./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memcleanup.prp --file ../sv-benchmarks/c/forester-heap/sll-circular-2.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (memcleanup) Using default analysis Version 8bd4bc60 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx12G -Xms1G -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/forester-heap/sll-circular-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-MemCleanup-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-memcleanup) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b651d63eb42259dfd3a213a6671e4c58ee528ad0 .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Execution finished normally Writing output log to file Ultimate.log Writing human readable error path to file UltimateCounterExample.errorpath Result: FALSE(valid-memcleanup) --- Real Ultimate output --- This is Ultimate 0.1.25-8bd4bc6 [2020-07-29 01:19:02,446 INFO L177 SettingsManager]: Resetting all preferences to default values... [2020-07-29 01:19:02,450 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2020-07-29 01:19:02,468 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2020-07-29 01:19:02,468 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2020-07-29 01:19:02,470 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2020-07-29 01:19:02,472 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2020-07-29 01:19:02,483 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2020-07-29 01:19:02,488 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2020-07-29 01:19:02,491 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2020-07-29 01:19:02,493 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2020-07-29 01:19:02,495 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2020-07-29 01:19:02,495 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2020-07-29 01:19:02,497 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2020-07-29 01:19:02,499 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2020-07-29 01:19:02,500 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2020-07-29 01:19:02,501 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2020-07-29 01:19:02,502 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2020-07-29 01:19:02,505 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2020-07-29 01:19:02,507 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2020-07-29 01:19:02,509 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2020-07-29 01:19:02,513 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2020-07-29 01:19:02,515 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2020-07-29 01:19:02,516 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2020-07-29 01:19:02,520 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2020-07-29 01:19:02,520 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2020-07-29 01:19:02,520 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2020-07-29 01:19:02,522 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2020-07-29 01:19:02,523 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2020-07-29 01:19:02,524 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2020-07-29 01:19:02,524 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2020-07-29 01:19:02,526 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2020-07-29 01:19:02,527 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2020-07-29 01:19:02,527 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2020-07-29 01:19:02,529 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2020-07-29 01:19:02,529 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2020-07-29 01:19:02,530 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2020-07-29 01:19:02,531 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2020-07-29 01:19:02,531 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2020-07-29 01:19:02,532 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2020-07-29 01:19:02,533 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2020-07-29 01:19:02,534 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-MemCleanup-32bit-Automizer_Default.epf [2020-07-29 01:19:02,564 INFO L113 SettingsManager]: Loading preferences was successful [2020-07-29 01:19:02,565 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2020-07-29 01:19:02,566 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2020-07-29 01:19:02,567 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2020-07-29 01:19:02,567 INFO L138 SettingsManager]: * Use SBE=true [2020-07-29 01:19:02,567 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2020-07-29 01:19:02,568 INFO L138 SettingsManager]: * sizeof long=4 [2020-07-29 01:19:02,568 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2020-07-29 01:19:02,568 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2020-07-29 01:19:02,568 INFO L138 SettingsManager]: * sizeof POINTER=4 [2020-07-29 01:19:02,569 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2020-07-29 01:19:02,570 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2020-07-29 01:19:02,570 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2020-07-29 01:19:02,571 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2020-07-29 01:19:02,571 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2020-07-29 01:19:02,571 INFO L138 SettingsManager]: * sizeof long double=12 [2020-07-29 01:19:02,571 INFO L138 SettingsManager]: * Use constant arrays=true [2020-07-29 01:19:02,572 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2020-07-29 01:19:02,572 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2020-07-29 01:19:02,572 INFO L138 SettingsManager]: * To the following directory=./dump/ [2020-07-29 01:19:02,573 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2020-07-29 01:19:02,573 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:19:02,573 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2020-07-29 01:19:02,574 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2020-07-29 01:19:02,574 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2020-07-29 01:19:02,574 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2020-07-29 01:19:02,574 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2020-07-29 01:19:02,575 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-memcleanup) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b651d63eb42259dfd3a213a6671e4c58ee528ad0 [2020-07-29 01:19:02,886 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2020-07-29 01:19:02,901 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2020-07-29 01:19:02,905 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2020-07-29 01:19:02,908 INFO L271 PluginConnector]: Initializing CDTParser... [2020-07-29 01:19:02,908 INFO L275 PluginConnector]: CDTParser initialized [2020-07-29 01:19:02,909 INFO L429 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/forester-heap/sll-circular-2.i [2020-07-29 01:19:02,971 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/392c1d3ee/f9f383a82026463fa1059edb5ad5e4ce/FLAGbb281ff9a [2020-07-29 01:19:03,474 INFO L306 CDTParser]: Found 1 translation units. [2020-07-29 01:19:03,475 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/forester-heap/sll-circular-2.i [2020-07-29 01:19:03,501 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/392c1d3ee/f9f383a82026463fa1059edb5ad5e4ce/FLAGbb281ff9a [2020-07-29 01:19:03,808 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/392c1d3ee/f9f383a82026463fa1059edb5ad5e4ce [2020-07-29 01:19:03,811 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2020-07-29 01:19:03,814 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2020-07-29 01:19:03,815 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2020-07-29 01:19:03,815 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2020-07-29 01:19:03,819 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2020-07-29 01:19:03,820 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:19:03" (1/1) ... [2020-07-29 01:19:03,824 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6ed5985d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:03, skipping insertion in model container [2020-07-29 01:19:03,825 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 29.07 01:19:03" (1/1) ... [2020-07-29 01:19:03,832 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2020-07-29 01:19:03,878 INFO L178 MainTranslator]: Built tables and reachable declarations [2020-07-29 01:19:04,256 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:19:04,267 INFO L203 MainTranslator]: Completed pre-run [2020-07-29 01:19:04,322 INFO L206 PostProcessor]: Analyzing one entry point: main [2020-07-29 01:19:04,386 INFO L208 MainTranslator]: Completed translation [2020-07-29 01:19:04,386 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04 WrapperNode [2020-07-29 01:19:04,386 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2020-07-29 01:19:04,387 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2020-07-29 01:19:04,387 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2020-07-29 01:19:04,387 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2020-07-29 01:19:04,402 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,402 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,419 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,420 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,448 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,456 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,459 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... [2020-07-29 01:19:04,466 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2020-07-29 01:19:04,467 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2020-07-29 01:19:04,467 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2020-07-29 01:19:04,467 INFO L275 PluginConnector]: RCFGBuilder initialized [2020-07-29 01:19:04,468 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2020-07-29 01:19:04,536 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2020-07-29 01:19:04,536 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2020-07-29 01:19:04,536 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2020-07-29 01:19:04,537 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2020-07-29 01:19:04,537 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2020-07-29 01:19:04,537 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2020-07-29 01:19:04,538 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2020-07-29 01:19:04,538 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2020-07-29 01:19:04,538 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2020-07-29 01:19:04,539 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2020-07-29 01:19:04,539 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2020-07-29 01:19:04,540 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2020-07-29 01:19:04,540 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2020-07-29 01:19:04,541 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2020-07-29 01:19:04,541 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2020-07-29 01:19:04,541 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2020-07-29 01:19:04,541 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2020-07-29 01:19:04,543 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2020-07-29 01:19:04,544 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2020-07-29 01:19:04,544 INFO L130 BoogieDeclarations]: Found specification of procedure select [2020-07-29 01:19:04,544 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2020-07-29 01:19:04,544 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2020-07-29 01:19:04,545 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2020-07-29 01:19:04,545 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2020-07-29 01:19:04,545 INFO L130 BoogieDeclarations]: Found specification of procedure random [2020-07-29 01:19:04,545 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2020-07-29 01:19:04,547 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2020-07-29 01:19:04,547 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2020-07-29 01:19:04,547 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2020-07-29 01:19:04,548 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2020-07-29 01:19:04,549 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2020-07-29 01:19:04,549 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2020-07-29 01:19:04,549 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2020-07-29 01:19:04,549 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2020-07-29 01:19:04,549 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2020-07-29 01:19:04,550 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2020-07-29 01:19:04,550 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2020-07-29 01:19:04,550 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2020-07-29 01:19:04,550 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2020-07-29 01:19:04,551 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2020-07-29 01:19:04,552 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2020-07-29 01:19:04,552 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2020-07-29 01:19:04,552 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2020-07-29 01:19:04,552 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2020-07-29 01:19:04,552 INFO L130 BoogieDeclarations]: Found specification of procedure free [2020-07-29 01:19:04,553 INFO L130 BoogieDeclarations]: Found specification of procedure cfree [2020-07-29 01:19:04,553 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2020-07-29 01:19:04,553 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2020-07-29 01:19:04,553 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2020-07-29 01:19:04,553 INFO L130 BoogieDeclarations]: Found specification of procedure aligned_alloc [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure at_quick_exit [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure quick_exit [2020-07-29 01:19:04,554 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2020-07-29 01:19:04,555 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2020-07-29 01:19:04,555 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2020-07-29 01:19:04,556 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2020-07-29 01:19:04,556 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2020-07-29 01:19:04,556 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2020-07-29 01:19:04,557 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2020-07-29 01:19:04,557 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2020-07-29 01:19:04,558 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2020-07-29 01:19:04,558 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2020-07-29 01:19:04,558 INFO L130 BoogieDeclarations]: Found specification of procedure system [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2020-07-29 01:19:04,559 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2020-07-29 01:19:04,560 INFO L130 BoogieDeclarations]: Found specification of procedure div [2020-07-29 01:19:04,560 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2020-07-29 01:19:04,561 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2020-07-29 01:19:04,562 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2020-07-29 01:19:04,563 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_error [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure main [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2020-07-29 01:19:04,564 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2020-07-29 01:19:04,565 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2020-07-29 01:19:04,565 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2020-07-29 01:19:05,433 INFO L290 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2020-07-29 01:19:05,434 INFO L295 CfgBuilder]: Removed 9 assume(true) statements. [2020-07-29 01:19:05,439 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:19:05 BoogieIcfgContainer [2020-07-29 01:19:05,439 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2020-07-29 01:19:05,440 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2020-07-29 01:19:05,440 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2020-07-29 01:19:05,444 INFO L275 PluginConnector]: TraceAbstraction initialized [2020-07-29 01:19:05,444 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 29.07 01:19:03" (1/3) ... [2020-07-29 01:19:05,445 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2491e133 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:19:05, skipping insertion in model container [2020-07-29 01:19:05,445 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 29.07 01:19:04" (2/3) ... [2020-07-29 01:19:05,446 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2491e133 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 29.07 01:19:05, skipping insertion in model container [2020-07-29 01:19:05,446 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:19:05" (3/3) ... [2020-07-29 01:19:05,448 INFO L109 eAbstractionObserver]: Analyzing ICFG sll-circular-2.i [2020-07-29 01:19:05,459 INFO L157 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2020-07-29 01:19:05,469 INFO L169 ceAbstractionStarter]: Appying trace abstraction to program that has 46 error locations. [2020-07-29 01:19:05,484 INFO L251 AbstractCegarLoop]: Starting to check reachability of 46 error locations. [2020-07-29 01:19:05,503 INFO L375 AbstractCegarLoop]: Interprodecural is true [2020-07-29 01:19:05,503 INFO L376 AbstractCegarLoop]: Hoare is false [2020-07-29 01:19:05,503 INFO L377 AbstractCegarLoop]: Compute interpolants for FPandBP [2020-07-29 01:19:05,504 INFO L378 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2020-07-29 01:19:05,504 INFO L379 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2020-07-29 01:19:05,504 INFO L380 AbstractCegarLoop]: Difference is false [2020-07-29 01:19:05,504 INFO L381 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2020-07-29 01:19:05,505 INFO L385 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2020-07-29 01:19:05,525 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states. [2020-07-29 01:19:05,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2020-07-29 01:19:05,536 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:05,537 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:05,538 INFO L427 AbstractCegarLoop]: === Iteration 1 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:05,545 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:05,545 INFO L82 PathProgramCache]: Analyzing trace with hash -393144633, now seen corresponding path program 1 times [2020-07-29 01:19:05,556 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:05,556 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1285128231] [2020-07-29 01:19:05,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:05,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:05,766 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:05,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:05,784 INFO L280 TraceCheckUtils]: 0: Hoare triple {115#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {109#true} is VALID [2020-07-29 01:19:05,785 INFO L280 TraceCheckUtils]: 1: Hoare triple {109#true} assume true; {109#true} is VALID [2020-07-29 01:19:05,786 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {109#true} {109#true} #197#return; {109#true} is VALID [2020-07-29 01:19:05,790 INFO L263 TraceCheckUtils]: 0: Hoare triple {109#true} call ULTIMATE.init(); {115#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:05,790 INFO L280 TraceCheckUtils]: 1: Hoare triple {115#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {109#true} is VALID [2020-07-29 01:19:05,790 INFO L280 TraceCheckUtils]: 2: Hoare triple {109#true} assume true; {109#true} is VALID [2020-07-29 01:19:05,791 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {109#true} {109#true} #197#return; {109#true} is VALID [2020-07-29 01:19:05,791 INFO L263 TraceCheckUtils]: 4: Hoare triple {109#true} call #t~ret17 := main(); {109#true} is VALID [2020-07-29 01:19:05,793 INFO L280 TraceCheckUtils]: 5: Hoare triple {109#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {114#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:05,794 INFO L280 TraceCheckUtils]: 6: Hoare triple {114#(= 1 (select |#valid| main_~head~0.base))} assume !(1 == #valid[~head~0.base]); {110#false} is VALID [2020-07-29 01:19:05,795 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:05,796 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1285128231] [2020-07-29 01:19:05,797 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:05,797 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2020-07-29 01:19:05,798 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1630808357] [2020-07-29 01:19:05,805 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 7 [2020-07-29 01:19:05,808 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:05,812 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2020-07-29 01:19:05,833 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 7 edges. 7 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:05,834 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2020-07-29 01:19:05,834 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:05,845 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2020-07-29 01:19:05,846 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:05,848 INFO L87 Difference]: Start difference. First operand 106 states. Second operand 4 states. [2020-07-29 01:19:06,462 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:06,465 INFO L93 Difference]: Finished difference Result 112 states and 119 transitions. [2020-07-29 01:19:06,466 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2020-07-29 01:19:06,466 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 7 [2020-07-29 01:19:06,467 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:06,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:06,509 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 136 transitions. [2020-07-29 01:19:06,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:06,518 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 136 transitions. [2020-07-29 01:19:06,518 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 136 transitions. [2020-07-29 01:19:06,727 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 136 edges. 