv_kobject_create() [L762] RET entry_point() VAL [ldv_global_msg_list={3:0}] - StatisticsResult: Ultimate Automizer benchmark data CFG has 47 procedures, 330 locations, 71 error locations. Started 1 CEGAR loops. VerificationResult: UNSAFE, OverallTime: 47.3s, OverallIterations: 16, TraceHistogramMax: 16, AutomataDifference: 27.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 760 SDtfs, 340 SDslu, 4386 SDs, 0 SdLazy, 2458 SolverSat, 156 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 7.6s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 1109 GetRequests, 905 SyntacticMatches, 19 SemanticMatches, 185 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 448 ImplicationChecksByTransitivity, 6.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=92occurred in iteration=0, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 15 MinimizatonAttempts, 15 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.7s SatisfiabilityAnalysisTime, 11.6s InterpolantComputationTime, 614 NumberOfCodeBlocks, 578 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1064 ConstructedInterpolants, 85 QuantifiedInterpolants, 151950 SizeOfPredicates, 48 NumberOfNonLiveVariables, 2290 ConjunctsInSsa, 158 ConjunctsInUnsatCore, 30 InterpolantComputations, 24 PerfectInterpolantSequences, 1340/1598 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces Received shutdown request...