136 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:06,747 INFO L225 Difference]: With dead ends: 112 [2020-07-29 01:19:06,747 INFO L226 Difference]: Without dead ends: 109 [2020-07-29 01:19:06,749 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:06,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2020-07-29 01:19:06,790 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 99. [2020-07-29 01:19:06,790 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:06,791 INFO L82 GeneralOperation]: Start isEquivalent. First operand 109 states. Second operand 99 states. [2020-07-29 01:19:06,792 INFO L74 IsIncluded]: Start isIncluded. First operand 109 states. Second operand 99 states. [2020-07-29 01:19:06,792 INFO L87 Difference]: Start difference. First operand 109 states. Second operand 99 states. [2020-07-29 01:19:06,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:06,803 INFO L93 Difference]: Finished difference Result 109 states and 116 transitions. [2020-07-29 01:19:06,804 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 116 transitions. [2020-07-29 01:19:06,805 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:06,805 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:06,806 INFO L74 IsIncluded]: Start isIncluded. First operand 99 states. Second operand 109 states. [2020-07-29 01:19:06,806 INFO L87 Difference]: Start difference. First operand 99 states. Second operand 109 states. [2020-07-29 01:19:06,816 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:06,816 INFO L93 Difference]: Finished difference Result 109 states and 116 transitions. [2020-07-29 01:19:06,816 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 116 transitions. [2020-07-29 01:19:06,818 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:06,818 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:06,819 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:06,819 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:06,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 99 states. [2020-07-29 01:19:06,826 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 99 states to 99 states and 105 transitions. [2020-07-29 01:19:06,827 INFO L78 Accepts]: Start accepts. Automaton has 99 states and 105 transitions. Word has length 7 [2020-07-29 01:19:06,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:06,828 INFO L479 AbstractCegarLoop]: Abstraction has 99 states and 105 transitions. [2020-07-29 01:19:06,828 INFO L480 AbstractCegarLoop]: Interpolant automaton has 4 states. [2020-07-29 01:19:06,829 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 105 transitions. [2020-07-29 01:19:06,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2020-07-29 01:19:06,829 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:06,830 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:06,830 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2020-07-29 01:19:06,831 INFO L427 AbstractCegarLoop]: === Iteration 2 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:06,831 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:06,831 INFO L82 PathProgramCache]: Analyzing trace with hash -393144632, now seen corresponding path program 1 times [2020-07-29 01:19:06,832 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:06,832 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [877910571] [2020-07-29 01:19:06,832 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:06,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:06,959 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:06,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:06,969 INFO L280 TraceCheckUtils]: 0: Hoare triple {553#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {547#true} is VALID [2020-07-29 01:19:06,969 INFO L280 TraceCheckUtils]: 1: Hoare triple {547#true} assume true; {547#true} is VALID [2020-07-29 01:19:06,970 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {547#true} {547#true} #197#return; {547#true} is VALID [2020-07-29 01:19:06,971 INFO L263 TraceCheckUtils]: 0: Hoare triple {547#true} call ULTIMATE.init(); {553#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:06,972 INFO L280 TraceCheckUtils]: 1: Hoare triple {553#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {547#true} is VALID [2020-07-29 01:19:06,972 INFO L280 TraceCheckUtils]: 2: Hoare triple {547#true} assume true; {547#true} is VALID [2020-07-29 01:19:06,973 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {547#true} {547#true} #197#return; {547#true} is VALID [2020-07-29 01:19:06,973 INFO L263 TraceCheckUtils]: 4: Hoare triple {547#true} call #t~ret17 := main(); {547#true} is VALID [2020-07-29 01:19:06,975 INFO L280 TraceCheckUtils]: 5: Hoare triple {547#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {552#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:06,976 INFO L280 TraceCheckUtils]: 6: Hoare triple {552#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} assume !(4 + ~head~0.offset <= #length[~head~0.base] && 0 <= ~head~0.offset); {548#false} is VALID [2020-07-29 01:19:06,977 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:06,978 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [877910571] [2020-07-29 01:19:06,978 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:06,978 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2020-07-29 01:19:06,979 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [8893444] [2020-07-29 01:19:06,981 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 7 [2020-07-29 01:19:06,982 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:06,982 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2020-07-29 01:19:06,994 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 7 edges. 7 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:06,994 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2020-07-29 01:19:06,995 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:06,995 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2020-07-29 01:19:06,996 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:06,996 INFO L87 Difference]: Start difference. First operand 99 states and 105 transitions. Second operand 4 states. [2020-07-29 01:19:07,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:07,531 INFO L93 Difference]: Finished difference Result 107 states and 113 transitions. [2020-07-29 01:19:07,531 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2020-07-29 01:19:07,532 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 7 [2020-07-29 01:19:07,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:07,532 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:07,539 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 117 transitions. [2020-07-29 01:19:07,539 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:07,543 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 117 transitions. [2020-07-29 01:19:07,543 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 117 transitions. [2020-07-29 01:19:07,737 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 117 edges. 117 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:07,741 INFO L225 Difference]: With dead ends: 107 [2020-07-29 01:19:07,741 INFO L226 Difference]: Without dead ends: 107 [2020-07-29 01:19:07,743 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:07,744 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2020-07-29 01:19:07,750 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 95. [2020-07-29 01:19:07,750 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:07,750 INFO L82 GeneralOperation]: Start isEquivalent. First operand 107 states. Second operand 95 states. [2020-07-29 01:19:07,751 INFO L74 IsIncluded]: Start isIncluded. First operand 107 states. Second operand 95 states. [2020-07-29 01:19:07,751 INFO L87 Difference]: Start difference. First operand 107 states. Second operand 95 states. [2020-07-29 01:19:07,756 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:07,756 INFO L93 Difference]: Finished difference Result 107 states and 113 transitions. [2020-07-29 01:19:07,757 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 113 transitions. [2020-07-29 01:19:07,758 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:07,758 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:07,758 INFO L74 IsIncluded]: Start isIncluded. First operand 95 states. Second operand 107 states. [2020-07-29 01:19:07,758 INFO L87 Difference]: Start difference. First operand 95 states. Second operand 107 states. [2020-07-29 01:19:07,764 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:07,764 INFO L93 Difference]: Finished difference Result 107 states and 113 transitions. [2020-07-29 01:19:07,764 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 113 transitions. [2020-07-29 01:19:07,765 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:07,765 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:07,766 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:07,766 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:07,766 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 95 states. [2020-07-29 01:19:07,770 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 101 transitions. [2020-07-29 01:19:07,771 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 101 transitions. Word has length 7 [2020-07-29 01:19:07,771 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:07,771 INFO L479 AbstractCegarLoop]: Abstraction has 95 states and 101 transitions. [2020-07-29 01:19:07,771 INFO L480 AbstractCegarLoop]: Interpolant automaton has 4 states. [2020-07-29 01:19:07,771 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 101 transitions. [2020-07-29 01:19:07,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2020-07-29 01:19:07,772 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:07,772 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:07,772 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2020-07-29 01:19:07,773 INFO L427 AbstractCegarLoop]: === Iteration 3 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:07,773 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:07,773 INFO L82 PathProgramCache]: Analyzing trace with hash -1494937539, now seen corresponding path program 1 times [2020-07-29 01:19:07,773 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:07,774 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [37941997] [2020-07-29 01:19:07,774 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:07,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:07,880 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:07,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:07,891 INFO L280 TraceCheckUtils]: 0: Hoare triple {979#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {972#true} is VALID [2020-07-29 01:19:07,891 INFO L280 TraceCheckUtils]: 1: Hoare triple {972#true} assume true; {972#true} is VALID [2020-07-29 01:19:07,892 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {972#true} {972#true} #197#return; {972#true} is VALID [2020-07-29 01:19:07,893 INFO L263 TraceCheckUtils]: 0: Hoare triple {972#true} call ULTIMATE.init(); {979#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:07,893 INFO L280 TraceCheckUtils]: 1: Hoare triple {979#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {972#true} is VALID [2020-07-29 01:19:07,893 INFO L280 TraceCheckUtils]: 2: Hoare triple {972#true} assume true; {972#true} is VALID [2020-07-29 01:19:07,894 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {972#true} {972#true} #197#return; {972#true} is VALID [2020-07-29 01:19:07,894 INFO L263 TraceCheckUtils]: 4: Hoare triple {972#true} call #t~ret17 := main(); {972#true} is VALID [2020-07-29 01:19:07,894 INFO L280 TraceCheckUtils]: 5: Hoare triple {972#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {972#true} is VALID [2020-07-29 01:19:07,895 INFO L280 TraceCheckUtils]: 6: Hoare triple {972#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {977#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:07,895 INFO L280 TraceCheckUtils]: 7: Hoare triple {977#(= 1 (select |#valid| main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {977#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:07,896 INFO L280 TraceCheckUtils]: 8: Hoare triple {977#(= 1 (select |#valid| main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {978#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:07,897 INFO L280 TraceCheckUtils]: 9: Hoare triple {978#(= 1 (select |#valid| main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {978#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:07,897 INFO L280 TraceCheckUtils]: 10: Hoare triple {978#(= 1 (select |#valid| main_~x~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {978#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:07,898 INFO L280 TraceCheckUtils]: 11: Hoare triple {978#(= 1 (select |#valid| main_~x~0.base))} assume !(1 == #valid[~x~0.base]); {973#false} is VALID [2020-07-29 01:19:07,899 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:07,899 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [37941997] [2020-07-29 01:19:07,899 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:07,899 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2020-07-29 01:19:07,900 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [230284507] [2020-07-29 01:19:07,900 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 12 [2020-07-29 01:19:07,900 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:07,901 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:19:07,916 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:07,916 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:19:07,917 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:07,917 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:19:07,918 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:19:07,918 INFO L87 Difference]: Start difference. First operand 95 states and 101 transitions. Second operand 5 states. [2020-07-29 01:19:08,432 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:08,432 INFO L93 Difference]: Finished difference Result 93 states and 100 transitions. [2020-07-29 01:19:08,432 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2020-07-29 01:19:08,433 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 12 [2020-07-29 01:19:08,433 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:08,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:19:08,437 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 112 transitions. [2020-07-29 01:19:08,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:19:08,441 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 112 transitions. [2020-07-29 01:19:08,441 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 112 transitions. [2020-07-29 01:19:08,564 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 112 edges. 112 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:08,566 INFO L225 Difference]: With dead ends: 93 [2020-07-29 01:19:08,567 INFO L226 Difference]: Without dead ends: 93 [2020-07-29 01:19:08,567 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:19:08,568 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2020-07-29 01:19:08,577 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 84. [2020-07-29 01:19:08,577 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:08,577 INFO L82 GeneralOperation]: Start isEquivalent. First operand 93 states. Second operand 84 states. [2020-07-29 01:19:08,578 INFO L74 IsIncluded]: Start isIncluded. First operand 93 states. Second operand 84 states. [2020-07-29 01:19:08,578 INFO L87 Difference]: Start difference. First operand 93 states. Second operand 84 states. [2020-07-29 01:19:08,584 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:08,584 INFO L93 Difference]: Finished difference Result 93 states and 100 transitions. [2020-07-29 01:19:08,584 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 100 transitions. [2020-07-29 01:19:08,585 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:08,586 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:08,586 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand 93 states. [2020-07-29 01:19:08,586 INFO L87 Difference]: Start difference. First operand 84 states. Second operand 93 states. [2020-07-29 01:19:08,592 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:08,592 INFO L93 Difference]: Finished difference Result 93 states and 100 transitions. [2020-07-29 01:19:08,592 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 100 transitions. [2020-07-29 01:19:08,593 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:08,593 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:08,594 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:08,594 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:08,594 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 84 states. [2020-07-29 01:19:08,598 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 90 transitions. [2020-07-29 01:19:08,599 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 90 transitions. Word has length 12 [2020-07-29 01:19:08,599 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:08,599 INFO L479 AbstractCegarLoop]: Abstraction has 84 states and 90 transitions. [2020-07-29 01:19:08,600 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:19:08,600 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 90 transitions. [2020-07-29 01:19:08,600 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2020-07-29 01:19:08,601 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:08,601 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:08,601 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2020-07-29 01:19:08,601 INFO L427 AbstractCegarLoop]: === Iteration 4 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:08,602 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:08,602 INFO L82 PathProgramCache]: Analyzing trace with hash -1494937538, now seen corresponding path program 1 times [2020-07-29 01:19:08,602 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:08,603 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1570369974] [2020-07-29 01:19:08,603 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:08,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:08,681 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:08,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:08,696 INFO L280 TraceCheckUtils]: 0: Hoare triple {1354#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1347#true} is VALID [2020-07-29 01:19:08,696 INFO L280 TraceCheckUtils]: 1: Hoare triple {1347#true} assume true; {1347#true} is VALID [2020-07-29 01:19:08,696 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {1347#true} {1347#true} #197#return; {1347#true} is VALID [2020-07-29 01:19:08,698 INFO L263 TraceCheckUtils]: 0: Hoare triple {1347#true} call ULTIMATE.init(); {1354#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:08,698 INFO L280 TraceCheckUtils]: 1: Hoare triple {1354#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1347#true} is VALID [2020-07-29 01:19:08,698 INFO L280 TraceCheckUtils]: 2: Hoare triple {1347#true} assume true; {1347#true} is VALID [2020-07-29 01:19:08,699 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1347#true} {1347#true} #197#return; {1347#true} is VALID [2020-07-29 01:19:08,699 INFO L263 TraceCheckUtils]: 4: Hoare triple {1347#true} call #t~ret17 := main(); {1347#true} is VALID [2020-07-29 01:19:08,700 INFO L280 TraceCheckUtils]: 5: Hoare triple {1347#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:08,701 INFO L280 TraceCheckUtils]: 6: Hoare triple {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:08,703 INFO L280 TraceCheckUtils]: 7: Hoare triple {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:08,705 INFO L280 TraceCheckUtils]: 8: Hoare triple {1352#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:08,707 INFO L280 TraceCheckUtils]: 9: Hoare triple {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:08,708 INFO L280 TraceCheckUtils]: 10: Hoare triple {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume !(0 != #t~nondet1);havoc #t~nondet1; {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:08,708 INFO L280 TraceCheckUtils]: 11: Hoare triple {1353#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume !(4 + (4 + ~x~0.offset) <= #length[~x~0.base] && 0 <= 4 + ~x~0.offset); {1348#false} is VALID [2020-07-29 01:19:08,709 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:08,710 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1570369974] [2020-07-29 01:19:08,710 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:08,710 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2020-07-29 01:19:08,710 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2128791910] [2020-07-29 01:19:08,711 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 12 [2020-07-29 01:19:08,711 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:08,711 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2020-07-29 01:19:08,725 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:08,726 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2020-07-29 01:19:08,726 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:08,726 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2020-07-29 01:19:08,726 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2020-07-29 01:19:08,726 INFO L87 Difference]: Start difference. First operand 84 states and 90 transitions. Second operand 5 states. [2020-07-29 01:19:09,326 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:09,327 INFO L93 Difference]: Finished difference Result 103 states and 110 transitions. [2020-07-29 01:19:09,327 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2020-07-29 01:19:09,327 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 12 [2020-07-29 01:19:09,327 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:09,327 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:19:09,330 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 113 transitions. [2020-07-29 01:19:09,330 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2020-07-29 01:19:09,332 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 113 transitions. [2020-07-29 01:19:09,333 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 113 transitions. [2020-07-29 01:19:09,487 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 113 edges. 113 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:09,490 INFO L225 Difference]: With dead ends: 103 [2020-07-29 01:19:09,490 INFO L226 Difference]: Without dead ends: 103 [2020-07-29 01:19:09,492 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:19:09,493 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2020-07-29 01:19:09,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 89. [2020-07-29 01:19:09,499 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:09,499 INFO L82 GeneralOperation]: Start isEquivalent. First operand 103 states. Second operand 89 states. [2020-07-29 01:19:09,499 INFO L74 IsIncluded]: Start isIncluded. First operand 103 states. Second operand 89 states. [2020-07-29 01:19:09,500 INFO L87 Difference]: Start difference. First operand 103 states. Second operand 89 states. [2020-07-29 01:19:09,503 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:09,504 INFO L93 Difference]: Finished difference Result 103 states and 110 transitions. [2020-07-29 01:19:09,504 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 110 transitions. [2020-07-29 01:19:09,504 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:09,504 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:09,505 INFO L74 IsIncluded]: Start isIncluded. First operand 89 states. Second operand 103 states. [2020-07-29 01:19:09,505 INFO L87 Difference]: Start difference. First operand 89 states. Second operand 103 states. [2020-07-29 01:19:09,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:09,509 INFO L93 Difference]: Finished difference Result 103 states and 110 transitions. [2020-07-29 01:19:09,509 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 110 transitions. [2020-07-29 01:19:09,509 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:09,509 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:09,510 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:09,510 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:09,510 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 89 states. [2020-07-29 01:19:09,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 96 transitions. [2020-07-29 01:19:09,513 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 96 transitions. Word has length 12 [2020-07-29 01:19:09,513 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:09,513 INFO L479 AbstractCegarLoop]: Abstraction has 89 states and 96 transitions. [2020-07-29 01:19:09,513 INFO L480 AbstractCegarLoop]: Interpolant automaton has 5 states. [2020-07-29 01:19:09,514 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 96 transitions. [2020-07-29 01:19:09,514 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2020-07-29 01:19:09,514 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:09,514 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:09,514 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2020-07-29 01:19:09,515 INFO L427 AbstractCegarLoop]: === Iteration 5 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:09,515 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:09,515 INFO L82 PathProgramCache]: Analyzing trace with hash -1168041069, now seen corresponding path program 1 times [2020-07-29 01:19:09,515 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:09,516 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1646042306] [2020-07-29 01:19:09,516 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:09,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:09,631 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:09,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:09,639 INFO L280 TraceCheckUtils]: 0: Hoare triple {1766#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1757#true} is VALID [2020-07-29 01:19:09,640 INFO L280 TraceCheckUtils]: 1: Hoare triple {1757#true} assume true; {1757#true} is VALID [2020-07-29 01:19:09,640 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {1757#true} {1757#true} #197#return; {1757#true} is VALID [2020-07-29 01:19:09,642 INFO L263 TraceCheckUtils]: 0: Hoare triple {1757#true} call ULTIMATE.init(); {1766#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:09,642 INFO L280 TraceCheckUtils]: 1: Hoare triple {1766#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {1757#true} is VALID [2020-07-29 01:19:09,642 INFO L280 TraceCheckUtils]: 2: Hoare triple {1757#true} assume true; {1757#true} is VALID [2020-07-29 01:19:09,643 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {1757#true} {1757#true} #197#return; {1757#true} is VALID [2020-07-29 01:19:09,643 INFO L263 TraceCheckUtils]: 4: Hoare triple {1757#true} call #t~ret17 := main(); {1757#true} is VALID [2020-07-29 01:19:09,643 INFO L280 TraceCheckUtils]: 5: Hoare triple {1757#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {1757#true} is VALID [2020-07-29 01:19:09,644 INFO L280 TraceCheckUtils]: 6: Hoare triple {1757#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {1757#true} is VALID [2020-07-29 01:19:09,644 INFO L280 TraceCheckUtils]: 7: Hoare triple {1757#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {1757#true} is VALID [2020-07-29 01:19:09,644 INFO L280 TraceCheckUtils]: 8: Hoare triple {1757#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {1757#true} is VALID [2020-07-29 01:19:09,644 INFO L280 TraceCheckUtils]: 9: Hoare triple {1757#true} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {1757#true} is VALID [2020-07-29 01:19:09,646 INFO L280 TraceCheckUtils]: 10: Hoare triple {1757#true} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {1762#(= (select |#valid| |main_#t~malloc2.base|) 1)} is VALID [2020-07-29 01:19:09,647 INFO L280 TraceCheckUtils]: 11: Hoare triple {1762#(= (select |#valid| |main_#t~malloc2.base|) 1)} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {1763#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:09,647 INFO L280 TraceCheckUtils]: 12: Hoare triple {1763#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {1764#(= 1 (select |#valid| |main_#t~mem3.base|))} is VALID [2020-07-29 01:19:09,648 INFO L280 TraceCheckUtils]: 13: Hoare triple {1764#(= 1 (select |#valid| |main_#t~mem3.base|))} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {1765#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:09,649 INFO L280 TraceCheckUtils]: 14: Hoare triple {1765#(= 1 (select |#valid| main_~x~0.base))} assume !(1 == #valid[~x~0.base]); {1758#false} is VALID [2020-07-29 01:19:09,650 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:09,650 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1646042306] [2020-07-29 01:19:09,650 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:09,650 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:19:09,651 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [958102904] [2020-07-29 01:19:09,651 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 15 [2020-07-29 01:19:09,651 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:09,651 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:19:09,669 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:09,669 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:19:09,669 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:09,670 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:19:09,670 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:19:09,670 INFO L87 Difference]: Start difference. First operand 89 states and 96 transitions. Second operand 7 states. [2020-07-29 01:19:10,866 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:10,866 INFO L93 Difference]: Finished difference Result 139 states and 149 transitions. [2020-07-29 01:19:10,866 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2020-07-29 01:19:10,866 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 15 [2020-07-29 01:19:10,866 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:10,867 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:10,870 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 149 transitions. [2020-07-29 01:19:10,870 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:10,872 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 149 transitions. [2020-07-29 01:19:10,873 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 149 transitions. [2020-07-29 01:19:11,051 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 149 edges. 149 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:11,054 INFO L225 Difference]: With dead ends: 139 [2020-07-29 01:19:11,054 INFO L226 Difference]: Without dead ends: 139 [2020-07-29 01:19:11,055 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:19:11,056 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 139 states. [2020-07-29 01:19:11,060 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 139 to 88. [2020-07-29 01:19:11,060 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:11,060 INFO L82 GeneralOperation]: Start isEquivalent. First operand 139 states. Second operand 88 states. [2020-07-29 01:19:11,060 INFO L74 IsIncluded]: Start isIncluded. First operand 139 states. Second operand 88 states. [2020-07-29 01:19:11,061 INFO L87 Difference]: Start difference. First operand 139 states. Second operand 88 states. [2020-07-29 01:19:11,065 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:11,065 INFO L93 Difference]: Finished difference Result 139 states and 149 transitions. [2020-07-29 01:19:11,066 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 149 transitions. [2020-07-29 01:19:11,066 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:11,066 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:11,066 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand 139 states. [2020-07-29 01:19:11,067 INFO L87 Difference]: Start difference. First operand 88 states. Second operand 139 states. [2020-07-29 01:19:11,071 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:11,071 INFO L93 Difference]: Finished difference Result 139 states and 149 transitions. [2020-07-29 01:19:11,071 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 149 transitions. [2020-07-29 01:19:11,072 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:11,072 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:11,072 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:11,072 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:11,072 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 88 states. [2020-07-29 01:19:11,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 95 transitions. [2020-07-29 01:19:11,075 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 95 transitions. Word has length 15 [2020-07-29 01:19:11,075 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:11,076 INFO L479 AbstractCegarLoop]: Abstraction has 88 states and 95 transitions. [2020-07-29 01:19:11,076 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:19:11,076 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 95 transitions. [2020-07-29 01:19:11,076 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2020-07-29 01:19:11,076 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:11,076 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:11,077 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2020-07-29 01:19:11,077 INFO L427 AbstractCegarLoop]: === Iteration 6 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:11,077 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:11,077 INFO L82 PathProgramCache]: Analyzing trace with hash -1168041068, now seen corresponding path program 1 times [2020-07-29 01:19:11,078 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:11,078 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [141388299] [2020-07-29 01:19:11,078 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:11,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:11,240 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:11,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:11,251 INFO L280 TraceCheckUtils]: 0: Hoare triple {2290#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2281#true} is VALID [2020-07-29 01:19:11,251 INFO L280 TraceCheckUtils]: 1: Hoare triple {2281#true} assume true; {2281#true} is VALID [2020-07-29 01:19:11,251 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {2281#true} {2281#true} #197#return; {2281#true} is VALID [2020-07-29 01:19:11,253 INFO L263 TraceCheckUtils]: 0: Hoare triple {2281#true} call ULTIMATE.init(); {2290#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:11,253 INFO L280 TraceCheckUtils]: 1: Hoare triple {2290#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2281#true} is VALID [2020-07-29 01:19:11,254 INFO L280 TraceCheckUtils]: 2: Hoare triple {2281#true} assume true; {2281#true} is VALID [2020-07-29 01:19:11,254 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2281#true} {2281#true} #197#return; {2281#true} is VALID [2020-07-29 01:19:11,254 INFO L263 TraceCheckUtils]: 4: Hoare triple {2281#true} call #t~ret17 := main(); {2281#true} is VALID [2020-07-29 01:19:11,255 INFO L280 TraceCheckUtils]: 5: Hoare triple {2281#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {2281#true} is VALID [2020-07-29 01:19:11,255 INFO L280 TraceCheckUtils]: 6: Hoare triple {2281#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {2281#true} is VALID [2020-07-29 01:19:11,255 INFO L280 TraceCheckUtils]: 7: Hoare triple {2281#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {2281#true} is VALID [2020-07-29 01:19:11,255 INFO L280 TraceCheckUtils]: 8: Hoare triple {2281#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {2281#true} is VALID [2020-07-29 01:19:11,256 INFO L280 TraceCheckUtils]: 9: Hoare triple {2281#true} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {2281#true} is VALID [2020-07-29 01:19:11,257 INFO L280 TraceCheckUtils]: 10: Hoare triple {2281#true} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {2286#(and (= 0 |main_#t~malloc2.offset|) (= 8 (select |#length| |main_#t~malloc2.base|)))} is VALID [2020-07-29 01:19:11,259 INFO L280 TraceCheckUtils]: 11: Hoare triple {2286#(and (= 0 |main_#t~malloc2.offset|) (= 8 (select |#length| |main_#t~malloc2.base|)))} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {2287#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:11,260 INFO L280 TraceCheckUtils]: 12: Hoare triple {2287#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {2288#(and (= 8 (select |#length| |main_#t~mem3.base|)) (= 0 |main_#t~mem3.offset|))} is VALID [2020-07-29 01:19:11,262 INFO L280 TraceCheckUtils]: 13: Hoare triple {2288#(and (= 8 (select |#length| |main_#t~mem3.base|)) (= 0 |main_#t~mem3.offset|))} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {2289#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:11,264 INFO L280 TraceCheckUtils]: 14: Hoare triple {2289#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume !(4 + ~x~0.offset <= #length[~x~0.base] && 0 <= ~x~0.offset); {2282#false} is VALID [2020-07-29 01:19:11,265 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:11,265 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [141388299] [2020-07-29 01:19:11,266 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:11,266 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2020-07-29 01:19:11,266 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [387619748] [2020-07-29 01:19:11,266 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 15 [2020-07-29 01:19:11,267 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:11,267 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:19:11,286 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:11,286 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:19:11,286 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:11,287 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:19:11,287 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:19:11,287 INFO L87 Difference]: Start difference. First operand 88 states and 95 transitions. Second operand 7 states. [2020-07-29 01:19:12,695 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:12,696 INFO L93 Difference]: Finished difference Result 137 states and 146 transitions. [2020-07-29 01:19:12,696 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:19:12,696 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 15 [2020-07-29 01:19:12,696 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:12,696 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:12,699 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 151 transitions. [2020-07-29 01:19:12,699 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:12,702 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 151 transitions. [2020-07-29 01:19:12,702 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 151 transitions. [2020-07-29 01:19:12,889 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 151 edges. 151 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:12,894 INFO L225 Difference]: With dead ends: 137 [2020-07-29 01:19:12,894 INFO L226 Difference]: Without dead ends: 137 [2020-07-29 01:19:12,895 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:19:12,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 137 states. [2020-07-29 01:19:12,903 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 137 to 78. [2020-07-29 01:19:12,903 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:12,903 INFO L82 GeneralOperation]: Start isEquivalent. First operand 137 states. Second operand 78 states. [2020-07-29 01:19:12,903 INFO L74 IsIncluded]: Start isIncluded. First operand 137 states. Second operand 78 states. [2020-07-29 01:19:12,904 INFO L87 Difference]: Start difference. First operand 137 states. Second operand 78 states. [2020-07-29 01:19:12,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:12,909 INFO L93 Difference]: Finished difference Result 137 states and 146 transitions. [2020-07-29 01:19:12,909 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 146 transitions. [2020-07-29 01:19:12,910 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:12,910 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:12,910 INFO L74 IsIncluded]: Start isIncluded. First operand 78 states. Second operand 137 states. [2020-07-29 01:19:12,910 INFO L87 Difference]: Start difference. First operand 78 states. Second operand 137 states. [2020-07-29 01:19:12,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:12,914 INFO L93 Difference]: Finished difference Result 137 states and 146 transitions. [2020-07-29 01:19:12,914 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 146 transitions. [2020-07-29 01:19:12,914 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:12,914 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:12,915 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:12,915 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:12,915 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 78 states. [2020-07-29 01:19:12,917 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 84 transitions. [2020-07-29 01:19:12,917 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 84 transitions. Word has length 15 [2020-07-29 01:19:12,918 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:12,918 INFO L479 AbstractCegarLoop]: Abstraction has 78 states and 84 transitions. [2020-07-29 01:19:12,918 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:19:12,918 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 84 transitions. [2020-07-29 01:19:12,919 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2020-07-29 01:19:12,919 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:12,919 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:12,919 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2020-07-29 01:19:12,920 INFO L427 AbstractCegarLoop]: === Iteration 7 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:12,920 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:12,920 INFO L82 PathProgramCache]: Analyzing trace with hash -1857169056, now seen corresponding path program 1 times [2020-07-29 01:19:12,921 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:12,921 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1188230102] [2020-07-29 01:19:12,921 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:12,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:13,148 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:13,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:13,171 INFO L280 TraceCheckUtils]: 0: Hoare triple {2804#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2793#true} is VALID [2020-07-29 01:19:13,171 INFO L280 TraceCheckUtils]: 1: Hoare triple {2793#true} assume true; {2793#true} is VALID [2020-07-29 01:19:13,172 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {2793#true} {2793#true} #197#return; {2793#true} is VALID [2020-07-29 01:19:13,173 INFO L263 TraceCheckUtils]: 0: Hoare triple {2793#true} call ULTIMATE.init(); {2804#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:13,173 INFO L280 TraceCheckUtils]: 1: Hoare triple {2804#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {2793#true} is VALID [2020-07-29 01:19:13,174 INFO L280 TraceCheckUtils]: 2: Hoare triple {2793#true} assume true; {2793#true} is VALID [2020-07-29 01:19:13,174 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {2793#true} {2793#true} #197#return; {2793#true} is VALID [2020-07-29 01:19:13,174 INFO L263 TraceCheckUtils]: 4: Hoare triple {2793#true} call #t~ret17 := main(); {2793#true} is VALID [2020-07-29 01:19:13,178 INFO L280 TraceCheckUtils]: 5: Hoare triple {2793#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {2798#(and (not (= 0 main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:13,182 INFO L280 TraceCheckUtils]: 6: Hoare triple {2798#(and (not (= 0 main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {2799#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:13,186 INFO L280 TraceCheckUtils]: 7: Hoare triple {2799#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {2799#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:13,187 INFO L280 TraceCheckUtils]: 8: Hoare triple {2799#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:13,188 INFO L280 TraceCheckUtils]: 9: Hoare triple {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:13,189 INFO L280 TraceCheckUtils]: 10: Hoare triple {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume !(0 != #t~nondet1);havoc #t~nondet1; {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:13,191 INFO L280 TraceCheckUtils]: 11: Hoare triple {2800#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.base main_~x~0.base) (not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {2801#(not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:13,192 INFO L280 TraceCheckUtils]: 12: Hoare triple {2801#(not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {2802#(not (= 0 |main_#t~mem5.base|))} is VALID [2020-07-29 01:19:13,193 INFO L280 TraceCheckUtils]: 13: Hoare triple {2802#(not (= 0 |main_#t~mem5.base|))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {2803#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:13,200 INFO L280 TraceCheckUtils]: 14: Hoare triple {2803#(not (= 0 main_~x~0.base))} assume !(0 != ~x~0.base || 0 != ~x~0.offset); {2794#false} is VALID [2020-07-29 01:19:13,200 INFO L280 TraceCheckUtils]: 15: Hoare triple {2794#false} assume !false; {2794#false} is VALID [2020-07-29 01:19:13,202 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:13,202 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1188230102] [2020-07-29 01:19:13,202 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:13,202 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2020-07-29 01:19:13,203 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [593841086] [2020-07-29 01:19:13,203 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 16 [2020-07-29 01:19:13,203 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:13,203 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:13,223 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:13,223 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:13,223 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:13,223 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:13,224 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:13,224 INFO L87 Difference]: Start difference. First operand 78 states and 84 transitions. Second operand 9 states. [2020-07-29 01:19:14,423 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:14,423 INFO L93 Difference]: Finished difference Result 166 states and 177 transitions. [2020-07-29 01:19:14,423 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:19:14,424 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 16 [2020-07-29 01:19:14,424 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:14,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:14,427 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 178 transitions. [2020-07-29 01:19:14,427 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:14,430 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 178 transitions. [2020-07-29 01:19:14,430 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 178 transitions. [2020-07-29 01:19:14,650 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 178 edges. 178 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:14,654 INFO L225 Difference]: With dead ends: 166 [2020-07-29 01:19:14,655 INFO L226 Difference]: Without dead ends: 166 [2020-07-29 01:19:14,655 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=56, Invalid=126, Unknown=0, NotChecked=0, Total=182 [2020-07-29 01:19:14,656 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 166 states. [2020-07-29 01:19:14,659 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 166 to 84. [2020-07-29 01:19:14,659 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:14,660 INFO L82 GeneralOperation]: Start isEquivalent. First operand 166 states. Second operand 84 states. [2020-07-29 01:19:14,660 INFO L74 IsIncluded]: Start isIncluded. First operand 166 states. Second operand 84 states. [2020-07-29 01:19:14,660 INFO L87 Difference]: Start difference. First operand 166 states. Second operand 84 states. [2020-07-29 01:19:14,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:14,665 INFO L93 Difference]: Finished difference Result 166 states and 177 transitions. [2020-07-29 01:19:14,665 INFO L276 IsEmpty]: Start isEmpty. Operand 166 states and 177 transitions. [2020-07-29 01:19:14,666 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:14,666 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:14,666 INFO L74 IsIncluded]: Start isIncluded. First operand 84 states. Second operand 166 states. [2020-07-29 01:19:14,667 INFO L87 Difference]: Start difference. First operand 84 states. Second operand 166 states. [2020-07-29 01:19:14,672 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:14,672 INFO L93 Difference]: Finished difference Result 166 states and 177 transitions. [2020-07-29 01:19:14,672 INFO L276 IsEmpty]: Start isEmpty. Operand 166 states and 177 transitions. [2020-07-29 01:19:14,672 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:14,672 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:14,673 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:14,673 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:14,673 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 84 states. [2020-07-29 01:19:14,674 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 91 transitions. [2020-07-29 01:19:14,675 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 91 transitions. Word has length 16 [2020-07-29 01:19:14,675 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:14,675 INFO L479 AbstractCegarLoop]: Abstraction has 84 states and 91 transitions. [2020-07-29 01:19:14,675 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:14,676 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 91 transitions. [2020-07-29 01:19:14,676 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:19:14,676 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:14,676 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:14,677 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2020-07-29 01:19:14,677 INFO L427 AbstractCegarLoop]: === Iteration 8 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:14,677 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:14,678 INFO L82 PathProgramCache]: Analyzing trace with hash -1737661726, now seen corresponding path program 1 times [2020-07-29 01:19:14,678 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:14,678 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [467636372] [2020-07-29 01:19:14,679 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:14,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:14,860 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:14,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:14,864 INFO L280 TraceCheckUtils]: 0: Hoare triple {3410#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3399#true} is VALID [2020-07-29 01:19:14,865 INFO L280 TraceCheckUtils]: 1: Hoare triple {3399#true} assume true; {3399#true} is VALID [2020-07-29 01:19:14,865 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {3399#true} {3399#true} #197#return; {3399#true} is VALID [2020-07-29 01:19:14,866 INFO L263 TraceCheckUtils]: 0: Hoare triple {3399#true} call ULTIMATE.init(); {3410#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:14,867 INFO L280 TraceCheckUtils]: 1: Hoare triple {3410#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3399#true} is VALID [2020-07-29 01:19:14,867 INFO L280 TraceCheckUtils]: 2: Hoare triple {3399#true} assume true; {3399#true} is VALID [2020-07-29 01:19:14,867 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3399#true} {3399#true} #197#return; {3399#true} is VALID [2020-07-29 01:19:14,867 INFO L263 TraceCheckUtils]: 4: Hoare triple {3399#true} call #t~ret17 := main(); {3399#true} is VALID [2020-07-29 01:19:14,869 INFO L280 TraceCheckUtils]: 5: Hoare triple {3399#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {3404#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:14,870 INFO L280 TraceCheckUtils]: 6: Hoare triple {3404#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {3405#(and (= 1 (select |#valid| main_~head~0.base)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,872 INFO L280 TraceCheckUtils]: 7: Hoare triple {3405#(and (= 1 (select |#valid| main_~head~0.base)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {3405#(and (= 1 (select |#valid| main_~head~0.base)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,873 INFO L280 TraceCheckUtils]: 8: Hoare triple {3405#(and (= 1 (select |#valid| main_~head~0.base)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,874 INFO L280 TraceCheckUtils]: 9: Hoare triple {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,875 INFO L280 TraceCheckUtils]: 10: Hoare triple {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,877 INFO L280 TraceCheckUtils]: 11: Hoare triple {3406#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {3407#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:14,879 INFO L280 TraceCheckUtils]: 12: Hoare triple {3407#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {3408#(= (select |#valid| |main_#t~mem5.base|) 1)} is VALID [2020-07-29 01:19:14,879 INFO L280 TraceCheckUtils]: 13: Hoare triple {3408#(= (select |#valid| |main_#t~mem5.base|) 1)} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3409#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:14,880 INFO L280 TraceCheckUtils]: 14: Hoare triple {3409#(= 1 (select |#valid| main_~x~0.base))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {3409#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:14,881 INFO L280 TraceCheckUtils]: 15: Hoare triple {3409#(= 1 (select |#valid| main_~x~0.base))} goto; {3409#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:14,882 INFO L280 TraceCheckUtils]: 16: Hoare triple {3409#(= 1 (select |#valid| main_~x~0.base))} assume !(1 == #valid[~x~0.base]); {3400#false} is VALID [2020-07-29 01:19:14,883 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:14,883 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [467636372] [2020-07-29 01:19:14,883 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:14,884 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2020-07-29 01:19:14,884 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1269440652] [2020-07-29 01:19:14,884 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:19:14,884 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:14,885 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:14,906 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:14,906 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:14,906 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:14,906 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:14,907 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:14,907 INFO L87 Difference]: Start difference. First operand 84 states and 91 transitions. Second operand 9 states. [2020-07-29 01:19:15,965 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:15,965 INFO L93 Difference]: Finished difference Result 125 states and 135 transitions. [2020-07-29 01:19:15,965 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:19:15,966 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:19:15,966 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:15,966 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:15,972 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 136 transitions. [2020-07-29 01:19:15,972 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:15,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 136 transitions. [2020-07-29 01:19:15,977 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 136 transitions. [2020-07-29 01:19:16,201 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 136 edges. 136 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:16,205 INFO L225 Difference]: With dead ends: 125 [2020-07-29 01:19:16,205 INFO L226 Difference]: Without dead ends: 125 [2020-07-29 01:19:16,206 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=50, Invalid=106, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:19:16,209 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2020-07-29 01:19:16,222 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 86. [2020-07-29 01:19:16,223 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:16,223 INFO L82 GeneralOperation]: Start isEquivalent. First operand 125 states. Second operand 86 states. [2020-07-29 01:19:16,224 INFO L74 IsIncluded]: Start isIncluded. First operand 125 states. Second operand 86 states. [2020-07-29 01:19:16,224 INFO L87 Difference]: Start difference. First operand 125 states. Second operand 86 states. [2020-07-29 01:19:16,232 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:16,233 INFO L93 Difference]: Finished difference Result 125 states and 135 transitions. [2020-07-29 01:19:16,233 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 135 transitions. [2020-07-29 01:19:16,234 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:16,234 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:16,234 INFO L74 IsIncluded]: Start isIncluded. First operand 86 states. Second operand 125 states. [2020-07-29 01:19:16,235 INFO L87 Difference]: Start difference. First operand 86 states. Second operand 125 states. [2020-07-29 01:19:16,241 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:16,241 INFO L93 Difference]: Finished difference Result 125 states and 135 transitions. [2020-07-29 01:19:16,241 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 135 transitions. [2020-07-29 01:19:16,242 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:16,243 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:16,243 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:16,243 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:16,243 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 86 states. [2020-07-29 01:19:16,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 94 transitions. [2020-07-29 01:19:16,247 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 94 transitions. Word has length 17 [2020-07-29 01:19:16,247 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:16,248 INFO L479 AbstractCegarLoop]: Abstraction has 86 states and 94 transitions. [2020-07-29 01:19:16,248 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:16,248 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 94 transitions. [2020-07-29 01:19:16,249 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2020-07-29 01:19:16,249 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:16,249 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:16,249 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2020-07-29 01:19:16,251 INFO L427 AbstractCegarLoop]: === Iteration 9 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:16,252 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:16,252 INFO L82 PathProgramCache]: Analyzing trace with hash -1737661725, now seen corresponding path program 1 times [2020-07-29 01:19:16,252 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:16,253 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1438306284] [2020-07-29 01:19:16,253 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:16,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:16,539 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:16,540 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:16,543 INFO L280 TraceCheckUtils]: 0: Hoare triple {3893#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3882#true} is VALID [2020-07-29 01:19:16,544 INFO L280 TraceCheckUtils]: 1: Hoare triple {3882#true} assume true; {3882#true} is VALID [2020-07-29 01:19:16,544 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {3882#true} {3882#true} #197#return; {3882#true} is VALID [2020-07-29 01:19:16,545 INFO L263 TraceCheckUtils]: 0: Hoare triple {3882#true} call ULTIMATE.init(); {3893#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:16,545 INFO L280 TraceCheckUtils]: 1: Hoare triple {3893#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {3882#true} is VALID [2020-07-29 01:19:16,546 INFO L280 TraceCheckUtils]: 2: Hoare triple {3882#true} assume true; {3882#true} is VALID [2020-07-29 01:19:16,546 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {3882#true} {3882#true} #197#return; {3882#true} is VALID [2020-07-29 01:19:16,546 INFO L263 TraceCheckUtils]: 4: Hoare triple {3882#true} call #t~ret17 := main(); {3882#true} is VALID [2020-07-29 01:19:16,548 INFO L280 TraceCheckUtils]: 5: Hoare triple {3882#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {3887#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:16,549 INFO L280 TraceCheckUtils]: 6: Hoare triple {3887#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {3888#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:16,551 INFO L280 TraceCheckUtils]: 7: Hoare triple {3888#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {3888#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:16,552 INFO L280 TraceCheckUtils]: 8: Hoare triple {3888#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:16,553 INFO L280 TraceCheckUtils]: 9: Hoare triple {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:16,554 INFO L280 TraceCheckUtils]: 10: Hoare triple {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume !(0 != #t~nondet1);havoc #t~nondet1; {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:16,556 INFO L280 TraceCheckUtils]: 11: Hoare triple {3889#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {3890#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:16,557 INFO L280 TraceCheckUtils]: 12: Hoare triple {3890#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {3891#(and (= 0 |main_#t~mem5.offset|) (= 8 (select |#length| |main_#t~mem5.base|)))} is VALID [2020-07-29 01:19:16,558 INFO L280 TraceCheckUtils]: 13: Hoare triple {3891#(and (= 0 |main_#t~mem5.offset|) (= 8 (select |#length| |main_#t~mem5.base|)))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:16,559 INFO L280 TraceCheckUtils]: 14: Hoare triple {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:16,560 INFO L280 TraceCheckUtils]: 15: Hoare triple {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} goto; {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:16,561 INFO L280 TraceCheckUtils]: 16: Hoare triple {3892#(and (= 8 (select |#length| main_~x~0.base)) (= main_~x~0.offset 0))} assume !(4 + (4 + ~x~0.offset) <= #length[~x~0.base] && 0 <= 4 + ~x~0.offset); {3883#false} is VALID [2020-07-29 01:19:16,564 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:16,564 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1438306284] [2020-07-29 01:19:16,564 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:16,564 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2020-07-29 01:19:16,565 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1022218950] [2020-07-29 01:19:16,565 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:19:16,565 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:16,566 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:16,590 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:16,590 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:16,591 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:16,591 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:16,592 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:16,592 INFO L87 Difference]: Start difference. First operand 86 states and 94 transitions. Second operand 9 states. [2020-07-29 01:19:18,135 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:18,135 INFO L93 Difference]: Finished difference Result 160 states and 171 transitions. [2020-07-29 01:19:18,136 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:19:18,136 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 17 [2020-07-29 01:19:18,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:18,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:18,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 176 transitions. [2020-07-29 01:19:18,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:18,156 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 176 transitions. [2020-07-29 01:19:18,158 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 176 transitions. [2020-07-29 01:19:18,430 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 176 edges. 176 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:18,433 INFO L225 Difference]: With dead ends: 160 [2020-07-29 01:19:18,434 INFO L226 Difference]: Without dead ends: 160 [2020-07-29 01:19:18,434 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=56, Invalid=126, Unknown=0, NotChecked=0, Total=182 [2020-07-29 01:19:18,436 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2020-07-29 01:19:18,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 98. [2020-07-29 01:19:18,444 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:18,444 INFO L82 GeneralOperation]: Start isEquivalent. First operand 160 states. Second operand 98 states. [2020-07-29 01:19:18,444 INFO L74 IsIncluded]: Start isIncluded. First operand 160 states. Second operand 98 states. [2020-07-29 01:19:18,445 INFO L87 Difference]: Start difference. First operand 160 states. Second operand 98 states. [2020-07-29 01:19:18,450 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:18,450 INFO L93 Difference]: Finished difference Result 160 states and 171 transitions. [2020-07-29 01:19:18,451 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 171 transitions. [2020-07-29 01:19:18,451 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:18,451 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:18,452 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand 160 states. [2020-07-29 01:19:18,452 INFO L87 Difference]: Start difference. First operand 98 states. Second operand 160 states. [2020-07-29 01:19:18,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:18,456 INFO L93 Difference]: Finished difference Result 160 states and 171 transitions. [2020-07-29 01:19:18,456 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 171 transitions. [2020-07-29 01:19:18,456 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:18,457 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:18,457 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:18,457 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:18,457 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 98 states. [2020-07-29 01:19:18,459 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 112 transitions. [2020-07-29 01:19:18,459 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 112 transitions. Word has length 17 [2020-07-29 01:19:18,459 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:18,460 INFO L479 AbstractCegarLoop]: Abstraction has 98 states and 112 transitions. [2020-07-29 01:19:18,460 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:18,460 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 112 transitions. [2020-07-29 01:19:18,460 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2020-07-29 01:19:18,460 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:18,461 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:18,461 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2020-07-29 01:19:18,461 INFO L427 AbstractCegarLoop]: === Iteration 10 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:18,462 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:18,462 INFO L82 PathProgramCache]: Analyzing trace with hash 560416014, now seen corresponding path program 1 times [2020-07-29 01:19:18,462 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:18,469 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [334075236] [2020-07-29 01:19:18,469 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:18,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:18,725 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:18,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:18,731 INFO L280 TraceCheckUtils]: 0: Hoare triple {4496#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {4484#true} is VALID [2020-07-29 01:19:18,731 INFO L280 TraceCheckUtils]: 1: Hoare triple {4484#true} assume true; {4484#true} is VALID [2020-07-29 01:19:18,731 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {4484#true} {4484#true} #197#return; {4484#true} is VALID [2020-07-29 01:19:18,732 INFO L263 TraceCheckUtils]: 0: Hoare triple {4484#true} call ULTIMATE.init(); {4496#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:18,733 INFO L280 TraceCheckUtils]: 1: Hoare triple {4496#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {4484#true} is VALID [2020-07-29 01:19:18,733 INFO L280 TraceCheckUtils]: 2: Hoare triple {4484#true} assume true; {4484#true} is VALID [2020-07-29 01:19:18,733 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {4484#true} {4484#true} #197#return; {4484#true} is VALID [2020-07-29 01:19:18,734 INFO L263 TraceCheckUtils]: 4: Hoare triple {4484#true} call #t~ret17 := main(); {4484#true} is VALID [2020-07-29 01:19:18,734 INFO L280 TraceCheckUtils]: 5: Hoare triple {4484#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {4489#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:18,736 INFO L280 TraceCheckUtils]: 6: Hoare triple {4489#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {4490#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,737 INFO L280 TraceCheckUtils]: 7: Hoare triple {4490#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {4490#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,739 INFO L280 TraceCheckUtils]: 8: Hoare triple {4490#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,739 INFO L280 TraceCheckUtils]: 9: Hoare triple {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,740 INFO L280 TraceCheckUtils]: 10: Hoare triple {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,742 INFO L280 TraceCheckUtils]: 11: Hoare triple {4491#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {4492#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:18,743 INFO L280 TraceCheckUtils]: 12: Hoare triple {4492#(and (= 1 (select |#valid| main_~head~0.base)) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {4493#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|)))} is VALID [2020-07-29 01:19:18,744 INFO L280 TraceCheckUtils]: 13: Hoare triple {4493#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|)))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:18,745 INFO L280 TraceCheckUtils]: 14: Hoare triple {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:18,746 INFO L280 TraceCheckUtils]: 15: Hoare triple {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} goto; {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:18,746 INFO L280 TraceCheckUtils]: 16: Hoare triple {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:18,747 INFO L280 TraceCheckUtils]: 17: Hoare triple {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != #t~mem6);havoc #t~mem6; {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:18,748 INFO L280 TraceCheckUtils]: 18: Hoare triple {4494#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-13 {4495#(= 1 (select |#valid| |main_#t~mem7.base|))} is VALID [2020-07-29 01:19:18,749 INFO L280 TraceCheckUtils]: 19: Hoare triple {4495#(= 1 (select |#valid| |main_#t~mem7.base|))} assume !(1 == #valid[#t~mem7.base]); {4485#false} is VALID [2020-07-29 01:19:18,751 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:18,751 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [334075236] [2020-07-29 01:19:18,752 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:18,752 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2020-07-29 01:19:18,752 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1206000099] [2020-07-29 01:19:18,752 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 20 [2020-07-29 01:19:18,753 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:18,753 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:19:18,778 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:18,778 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:19:18,779 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:18,779 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:19:18,779 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:19:18,780 INFO L87 Difference]: Start difference. First operand 98 states and 112 transitions. Second operand 10 states. [2020-07-29 01:19:20,232 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:20,232 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:20,232 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2020-07-29 01:19:20,232 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 20 [2020-07-29 01:19:20,233 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:20,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:19:20,234 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 157 transitions. [2020-07-29 01:19:20,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:19:20,235 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 157 transitions. [2020-07-29 01:19:20,235 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 157 transitions. [2020-07-29 01:19:20,455 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 157 edges. 157 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:20,458 INFO L225 Difference]: With dead ends: 144 [2020-07-29 01:19:20,458 INFO L226 Difference]: Without dead ends: 144 [2020-07-29 01:19:20,458 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 23 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=65, Invalid=175, Unknown=0, NotChecked=0, Total=240 [2020-07-29 01:19:20,459 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2020-07-29 01:19:20,461 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 98. [2020-07-29 01:19:20,461 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:20,462 INFO L82 GeneralOperation]: Start isEquivalent. First operand 144 states. Second operand 98 states. [2020-07-29 01:19:20,462 INFO L74 IsIncluded]: Start isIncluded. First operand 144 states. Second operand 98 states. [2020-07-29 01:19:20,462 INFO L87 Difference]: Start difference. First operand 144 states. Second operand 98 states. [2020-07-29 01:19:20,465 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:20,465 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:20,466 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 156 transitions. [2020-07-29 01:19:20,466 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:20,466 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:20,467 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand 144 states. [2020-07-29 01:19:20,467 INFO L87 Difference]: Start difference. First operand 98 states. Second operand 144 states. [2020-07-29 01:19:20,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:20,470 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:20,471 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 156 transitions. [2020-07-29 01:19:20,471 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:20,471 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:20,472 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:20,472 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:20,472 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 98 states. [2020-07-29 01:19:20,474 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 111 transitions. [2020-07-29 01:19:20,474 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 111 transitions. Word has length 20 [2020-07-29 01:19:20,474 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:20,475 INFO L479 AbstractCegarLoop]: Abstraction has 98 states and 111 transitions. [2020-07-29 01:19:20,475 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:19:20,475 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 111 transitions. [2020-07-29 01:19:20,475 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2020-07-29 01:19:20,476 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:20,476 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:20,476 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2020-07-29 01:19:20,476 INFO L427 AbstractCegarLoop]: === Iteration 11 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:20,477 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:20,477 INFO L82 PathProgramCache]: Analyzing trace with hash 560416015, now seen corresponding path program 1 times [2020-07-29 01:19:20,477 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:20,478 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1825785604] [2020-07-29 01:19:20,478 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:20,491 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:20,756 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:20,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:20,767 INFO L280 TraceCheckUtils]: 0: Hoare triple {5052#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {5041#true} is VALID [2020-07-29 01:19:20,767 INFO L280 TraceCheckUtils]: 1: Hoare triple {5041#true} assume true; {5041#true} is VALID [2020-07-29 01:19:20,767 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {5041#true} {5041#true} #197#return; {5041#true} is VALID [2020-07-29 01:19:20,769 INFO L263 TraceCheckUtils]: 0: Hoare triple {5041#true} call ULTIMATE.init(); {5052#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:20,769 INFO L280 TraceCheckUtils]: 1: Hoare triple {5052#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {5041#true} is VALID [2020-07-29 01:19:20,770 INFO L280 TraceCheckUtils]: 2: Hoare triple {5041#true} assume true; {5041#true} is VALID [2020-07-29 01:19:20,770 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5041#true} {5041#true} #197#return; {5041#true} is VALID [2020-07-29 01:19:20,770 INFO L263 TraceCheckUtils]: 4: Hoare triple {5041#true} call #t~ret17 := main(); {5041#true} is VALID [2020-07-29 01:19:20,771 INFO L280 TraceCheckUtils]: 5: Hoare triple {5041#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {5046#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:20,773 INFO L280 TraceCheckUtils]: 6: Hoare triple {5046#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:20,775 INFO L280 TraceCheckUtils]: 7: Hoare triple {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:20,776 INFO L280 TraceCheckUtils]: 8: Hoare triple {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:20,777 INFO L280 TraceCheckUtils]: 9: Hoare triple {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:20,778 INFO L280 TraceCheckUtils]: 10: Hoare triple {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume !(0 != #t~nondet1);havoc #t~nondet1; {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:20,780 INFO L280 TraceCheckUtils]: 11: Hoare triple {5048#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:20,781 INFO L280 TraceCheckUtils]: 12: Hoare triple {5047#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {5049#(and (= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|)) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|))))} is VALID [2020-07-29 01:19:20,782 INFO L280 TraceCheckUtils]: 13: Hoare triple {5049#(and (= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|)) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|))))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:20,783 INFO L280 TraceCheckUtils]: 14: Hoare triple {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:20,784 INFO L280 TraceCheckUtils]: 15: Hoare triple {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} goto; {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:20,785 INFO L280 TraceCheckUtils]: 16: Hoare triple {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:20,786 INFO L280 TraceCheckUtils]: 17: Hoare triple {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != #t~mem6);havoc #t~mem6; {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:20,787 INFO L280 TraceCheckUtils]: 18: Hoare triple {5050#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-13 {5051#(and (= 0 |main_#t~mem7.offset|) (= 8 (select |#length| |main_#t~mem7.base|)))} is VALID [2020-07-29 01:19:20,788 INFO L280 TraceCheckUtils]: 19: Hoare triple {5051#(and (= 0 |main_#t~mem7.offset|) (= 8 (select |#length| |main_#t~mem7.base|)))} assume !(4 + (4 + #t~mem7.offset) <= #length[#t~mem7.base] && 0 <= 4 + #t~mem7.offset); {5042#false} is VALID [2020-07-29 01:19:20,791 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:20,791 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1825785604] [2020-07-29 01:19:20,792 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:20,792 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2020-07-29 01:19:20,792 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1014342849] [2020-07-29 01:19:20,794 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 20 [2020-07-29 01:19:20,794 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:20,794 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:20,832 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:20,832 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:20,832 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:20,833 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:20,833 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:20,833 INFO L87 Difference]: Start difference. First operand 98 states and 111 transitions. Second operand 9 states. [2020-07-29 01:19:22,272 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:22,272 INFO L93 Difference]: Finished difference Result 156 states and 167 transitions. [2020-07-29 01:19:22,272 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:19:22,272 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 20 [2020-07-29 01:19:22,273 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:22,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:22,275 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 168 transitions. [2020-07-29 01:19:22,275 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:22,277 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 168 transitions. [2020-07-29 01:19:22,277 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 168 transitions. [2020-07-29 01:19:22,510 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 168 edges. 168 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:22,514 INFO L225 Difference]: With dead ends: 156 [2020-07-29 01:19:22,514 INFO L226 Difference]: Without dead ends: 156 [2020-07-29 01:19:22,515 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 3 SyntacticMatches, 1 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=54, Invalid=128, Unknown=0, NotChecked=0, Total=182 [2020-07-29 01:19:22,515 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2020-07-29 01:19:22,518 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 98. [2020-07-29 01:19:22,518 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:22,519 INFO L82 GeneralOperation]: Start isEquivalent. First operand 156 states. Second operand 98 states. [2020-07-29 01:19:22,519 INFO L74 IsIncluded]: Start isIncluded. First operand 156 states. Second operand 98 states. [2020-07-29 01:19:22,519 INFO L87 Difference]: Start difference. First operand 156 states. Second operand 98 states. [2020-07-29 01:19:22,522 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:22,523 INFO L93 Difference]: Finished difference Result 156 states and 167 transitions. [2020-07-29 01:19:22,523 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 167 transitions. [2020-07-29 01:19:22,524 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:22,524 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:22,524 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand 156 states. [2020-07-29 01:19:22,524 INFO L87 Difference]: Start difference. First operand 98 states. Second operand 156 states. [2020-07-29 01:19:22,528 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:22,529 INFO L93 Difference]: Finished difference Result 156 states and 167 transitions. [2020-07-29 01:19:22,529 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 167 transitions. [2020-07-29 01:19:22,530 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:22,530 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:22,530 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:22,530 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:22,531 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 98 states. [2020-07-29 01:19:22,533 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 110 transitions. [2020-07-29 01:19:22,534 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 110 transitions. Word has length 20 [2020-07-29 01:19:22,534 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:22,534 INFO L479 AbstractCegarLoop]: Abstraction has 98 states and 110 transitions. [2020-07-29 01:19:22,535 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:22,535 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 110 transitions. [2020-07-29 01:19:22,535 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2020-07-29 01:19:22,536 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:22,536 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:22,536 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2020-07-29 01:19:22,537 INFO L427 AbstractCegarLoop]: === Iteration 12 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:22,537 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:22,537 INFO L82 PathProgramCache]: Analyzing trace with hash -1476938481, now seen corresponding path program 1 times [2020-07-29 01:19:22,538 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:22,538 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1712015482] [2020-07-29 01:19:22,538 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:22,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:22,639 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:22,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:22,644 INFO L280 TraceCheckUtils]: 0: Hoare triple {5640#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {5631#true} is VALID [2020-07-29 01:19:22,644 INFO L280 TraceCheckUtils]: 1: Hoare triple {5631#true} assume true; {5631#true} is VALID [2020-07-29 01:19:22,644 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {5631#true} {5631#true} #197#return; {5631#true} is VALID [2020-07-29 01:19:22,649 INFO L263 TraceCheckUtils]: 0: Hoare triple {5631#true} call ULTIMATE.init(); {5640#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:22,649 INFO L280 TraceCheckUtils]: 1: Hoare triple {5640#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {5631#true} is VALID [2020-07-29 01:19:22,649 INFO L280 TraceCheckUtils]: 2: Hoare triple {5631#true} assume true; {5631#true} is VALID [2020-07-29 01:19:22,649 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {5631#true} {5631#true} #197#return; {5631#true} is VALID [2020-07-29 01:19:22,650 INFO L263 TraceCheckUtils]: 4: Hoare triple {5631#true} call #t~ret17 := main(); {5631#true} is VALID [2020-07-29 01:19:22,650 INFO L280 TraceCheckUtils]: 5: Hoare triple {5631#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {5631#true} is VALID [2020-07-29 01:19:22,650 INFO L280 TraceCheckUtils]: 6: Hoare triple {5631#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {5631#true} is VALID [2020-07-29 01:19:22,651 INFO L280 TraceCheckUtils]: 7: Hoare triple {5631#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {5631#true} is VALID [2020-07-29 01:19:22,651 INFO L280 TraceCheckUtils]: 8: Hoare triple {5631#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {5631#true} is VALID [2020-07-29 01:19:22,651 INFO L280 TraceCheckUtils]: 9: Hoare triple {5631#true} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {5631#true} is VALID [2020-07-29 01:19:22,653 INFO L280 TraceCheckUtils]: 10: Hoare triple {5631#true} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {5636#(not (= 0 |main_#t~malloc2.base|))} is VALID [2020-07-29 01:19:22,655 INFO L280 TraceCheckUtils]: 11: Hoare triple {5636#(not (= 0 |main_#t~malloc2.base|))} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {5637#(not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:22,656 INFO L280 TraceCheckUtils]: 12: Hoare triple {5637#(not (= 0 (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {5638#(not (= 0 |main_#t~mem3.base|))} is VALID [2020-07-29 01:19:22,657 INFO L280 TraceCheckUtils]: 13: Hoare triple {5638#(not (= 0 |main_#t~mem3.base|))} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {5639#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:22,658 INFO L280 TraceCheckUtils]: 14: Hoare triple {5639#(not (= 0 main_~x~0.base))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L998 {5639#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:22,659 INFO L280 TraceCheckUtils]: 15: Hoare triple {5639#(not (= 0 main_~x~0.base))} assume -2147483648 <= #t~nondet4 && #t~nondet4 <= 2147483647; {5639#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:22,659 INFO L280 TraceCheckUtils]: 16: Hoare triple {5639#(not (= 0 main_~x~0.base))} assume !(0 != #t~nondet4);havoc #t~nondet4; {5639#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:22,660 INFO L280 TraceCheckUtils]: 17: Hoare triple {5639#(not (= 0 main_~x~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1000-1 {5639#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:22,661 INFO L280 TraceCheckUtils]: 18: Hoare triple {5639#(not (= 0 main_~x~0.base))} assume !(0 != ~x~0.base || 0 != ~x~0.offset); {5632#false} is VALID [2020-07-29 01:19:22,661 INFO L280 TraceCheckUtils]: 19: Hoare triple {5632#false} assume !false; {5632#false} is VALID [2020-07-29 01:19:22,662 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:22,663 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1712015482] [2020-07-29 01:19:22,663 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:22,663 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2020-07-29 01:19:22,664 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1927105856] [2020-07-29 01:19:22,664 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 20 [2020-07-29 01:19:22,665 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:22,665 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states. [2020-07-29 01:19:22,688 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:22,689 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2020-07-29 01:19:22,689 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:22,689 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2020-07-29 01:19:22,689 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2020-07-29 01:19:22,689 INFO L87 Difference]: Start difference. First operand 98 states and 110 transitions. Second operand 7 states. [2020-07-29 01:19:23,607 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:23,607 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:23,607 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:19:23,607 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 20 [2020-07-29 01:19:23,607 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:23,607 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:23,609 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 143 transitions. [2020-07-29 01:19:23,609 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2020-07-29 01:19:23,612 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 143 transitions. [2020-07-29 01:19:23,613 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 143 transitions. [2020-07-29 01:19:23,782 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 143 edges. 143 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:23,785 INFO L225 Difference]: With dead ends: 146 [2020-07-29 01:19:23,785 INFO L226 Difference]: Without dead ends: 146 [2020-07-29 01:19:23,786 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:19:23,786 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states. [2020-07-29 01:19:23,789 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 96. [2020-07-29 01:19:23,789 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:23,789 INFO L82 GeneralOperation]: Start isEquivalent. First operand 146 states. Second operand 96 states. [2020-07-29 01:19:23,789 INFO L74 IsIncluded]: Start isIncluded. First operand 146 states. Second operand 96 states. [2020-07-29 01:19:23,789 INFO L87 Difference]: Start difference. First operand 146 states. Second operand 96 states. [2020-07-29 01:19:23,792 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:23,792 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:23,793 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 160 transitions. [2020-07-29 01:19:23,793 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:23,793 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:23,794 INFO L74 IsIncluded]: Start isIncluded. First operand 96 states. Second operand 146 states. [2020-07-29 01:19:23,794 INFO L87 Difference]: Start difference. First operand 96 states. Second operand 146 states. [2020-07-29 01:19:23,797 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:23,797 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:23,797 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 160 transitions. [2020-07-29 01:19:23,797 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:23,798 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:23,798 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:23,798 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:23,798 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 96 states. [2020-07-29 01:19:23,800 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 108 transitions. [2020-07-29 01:19:23,800 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 108 transitions. Word has length 20 [2020-07-29 01:19:23,800 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:23,801 INFO L479 AbstractCegarLoop]: Abstraction has 96 states and 108 transitions. [2020-07-29 01:19:23,801 INFO L480 AbstractCegarLoop]: Interpolant automaton has 7 states. [2020-07-29 01:19:23,801 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 108 transitions. [2020-07-29 01:19:23,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:19:23,802 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:23,802 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:23,802 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2020-07-29 01:19:23,802 INFO L427 AbstractCegarLoop]: === Iteration 13 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:23,803 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:23,803 INFO L82 PathProgramCache]: Analyzing trace with hash 193012442, now seen corresponding path program 1 times [2020-07-29 01:19:23,803 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:23,803 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [933414639] [2020-07-29 01:19:23,804 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:23,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:23,901 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:23,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:23,905 INFO L280 TraceCheckUtils]: 0: Hoare triple {6198#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {6188#true} is VALID [2020-07-29 01:19:23,906 INFO L280 TraceCheckUtils]: 1: Hoare triple {6188#true} assume true; {6188#true} is VALID [2020-07-29 01:19:23,906 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {6188#true} {6188#true} #197#return; {6188#true} is VALID [2020-07-29 01:19:23,907 INFO L263 TraceCheckUtils]: 0: Hoare triple {6188#true} call ULTIMATE.init(); {6198#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:23,907 INFO L280 TraceCheckUtils]: 1: Hoare triple {6198#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {6188#true} is VALID [2020-07-29 01:19:23,907 INFO L280 TraceCheckUtils]: 2: Hoare triple {6188#true} assume true; {6188#true} is VALID [2020-07-29 01:19:23,908 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {6188#true} {6188#true} #197#return; {6188#true} is VALID [2020-07-29 01:19:23,908 INFO L263 TraceCheckUtils]: 4: Hoare triple {6188#true} call #t~ret17 := main(); {6188#true} is VALID [2020-07-29 01:19:23,908 INFO L280 TraceCheckUtils]: 5: Hoare triple {6188#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {6188#true} is VALID [2020-07-29 01:19:23,908 INFO L280 TraceCheckUtils]: 6: Hoare triple {6188#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {6188#true} is VALID [2020-07-29 01:19:23,909 INFO L280 TraceCheckUtils]: 7: Hoare triple {6188#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {6188#true} is VALID [2020-07-29 01:19:23,909 INFO L280 TraceCheckUtils]: 8: Hoare triple {6188#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {6188#true} is VALID [2020-07-29 01:19:23,909 INFO L280 TraceCheckUtils]: 9: Hoare triple {6188#true} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {6188#true} is VALID [2020-07-29 01:19:23,910 INFO L280 TraceCheckUtils]: 10: Hoare triple {6188#true} assume !(0 != #t~nondet1);havoc #t~nondet1; {6188#true} is VALID [2020-07-29 01:19:23,910 INFO L280 TraceCheckUtils]: 11: Hoare triple {6188#true} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {6188#true} is VALID [2020-07-29 01:19:23,912 INFO L280 TraceCheckUtils]: 12: Hoare triple {6188#true} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {6193#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem5.base|)} is VALID [2020-07-29 01:19:23,913 INFO L280 TraceCheckUtils]: 13: Hoare triple {6193#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem5.base|)} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} is VALID [2020-07-29 01:19:23,913 INFO L280 TraceCheckUtils]: 14: Hoare triple {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} is VALID [2020-07-29 01:19:23,914 INFO L280 TraceCheckUtils]: 15: Hoare triple {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} goto; {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} is VALID [2020-07-29 01:19:23,915 INFO L280 TraceCheckUtils]: 16: Hoare triple {6194#(= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base)} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {6195#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:23,916 INFO L280 TraceCheckUtils]: 17: Hoare triple {6195#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} assume !(0 != #t~mem6);havoc #t~mem6; {6195#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:23,917 INFO L280 TraceCheckUtils]: 18: Hoare triple {6195#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {6196#(= 1 (select |#valid| |main_#t~mem14.base|))} is VALID [2020-07-29 01:19:23,918 INFO L280 TraceCheckUtils]: 19: Hoare triple {6196#(= 1 (select |#valid| |main_#t~mem14.base|))} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {6197#(= 1 (select |#valid| main_~x~0.base))} is VALID [2020-07-29 01:19:23,923 INFO L280 TraceCheckUtils]: 20: Hoare triple {6197#(= 1 (select |#valid| main_~x~0.base))} assume !(1 == #valid[~x~0.base]); {6189#false} is VALID [2020-07-29 01:19:23,924 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:23,924 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [933414639] [2020-07-29 01:19:23,925 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:23,925 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2020-07-29 01:19:23,925 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [257896620] [2020-07-29 01:19:23,925 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 21 [2020-07-29 01:19:23,926 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:23,926 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states. [2020-07-29 01:19:23,951 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:23,951 INFO L459 AbstractCegarLoop]: Interpolant automaton has 8 states [2020-07-29 01:19:23,952 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:23,952 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2020-07-29 01:19:23,952 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2020-07-29 01:19:23,953 INFO L87 Difference]: Start difference. First operand 96 states and 108 transitions. Second operand 8 states. [2020-07-29 01:19:25,008 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:25,008 INFO L93 Difference]: Finished difference Result 133 states and 148 transitions. [2020-07-29 01:19:25,008 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2020-07-29 01:19:25,008 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 21 [2020-07-29 01:19:25,008 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:25,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2020-07-29 01:19:25,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 127 transitions. [2020-07-29 01:19:25,011 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2020-07-29 01:19:25,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 127 transitions. [2020-07-29 01:19:25,013 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 127 transitions. [2020-07-29 01:19:25,186 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 127 edges. 127 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:25,188 INFO L225 Difference]: With dead ends: 133 [2020-07-29 01:19:25,188 INFO L226 Difference]: Without dead ends: 133 [2020-07-29 01:19:25,189 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=114, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:19:25,189 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2020-07-29 01:19:25,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 97. [2020-07-29 01:19:25,192 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:25,192 INFO L82 GeneralOperation]: Start isEquivalent. First operand 133 states. Second operand 97 states. [2020-07-29 01:19:25,192 INFO L74 IsIncluded]: Start isIncluded. First operand 133 states. Second operand 97 states. [2020-07-29 01:19:25,192 INFO L87 Difference]: Start difference. First operand 133 states. Second operand 97 states. [2020-07-29 01:19:25,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:25,196 INFO L93 Difference]: Finished difference Result 133 states and 148 transitions. [2020-07-29 01:19:25,196 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 148 transitions. [2020-07-29 01:19:25,196 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:25,197 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:25,197 INFO L74 IsIncluded]: Start isIncluded. First operand 97 states. Second operand 133 states. [2020-07-29 01:19:25,197 INFO L87 Difference]: Start difference. First operand 97 states. Second operand 133 states. [2020-07-29 01:19:25,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:25,200 INFO L93 Difference]: Finished difference Result 133 states and 148 transitions. [2020-07-29 01:19:25,201 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 148 transitions. [2020-07-29 01:19:25,201 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:25,201 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:25,202 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:25,202 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:25,202 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 97 states. [2020-07-29 01:19:25,204 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 110 transitions. [2020-07-29 01:19:25,204 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 110 transitions. Word has length 21 [2020-07-29 01:19:25,205 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:25,205 INFO L479 AbstractCegarLoop]: Abstraction has 97 states and 110 transitions. [2020-07-29 01:19:25,205 INFO L480 AbstractCegarLoop]: Interpolant automaton has 8 states. [2020-07-29 01:19:25,205 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 110 transitions. [2020-07-29 01:19:25,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2020-07-29 01:19:25,206 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:25,206 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:25,207 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2020-07-29 01:19:25,207 INFO L427 AbstractCegarLoop]: === Iteration 14 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:25,207 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:25,208 INFO L82 PathProgramCache]: Analyzing trace with hash 193012443, now seen corresponding path program 1 times [2020-07-29 01:19:25,208 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:25,213 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [823484965] [2020-07-29 01:19:25,214 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:25,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:25,543 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:25,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:25,553 INFO L280 TraceCheckUtils]: 0: Hoare triple {6721#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {6707#true} is VALID [2020-07-29 01:19:25,553 INFO L280 TraceCheckUtils]: 1: Hoare triple {6707#true} assume true; {6707#true} is VALID [2020-07-29 01:19:25,553 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {6707#true} {6707#true} #197#return; {6707#true} is VALID [2020-07-29 01:19:25,554 INFO L263 TraceCheckUtils]: 0: Hoare triple {6707#true} call ULTIMATE.init(); {6721#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:25,554 INFO L280 TraceCheckUtils]: 1: Hoare triple {6721#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {6707#true} is VALID [2020-07-29 01:19:25,554 INFO L280 TraceCheckUtils]: 2: Hoare triple {6707#true} assume true; {6707#true} is VALID [2020-07-29 01:19:25,554 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {6707#true} {6707#true} #197#return; {6707#true} is VALID [2020-07-29 01:19:25,555 INFO L263 TraceCheckUtils]: 4: Hoare triple {6707#true} call #t~ret17 := main(); {6707#true} is VALID [2020-07-29 01:19:25,555 INFO L280 TraceCheckUtils]: 5: Hoare triple {6707#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {6712#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:25,557 INFO L280 TraceCheckUtils]: 6: Hoare triple {6712#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {6713#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:25,559 INFO L280 TraceCheckUtils]: 7: Hoare triple {6713#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {6713#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:25,562 INFO L280 TraceCheckUtils]: 8: Hoare triple {6713#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:25,564 INFO L280 TraceCheckUtils]: 9: Hoare triple {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:25,565 INFO L280 TraceCheckUtils]: 10: Hoare triple {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:25,567 INFO L280 TraceCheckUtils]: 11: Hoare triple {6714#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {6715#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:25,571 INFO L280 TraceCheckUtils]: 12: Hoare triple {6715#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {6716#(and (= 0 |main_#t~mem5.offset|) (= |main_#t~mem5.offset| (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem5.base|))} is VALID [2020-07-29 01:19:25,572 INFO L280 TraceCheckUtils]: 13: Hoare triple {6716#(and (= 0 |main_#t~mem5.offset|) (= |main_#t~mem5.offset| (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem5.base|))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:25,575 INFO L280 TraceCheckUtils]: 14: Hoare triple {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:25,576 INFO L280 TraceCheckUtils]: 15: Hoare triple {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} goto; {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:25,577 INFO L280 TraceCheckUtils]: 16: Hoare triple {6717#(and (= main_~x~0.offset (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {6718#(and (<= (+ (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:25,578 INFO L280 TraceCheckUtils]: 17: Hoare triple {6718#(and (<= (+ (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} assume !(0 != #t~mem6);havoc #t~mem6; {6718#(and (<= (+ (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:25,579 INFO L280 TraceCheckUtils]: 18: Hoare triple {6718#(and (<= (+ (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {6719#(and (<= (+ |main_#t~mem14.offset| 8) (select |#length| |main_#t~mem14.base|)) (<= 0 |main_#t~mem14.offset|))} is VALID [2020-07-29 01:19:25,580 INFO L280 TraceCheckUtils]: 19: Hoare triple {6719#(and (<= (+ |main_#t~mem14.offset| 8) (select |#length| |main_#t~mem14.base|)) (<= 0 |main_#t~mem14.offset|))} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {6720#(and (<= 0 main_~x~0.offset) (<= (+ main_~x~0.offset 8) (select |#length| main_~x~0.base)))} is VALID [2020-07-29 01:19:25,581 INFO L280 TraceCheckUtils]: 20: Hoare triple {6720#(and (<= 0 main_~x~0.offset) (<= (+ main_~x~0.offset 8) (select |#length| main_~x~0.base)))} assume !(4 + (4 + ~x~0.offset) <= #length[~x~0.base] && 0 <= 4 + ~x~0.offset); {6708#false} is VALID [2020-07-29 01:19:25,582 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:25,583 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [823484965] [2020-07-29 01:19:25,583 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:25,583 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2020-07-29 01:19:25,583 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [613258043] [2020-07-29 01:19:25,584 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 21 [2020-07-29 01:19:25,584 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:25,584 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2020-07-29 01:19:25,614 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:25,615 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2020-07-29 01:19:25,615 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:25,615 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2020-07-29 01:19:25,615 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:19:25,616 INFO L87 Difference]: Start difference. First operand 97 states and 110 transitions. Second operand 12 states. [2020-07-29 01:19:27,558 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:27,558 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:27,558 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2020-07-29 01:19:27,558 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 21 [2020-07-29 01:19:27,559 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:27,560 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:19:27,564 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 156 transitions. [2020-07-29 01:19:27,564 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:19:27,571 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 156 transitions. [2020-07-29 01:19:27,572 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states and 156 transitions. [2020-07-29 01:19:27,770 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 156 edges. 156 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:27,772 INFO L225 Difference]: With dead ends: 144 [2020-07-29 01:19:27,773 INFO L226 Difference]: Without dead ends: 144 [2020-07-29 01:19:27,773 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=93, Invalid=287, Unknown=0, NotChecked=0, Total=380 [2020-07-29 01:19:27,774 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2020-07-29 01:19:27,778 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 116. [2020-07-29 01:19:27,778 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:27,778 INFO L82 GeneralOperation]: Start isEquivalent. First operand 144 states. Second operand 116 states. [2020-07-29 01:19:27,778 INFO L74 IsIncluded]: Start isIncluded. First operand 144 states. Second operand 116 states. [2020-07-29 01:19:27,779 INFO L87 Difference]: Start difference. First operand 144 states. Second operand 116 states. [2020-07-29 01:19:27,785 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:27,785 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:27,786 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 156 transitions. [2020-07-29 01:19:27,786 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:27,787 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:27,787 INFO L74 IsIncluded]: Start isIncluded. First operand 116 states. Second operand 144 states. [2020-07-29 01:19:27,787 INFO L87 Difference]: Start difference. First operand 116 states. Second operand 144 states. [2020-07-29 01:19:27,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:27,791 INFO L93 Difference]: Finished difference Result 144 states and 156 transitions. [2020-07-29 01:19:27,791 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 156 transitions. [2020-07-29 01:19:27,792 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:27,792 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:27,792 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:27,793 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:27,793 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 116 states. [2020-07-29 01:19:27,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 116 states to 116 states and 143 transitions. [2020-07-29 01:19:27,796 INFO L78 Accepts]: Start accepts. Automaton has 116 states and 143 transitions. Word has length 21 [2020-07-29 01:19:27,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:27,797 INFO L479 AbstractCegarLoop]: Abstraction has 116 states and 143 transitions. [2020-07-29 01:19:27,797 INFO L480 AbstractCegarLoop]: Interpolant automaton has 12 states. [2020-07-29 01:19:27,797 INFO L276 IsEmpty]: Start isEmpty. Operand 116 states and 143 transitions. [2020-07-29 01:19:27,799 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2020-07-29 01:19:27,799 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:27,800 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:27,800 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2020-07-29 01:19:27,800 INFO L427 AbstractCegarLoop]: === Iteration 15 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:27,801 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:27,801 INFO L82 PathProgramCache]: Analyzing trace with hash 801367497, now seen corresponding path program 1 times [2020-07-29 01:19:27,801 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:27,802 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [629092452] [2020-07-29 01:19:27,802 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:27,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:28,200 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:28,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:28,206 INFO L280 TraceCheckUtils]: 0: Hoare triple {7302#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {7288#true} is VALID [2020-07-29 01:19:28,206 INFO L280 TraceCheckUtils]: 1: Hoare triple {7288#true} assume true; {7288#true} is VALID [2020-07-29 01:19:28,207 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {7288#true} {7288#true} #197#return; {7288#true} is VALID [2020-07-29 01:19:28,208 INFO L263 TraceCheckUtils]: 0: Hoare triple {7288#true} call ULTIMATE.init(); {7302#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:28,208 INFO L280 TraceCheckUtils]: 1: Hoare triple {7302#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {7288#true} is VALID [2020-07-29 01:19:28,208 INFO L280 TraceCheckUtils]: 2: Hoare triple {7288#true} assume true; {7288#true} is VALID [2020-07-29 01:19:28,209 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {7288#true} {7288#true} #197#return; {7288#true} is VALID [2020-07-29 01:19:28,209 INFO L263 TraceCheckUtils]: 4: Hoare triple {7288#true} call #t~ret17 := main(); {7288#true} is VALID [2020-07-29 01:19:28,210 INFO L280 TraceCheckUtils]: 5: Hoare triple {7288#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {7293#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:28,212 INFO L280 TraceCheckUtils]: 6: Hoare triple {7293#(and (= 8 (select |#length| main_~head~0.base)) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {7294#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:28,214 INFO L280 TraceCheckUtils]: 7: Hoare triple {7294#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {7294#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:28,215 INFO L280 TraceCheckUtils]: 8: Hoare triple {7294#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:28,216 INFO L280 TraceCheckUtils]: 9: Hoare triple {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:28,217 INFO L280 TraceCheckUtils]: 10: Hoare triple {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} assume !(0 != #t~nondet1);havoc #t~nondet1; {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} is VALID [2020-07-29 01:19:28,219 INFO L280 TraceCheckUtils]: 11: Hoare triple {7295#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 8 (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset))))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {7296#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,220 INFO L280 TraceCheckUtils]: 12: Hoare triple {7296#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {7297#(and (= 0 |main_#t~mem5.offset|) (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= |main_#t~mem5.offset| (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,222 INFO L280 TraceCheckUtils]: 13: Hoare triple {7297#(and (= 0 |main_#t~mem5.offset|) (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (= |main_#t~mem5.offset| (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,223 INFO L280 TraceCheckUtils]: 14: Hoare triple {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,223 INFO L280 TraceCheckUtils]: 15: Hoare triple {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} goto; {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,224 INFO L280 TraceCheckUtils]: 16: Hoare triple {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,225 INFO L280 TraceCheckUtils]: 17: Hoare triple {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} assume !(0 != #t~mem6);havoc #t~mem6; {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:28,226 INFO L280 TraceCheckUtils]: 18: Hoare triple {7298#(and (= (select |#length| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) 8) (<= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {7299#(and (<= 0 |main_#t~mem14.offset|) (= 8 (select |#length| |main_#t~mem14.base|)))} is VALID [2020-07-29 01:19:28,227 INFO L280 TraceCheckUtils]: 19: Hoare triple {7299#(and (<= 0 |main_#t~mem14.offset|) (= 8 (select |#length| |main_#t~mem14.base|)))} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {7300#(and (or (= 8 (select |#length| main_~x~0.base)) (<= main_~x~0.offset 0)) (< 0 (+ main_~x~0.offset 1)))} is VALID [2020-07-29 01:19:28,229 INFO L280 TraceCheckUtils]: 20: Hoare triple {7300#(and (or (= 8 (select |#length| main_~x~0.base)) (<= main_~x~0.offset 0)) (< 0 (+ main_~x~0.offset 1)))} SUMMARY for call #t~mem15 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1027-3 {7301#(and (<= main_~x~0.offset 0) (< 0 (+ main_~x~0.offset 1)))} is VALID [2020-07-29 01:19:28,229 INFO L280 TraceCheckUtils]: 21: Hoare triple {7301#(and (<= main_~x~0.offset 0) (< 0 (+ main_~x~0.offset 1)))} assume !(0 != #t~mem15);havoc #t~mem15; {7301#(and (<= main_~x~0.offset 0) (< 0 (+ main_~x~0.offset 1)))} is VALID [2020-07-29 01:19:28,230 INFO L280 TraceCheckUtils]: 22: Hoare triple {7301#(and (<= main_~x~0.offset 0) (< 0 (+ main_~x~0.offset 1)))} assume !(0 == ~x~0.offset); {7289#false} is VALID [2020-07-29 01:19:28,233 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:28,233 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [629092452] [2020-07-29 01:19:28,233 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:28,234 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2020-07-29 01:19:28,234 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2142352777] [2020-07-29 01:19:28,234 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 23 [2020-07-29 01:19:28,235 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:28,235 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2020-07-29 01:19:28,272 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:28,272 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2020-07-29 01:19:28,273 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:28,273 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2020-07-29 01:19:28,274 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2020-07-29 01:19:28,274 INFO L87 Difference]: Start difference. First operand 116 states and 143 transitions. Second operand 12 states. [2020-07-29 01:19:30,170 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:30,170 INFO L93 Difference]: Finished difference Result 154 states and 165 transitions. [2020-07-29 01:19:30,170 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2020-07-29 01:19:30,170 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 23 [2020-07-29 01:19:30,170 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:30,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:19:30,172 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 166 transitions. [2020-07-29 01:19:30,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2020-07-29 01:19:30,174 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 166 transitions. [2020-07-29 01:19:30,175 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 166 transitions. [2020-07-29 01:19:30,408 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 166 edges. 166 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:30,411 INFO L225 Difference]: With dead ends: 154 [2020-07-29 01:19:30,411 INFO L226 Difference]: Without dead ends: 154 [2020-07-29 01:19:30,412 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 40 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=109, Invalid=271, Unknown=0, NotChecked=0, Total=380 [2020-07-29 01:19:30,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2020-07-29 01:19:30,419 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 117. [2020-07-29 01:19:30,420 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:30,420 INFO L82 GeneralOperation]: Start isEquivalent. First operand 154 states. Second operand 117 states. [2020-07-29 01:19:30,420 INFO L74 IsIncluded]: Start isIncluded. First operand 154 states. Second operand 117 states. [2020-07-29 01:19:30,421 INFO L87 Difference]: Start difference. First operand 154 states. Second operand 117 states. [2020-07-29 01:19:30,424 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:30,425 INFO L93 Difference]: Finished difference Result 154 states and 165 transitions. [2020-07-29 01:19:30,425 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 165 transitions. [2020-07-29 01:19:30,425 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:30,426 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:30,426 INFO L74 IsIncluded]: Start isIncluded. First operand 117 states. Second operand 154 states. [2020-07-29 01:19:30,426 INFO L87 Difference]: Start difference. First operand 117 states. Second operand 154 states. [2020-07-29 01:19:30,430 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:30,430 INFO L93 Difference]: Finished difference Result 154 states and 165 transitions. [2020-07-29 01:19:30,431 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 165 transitions. [2020-07-29 01:19:30,431 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:30,431 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:30,432 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:30,432 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:30,432 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 117 states. [2020-07-29 01:19:30,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 117 states to 117 states and 144 transitions. [2020-07-29 01:19:30,435 INFO L78 Accepts]: Start accepts. Automaton has 117 states and 144 transitions. Word has length 23 [2020-07-29 01:19:30,435 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:30,436 INFO L479 AbstractCegarLoop]: Abstraction has 117 states and 144 transitions. [2020-07-29 01:19:30,436 INFO L480 AbstractCegarLoop]: Interpolant automaton has 12 states. [2020-07-29 01:19:30,437 INFO L276 IsEmpty]: Start isEmpty. Operand 117 states and 144 transitions. [2020-07-29 01:19:30,440 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2020-07-29 01:19:30,440 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:30,440 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:30,441 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2020-07-29 01:19:30,441 INFO L427 AbstractCegarLoop]: === Iteration 16 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:30,441 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:30,442 INFO L82 PathProgramCache]: Analyzing trace with hash -927411151, now seen corresponding path program 1 times [2020-07-29 01:19:30,442 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:30,442 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [107968263] [2020-07-29 01:19:30,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:30,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:30,661 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:30,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:30,666 INFO L280 TraceCheckUtils]: 0: Hoare triple {7911#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {7900#true} is VALID [2020-07-29 01:19:30,666 INFO L280 TraceCheckUtils]: 1: Hoare triple {7900#true} assume true; {7900#true} is VALID [2020-07-29 01:19:30,666 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {7900#true} {7900#true} #197#return; {7900#true} is VALID [2020-07-29 01:19:30,667 INFO L263 TraceCheckUtils]: 0: Hoare triple {7900#true} call ULTIMATE.init(); {7911#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:30,668 INFO L280 TraceCheckUtils]: 1: Hoare triple {7911#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {7900#true} is VALID [2020-07-29 01:19:30,668 INFO L280 TraceCheckUtils]: 2: Hoare triple {7900#true} assume true; {7900#true} is VALID [2020-07-29 01:19:30,668 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {7900#true} {7900#true} #197#return; {7900#true} is VALID [2020-07-29 01:19:30,668 INFO L263 TraceCheckUtils]: 4: Hoare triple {7900#true} call #t~ret17 := main(); {7900#true} is VALID [2020-07-29 01:19:30,669 INFO L280 TraceCheckUtils]: 5: Hoare triple {7900#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {7905#(and (<= (+ main_~head~0.base 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:30,671 INFO L280 TraceCheckUtils]: 6: Hoare triple {7905#(and (<= (+ main_~head~0.base 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {7906#(and (<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:30,673 INFO L280 TraceCheckUtils]: 7: Hoare triple {7906#(and (<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {7906#(and (<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:30,674 INFO L280 TraceCheckUtils]: 8: Hoare triple {7906#(and (<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:30,675 INFO L280 TraceCheckUtils]: 9: Hoare triple {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:30,675 INFO L280 TraceCheckUtils]: 10: Hoare triple {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:30,677 INFO L280 TraceCheckUtils]: 11: Hoare triple {7907#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (<= (+ (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|) (= main_~head~0.base main_~x~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,678 INFO L280 TraceCheckUtils]: 12: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,679 INFO L280 TraceCheckUtils]: 13: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,679 INFO L280 TraceCheckUtils]: 14: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,681 INFO L280 TraceCheckUtils]: 15: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} goto; {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,681 INFO L280 TraceCheckUtils]: 16: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,682 INFO L280 TraceCheckUtils]: 17: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} assume !(0 != #t~mem6);havoc #t~mem6; {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,683 INFO L280 TraceCheckUtils]: 18: Hoare triple {7908#(<= (+ (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) 1) |#StackHeapBarrier|)} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {7909#(<= (+ |main_#t~mem14.base| 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,685 INFO L280 TraceCheckUtils]: 19: Hoare triple {7909#(<= (+ |main_#t~mem14.base| 1) |#StackHeapBarrier|)} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,685 INFO L280 TraceCheckUtils]: 20: Hoare triple {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} SUMMARY for call #t~mem15 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1027-3 {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,686 INFO L280 TraceCheckUtils]: 21: Hoare triple {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} assume !(0 != #t~mem15);havoc #t~mem15; {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,687 INFO L280 TraceCheckUtils]: 22: Hoare triple {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} assume 0 == ~x~0.offset; {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} is VALID [2020-07-29 01:19:30,688 INFO L280 TraceCheckUtils]: 23: Hoare triple {7910#(<= (+ main_~x~0.base 1) |#StackHeapBarrier|)} assume !(~x~0.base < #StackHeapBarrier); {7901#false} is VALID [2020-07-29 01:19:30,690 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:30,690 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [107968263] [2020-07-29 01:19:30,691 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:30,691 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2020-07-29 01:19:30,691 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [807207077] [2020-07-29 01:19:30,691 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 24 [2020-07-29 01:19:30,692 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:30,692 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:30,727 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:30,728 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:30,728 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:30,728 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:30,728 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:30,728 INFO L87 Difference]: Start difference. First operand 117 states and 144 transitions. Second operand 9 states. [2020-07-29 01:19:31,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:31,988 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:31,988 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2020-07-29 01:19:31,989 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 24 [2020-07-29 01:19:31,989 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:31,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:31,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 143 transitions. [2020-07-29 01:19:31,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:31,993 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 143 transitions. [2020-07-29 01:19:31,993 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 143 transitions. [2020-07-29 01:19:32,181 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 143 edges. 143 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:32,184 INFO L225 Difference]: With dead ends: 146 [2020-07-29 01:19:32,184 INFO L226 Difference]: Without dead ends: 146 [2020-07-29 01:19:32,184 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2020-07-29 01:19:32,185 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states. [2020-07-29 01:19:32,188 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 118. [2020-07-29 01:19:32,188 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:32,188 INFO L82 GeneralOperation]: Start isEquivalent. First operand 146 states. Second operand 118 states. [2020-07-29 01:19:32,189 INFO L74 IsIncluded]: Start isIncluded. First operand 146 states. Second operand 118 states. [2020-07-29 01:19:32,189 INFO L87 Difference]: Start difference. First operand 146 states. Second operand 118 states. [2020-07-29 01:19:32,192 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:32,193 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:32,193 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 160 transitions. [2020-07-29 01:19:32,193 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:32,194 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:32,194 INFO L74 IsIncluded]: Start isIncluded. First operand 118 states. Second operand 146 states. [2020-07-29 01:19:32,194 INFO L87 Difference]: Start difference. First operand 118 states. Second operand 146 states. [2020-07-29 01:19:32,197 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:32,198 INFO L93 Difference]: Finished difference Result 146 states and 160 transitions. [2020-07-29 01:19:32,198 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 160 transitions. [2020-07-29 01:19:32,199 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:32,199 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:32,199 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:32,199 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:32,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 118 states. [2020-07-29 01:19:32,204 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 145 transitions. [2020-07-29 01:19:32,204 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 145 transitions. Word has length 24 [2020-07-29 01:19:32,205 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:32,205 INFO L479 AbstractCegarLoop]: Abstraction has 118 states and 145 transitions. [2020-07-29 01:19:32,205 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:32,205 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 145 transitions. [2020-07-29 01:19:32,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2020-07-29 01:19:32,206 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:32,207 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:32,207 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2020-07-29 01:19:32,207 INFO L427 AbstractCegarLoop]: === Iteration 17 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:32,208 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:32,208 INFO L82 PathProgramCache]: Analyzing trace with hash -483711363, now seen corresponding path program 1 times [2020-07-29 01:19:32,208 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:32,209 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [845357036] [2020-07-29 01:19:32,209 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:32,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:32,582 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:32,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:32,587 INFO L280 TraceCheckUtils]: 0: Hoare triple {8495#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {8480#true} is VALID [2020-07-29 01:19:32,587 INFO L280 TraceCheckUtils]: 1: Hoare triple {8480#true} assume true; {8480#true} is VALID [2020-07-29 01:19:32,588 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {8480#true} {8480#true} #197#return; {8480#true} is VALID [2020-07-29 01:19:32,589 INFO L263 TraceCheckUtils]: 0: Hoare triple {8480#true} call ULTIMATE.init(); {8495#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:32,589 INFO L280 TraceCheckUtils]: 1: Hoare triple {8495#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {8480#true} is VALID [2020-07-29 01:19:32,590 INFO L280 TraceCheckUtils]: 2: Hoare triple {8480#true} assume true; {8480#true} is VALID [2020-07-29 01:19:32,590 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {8480#true} {8480#true} #197#return; {8480#true} is VALID [2020-07-29 01:19:32,590 INFO L263 TraceCheckUtils]: 4: Hoare triple {8480#true} call #t~ret17 := main(); {8480#true} is VALID [2020-07-29 01:19:32,591 INFO L280 TraceCheckUtils]: 5: Hoare triple {8480#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {8485#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:32,593 INFO L280 TraceCheckUtils]: 6: Hoare triple {8485#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:32,595 INFO L280 TraceCheckUtils]: 7: Hoare triple {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:32,597 INFO L280 TraceCheckUtils]: 8: Hoare triple {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:32,598 INFO L280 TraceCheckUtils]: 9: Hoare triple {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:32,599 INFO L280 TraceCheckUtils]: 10: Hoare triple {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} assume !(0 != #t~nondet1);havoc #t~nondet1; {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:32,601 INFO L280 TraceCheckUtils]: 11: Hoare triple {8487#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base) (= 0 main_~head~0.offset))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:32,603 INFO L280 TraceCheckUtils]: 12: Hoare triple {8486#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {8488#(and (= 0 |main_#t~mem5.offset|) (= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|)) (= |main_#t~mem5.base| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|)))} is VALID [2020-07-29 01:19:32,604 INFO L280 TraceCheckUtils]: 13: Hoare triple {8488#(and (= 0 |main_#t~mem5.offset|) (= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|)) (= |main_#t~mem5.base| (select (select |#memory_$Pointer$.base| |main_#t~mem5.base|) |main_#t~mem5.offset|)))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:32,606 INFO L280 TraceCheckUtils]: 14: Hoare triple {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:32,607 INFO L280 TraceCheckUtils]: 15: Hoare triple {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} goto; {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:32,609 INFO L280 TraceCheckUtils]: 16: Hoare triple {8489#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {8490#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) |main_#t~mem6|) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:32,610 INFO L280 TraceCheckUtils]: 17: Hoare triple {8490#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) |main_#t~mem6|) (= main_~x~0.offset 0) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} assume !!(0 != #t~mem6);havoc #t~mem6; {8491#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (not (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 0)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:32,611 INFO L280 TraceCheckUtils]: 18: Hoare triple {8491#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base) (= main_~x~0.offset 0) (not (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 0)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-13 {8492#(not (= 0 (select (select |#memory_int| |main_#t~mem7.base|) (+ |main_#t~mem7.offset| 4))))} is VALID [2020-07-29 01:19:32,612 INFO L280 TraceCheckUtils]: 19: Hoare triple {8492#(not (= 0 (select (select |#memory_int| |main_#t~mem7.base|) (+ |main_#t~mem7.offset| 4))))} SUMMARY for call #t~mem8 := read~int(#t~mem7.base, 4 + #t~mem7.offset, 4); srcloc: L1021-1 {8493#(not (= 0 |main_#t~mem8|))} is VALID [2020-07-29 01:19:32,613 INFO L280 TraceCheckUtils]: 20: Hoare triple {8493#(not (= 0 |main_#t~mem8|))} #t~short12 := 0 != #t~mem8; {8494#|main_#t~short12|} is VALID [2020-07-29 01:19:32,613 INFO L280 TraceCheckUtils]: 21: Hoare triple {8494#|main_#t~short12|} assume !#t~short12; {8481#false} is VALID [2020-07-29 01:19:32,614 INFO L280 TraceCheckUtils]: 22: Hoare triple {8481#false} assume !#t~short12;havoc #t~mem7.base, #t~mem7.offset;havoc #t~short12;havoc #t~mem10;havoc #t~mem11;havoc #t~mem9.base, #t~mem9.offset;havoc #t~mem8; {8481#false} is VALID [2020-07-29 01:19:32,614 INFO L280 TraceCheckUtils]: 23: Hoare triple {8481#false} assume !false; {8481#false} is VALID [2020-07-29 01:19:32,617 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:32,617 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [845357036] [2020-07-29 01:19:32,617 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:32,617 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [13] imperfect sequences [] total 13 [2020-07-29 01:19:32,617 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2036393115] [2020-07-29 01:19:32,618 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 24 [2020-07-29 01:19:32,619 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:32,620 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states. [2020-07-29 01:19:32,658 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:32,658 INFO L459 AbstractCegarLoop]: Interpolant automaton has 13 states [2020-07-29 01:19:32,658 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:32,659 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2020-07-29 01:19:32,659 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=128, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:19:32,659 INFO L87 Difference]: Start difference. First operand 118 states and 145 transitions. Second operand 13 states. [2020-07-29 01:19:34,413 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:34,414 INFO L93 Difference]: Finished difference Result 141 states and 152 transitions. [2020-07-29 01:19:34,414 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2020-07-29 01:19:34,414 INFO L78 Accepts]: Start accepts. Automaton has 13 states. Word has length 24 [2020-07-29 01:19:34,414 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:34,414 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2020-07-29 01:19:34,417 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 150 transitions. [2020-07-29 01:19:34,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 13 states. [2020-07-29 01:19:34,420 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 150 transitions. [2020-07-29 01:19:34,420 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 15 states and 150 transitions. [2020-07-29 01:19:34,612 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 150 edges. 150 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:34,615 INFO L225 Difference]: With dead ends: 141 [2020-07-29 01:19:34,615 INFO L226 Difference]: Without dead ends: 141 [2020-07-29 01:19:34,616 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 4 SyntacticMatches, 1 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 63 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=108, Invalid=398, Unknown=0, NotChecked=0, Total=506 [2020-07-29 01:19:34,619 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 141 states. [2020-07-29 01:19:34,626 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 141 to 118. [2020-07-29 01:19:34,626 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:34,626 INFO L82 GeneralOperation]: Start isEquivalent. First operand 141 states. Second operand 118 states. [2020-07-29 01:19:34,627 INFO L74 IsIncluded]: Start isIncluded. First operand 141 states. Second operand 118 states. [2020-07-29 01:19:34,627 INFO L87 Difference]: Start difference. First operand 141 states. Second operand 118 states. [2020-07-29 01:19:34,631 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:34,632 INFO L93 Difference]: Finished difference Result 141 states and 152 transitions. [2020-07-29 01:19:34,632 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 152 transitions. [2020-07-29 01:19:34,633 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:34,633 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:34,633 INFO L74 IsIncluded]: Start isIncluded. First operand 118 states. Second operand 141 states. [2020-07-29 01:19:34,633 INFO L87 Difference]: Start difference. First operand 118 states. Second operand 141 states. [2020-07-29 01:19:34,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:34,638 INFO L93 Difference]: Finished difference Result 141 states and 152 transitions. [2020-07-29 01:19:34,638 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 152 transitions. [2020-07-29 01:19:34,639 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:34,639 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:34,639 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:34,639 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:34,640 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 118 states. [2020-07-29 01:19:34,644 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 144 transitions. [2020-07-29 01:19:34,644 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 144 transitions. Word has length 24 [2020-07-29 01:19:34,644 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:34,645 INFO L479 AbstractCegarLoop]: Abstraction has 118 states and 144 transitions. [2020-07-29 01:19:34,645 INFO L480 AbstractCegarLoop]: Interpolant automaton has 13 states. [2020-07-29 01:19:34,645 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 144 transitions. [2020-07-29 01:19:34,645 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2020-07-29 01:19:34,646 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:34,646 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:34,646 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2020-07-29 01:19:34,646 INFO L427 AbstractCegarLoop]: === Iteration 18 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:34,647 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:34,647 INFO L82 PathProgramCache]: Analyzing trace with hash 1598203218, now seen corresponding path program 1 times [2020-07-29 01:19:34,647 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:34,648 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1989792741] [2020-07-29 01:19:34,648 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:34,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:34,693 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:34,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:34,697 INFO L280 TraceCheckUtils]: 0: Hoare triple {9065#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {9059#true} is VALID [2020-07-29 01:19:34,697 INFO L280 TraceCheckUtils]: 1: Hoare triple {9059#true} assume true; {9059#true} is VALID [2020-07-29 01:19:34,698 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {9059#true} {9059#true} #197#return; {9059#true} is VALID [2020-07-29 01:19:34,699 INFO L263 TraceCheckUtils]: 0: Hoare triple {9059#true} call ULTIMATE.init(); {9065#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:34,699 INFO L280 TraceCheckUtils]: 1: Hoare triple {9065#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {9059#true} is VALID [2020-07-29 01:19:34,699 INFO L280 TraceCheckUtils]: 2: Hoare triple {9059#true} assume true; {9059#true} is VALID [2020-07-29 01:19:34,699 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {9059#true} {9059#true} #197#return; {9059#true} is VALID [2020-07-29 01:19:34,700 INFO L263 TraceCheckUtils]: 4: Hoare triple {9059#true} call #t~ret17 := main(); {9059#true} is VALID [2020-07-29 01:19:34,700 INFO L280 TraceCheckUtils]: 5: Hoare triple {9059#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {9059#true} is VALID [2020-07-29 01:19:34,700 INFO L280 TraceCheckUtils]: 6: Hoare triple {9059#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {9059#true} is VALID [2020-07-29 01:19:34,700 INFO L280 TraceCheckUtils]: 7: Hoare triple {9059#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {9059#true} is VALID [2020-07-29 01:19:34,701 INFO L280 TraceCheckUtils]: 8: Hoare triple {9059#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,702 INFO L280 TraceCheckUtils]: 9: Hoare triple {9064#(= 1 main_~state~0)} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,703 INFO L280 TraceCheckUtils]: 10: Hoare triple {9064#(= 1 main_~state~0)} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,704 INFO L280 TraceCheckUtils]: 11: Hoare triple {9064#(= 1 main_~state~0)} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,704 INFO L280 TraceCheckUtils]: 12: Hoare triple {9064#(= 1 main_~state~0)} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,705 INFO L280 TraceCheckUtils]: 13: Hoare triple {9064#(= 1 main_~state~0)} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,705 INFO L280 TraceCheckUtils]: 14: Hoare triple {9064#(= 1 main_~state~0)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L998 {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,706 INFO L280 TraceCheckUtils]: 15: Hoare triple {9064#(= 1 main_~state~0)} assume -2147483648 <= #t~nondet4 && #t~nondet4 <= 2147483647; {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,707 INFO L280 TraceCheckUtils]: 16: Hoare triple {9064#(= 1 main_~state~0)} assume 0 != #t~nondet4;havoc #t~nondet4; {9064#(= 1 main_~state~0)} is VALID [2020-07-29 01:19:34,708 INFO L280 TraceCheckUtils]: 17: Hoare triple {9064#(= 1 main_~state~0)} assume !(1 == ~state~0); {9060#false} is VALID [2020-07-29 01:19:34,708 INFO L280 TraceCheckUtils]: 18: Hoare triple {9060#false} assume !(2 == ~state~0); {9060#false} is VALID [2020-07-29 01:19:34,708 INFO L280 TraceCheckUtils]: 19: Hoare triple {9060#false} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {9060#false} is VALID [2020-07-29 01:19:34,708 INFO L280 TraceCheckUtils]: 20: Hoare triple {9060#false} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {9060#false} is VALID [2020-07-29 01:19:34,708 INFO L280 TraceCheckUtils]: 21: Hoare triple {9060#false} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {9060#false} is VALID [2020-07-29 01:19:34,709 INFO L280 TraceCheckUtils]: 22: Hoare triple {9060#false} assume !(0 != ~x~0.base || 0 != ~x~0.offset); {9060#false} is VALID [2020-07-29 01:19:34,709 INFO L280 TraceCheckUtils]: 23: Hoare triple {9060#false} assume !false; {9060#false} is VALID [2020-07-29 01:19:34,710 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:34,710 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1989792741] [2020-07-29 01:19:34,711 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:34,711 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2020-07-29 01:19:34,711 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1447672847] [2020-07-29 01:19:34,712 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 24 [2020-07-29 01:19:34,712 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:34,712 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states. [2020-07-29 01:19:34,745 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:34,745 INFO L459 AbstractCegarLoop]: Interpolant automaton has 4 states [2020-07-29 01:19:34,745 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:34,746 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2020-07-29 01:19:34,746 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:34,746 INFO L87 Difference]: Start difference. First operand 118 states and 144 transitions. Second operand 4 states. [2020-07-29 01:19:35,036 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:35,036 INFO L93 Difference]: Finished difference Result 185 states and 216 transitions. [2020-07-29 01:19:35,036 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2020-07-29 01:19:35,037 INFO L78 Accepts]: Start accepts. Automaton has 4 states. Word has length 24 [2020-07-29 01:19:35,037 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:35,037 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:35,042 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 153 transitions. [2020-07-29 01:19:35,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 4 states. [2020-07-29 01:19:35,045 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 153 transitions. [2020-07-29 01:19:35,046 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 153 transitions. [2020-07-29 01:19:35,212 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 153 edges. 153 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:35,217 INFO L225 Difference]: With dead ends: 185 [2020-07-29 01:19:35,217 INFO L226 Difference]: Without dead ends: 185 [2020-07-29 01:19:35,218 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2020-07-29 01:19:35,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 185 states. [2020-07-29 01:19:35,222 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 185 to 130. [2020-07-29 01:19:35,222 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:35,222 INFO L82 GeneralOperation]: Start isEquivalent. First operand 185 states. Second operand 130 states. [2020-07-29 01:19:35,223 INFO L74 IsIncluded]: Start isIncluded. First operand 185 states. Second operand 130 states. [2020-07-29 01:19:35,223 INFO L87 Difference]: Start difference. First operand 185 states. Second operand 130 states. [2020-07-29 01:19:35,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:35,229 INFO L93 Difference]: Finished difference Result 185 states and 216 transitions. [2020-07-29 01:19:35,229 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 216 transitions. [2020-07-29 01:19:35,230 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:35,230 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:35,230 INFO L74 IsIncluded]: Start isIncluded. First operand 130 states. Second operand 185 states. [2020-07-29 01:19:35,230 INFO L87 Difference]: Start difference. First operand 130 states. Second operand 185 states. [2020-07-29 01:19:35,236 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:35,236 INFO L93 Difference]: Finished difference Result 185 states and 216 transitions. [2020-07-29 01:19:35,237 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 216 transitions. [2020-07-29 01:19:35,237 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:35,238 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:35,238 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:35,238 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:35,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 130 states. [2020-07-29 01:19:35,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 130 states to 130 states and 158 transitions. [2020-07-29 01:19:35,242 INFO L78 Accepts]: Start accepts. Automaton has 130 states and 158 transitions. Word has length 24 [2020-07-29 01:19:35,242 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:35,243 INFO L479 AbstractCegarLoop]: Abstraction has 130 states and 158 transitions. [2020-07-29 01:19:35,243 INFO L480 AbstractCegarLoop]: Interpolant automaton has 4 states. [2020-07-29 01:19:35,243 INFO L276 IsEmpty]: Start isEmpty. Operand 130 states and 158 transitions. [2020-07-29 01:19:35,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2020-07-29 01:19:35,244 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:35,244 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:35,244 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2020-07-29 01:19:35,245 INFO L427 AbstractCegarLoop]: === Iteration 19 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:35,245 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:35,245 INFO L82 PathProgramCache]: Analyzing trace with hash 1315071323, now seen corresponding path program 1 times [2020-07-29 01:19:35,245 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:35,246 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [999421733] [2020-07-29 01:19:35,246 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:35,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:35,392 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:35,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:35,396 INFO L280 TraceCheckUtils]: 0: Hoare triple {9764#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {9753#true} is VALID [2020-07-29 01:19:35,396 INFO L280 TraceCheckUtils]: 1: Hoare triple {9753#true} assume true; {9753#true} is VALID [2020-07-29 01:19:35,396 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {9753#true} {9753#true} #197#return; {9753#true} is VALID [2020-07-29 01:19:35,398 INFO L263 TraceCheckUtils]: 0: Hoare triple {9753#true} call ULTIMATE.init(); {9764#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:35,398 INFO L280 TraceCheckUtils]: 1: Hoare triple {9764#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {9753#true} is VALID [2020-07-29 01:19:35,398 INFO L280 TraceCheckUtils]: 2: Hoare triple {9753#true} assume true; {9753#true} is VALID [2020-07-29 01:19:35,398 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {9753#true} {9753#true} #197#return; {9753#true} is VALID [2020-07-29 01:19:35,399 INFO L263 TraceCheckUtils]: 4: Hoare triple {9753#true} call #t~ret17 := main(); {9753#true} is VALID [2020-07-29 01:19:35,400 INFO L280 TraceCheckUtils]: 5: Hoare triple {9753#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {9758#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:35,402 INFO L280 TraceCheckUtils]: 6: Hoare triple {9758#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {9759#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:35,403 INFO L280 TraceCheckUtils]: 7: Hoare triple {9759#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {9759#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:35,404 INFO L280 TraceCheckUtils]: 8: Hoare triple {9759#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:35,406 INFO L280 TraceCheckUtils]: 9: Hoare triple {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:35,406 INFO L280 TraceCheckUtils]: 10: Hoare triple {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:35,408 INFO L280 TraceCheckUtils]: 11: Hoare triple {9760#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,417 INFO L280 TraceCheckUtils]: 12: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,418 INFO L280 TraceCheckUtils]: 13: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,418 INFO L280 TraceCheckUtils]: 14: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,419 INFO L280 TraceCheckUtils]: 15: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} goto; {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,420 INFO L280 TraceCheckUtils]: 16: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,421 INFO L280 TraceCheckUtils]: 17: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} assume !(0 != #t~mem6);havoc #t~mem6; {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} is VALID [2020-07-29 01:19:35,423 INFO L280 TraceCheckUtils]: 18: Hoare triple {9761#(= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {9762#(= 0 |main_#t~mem14.offset|)} is VALID [2020-07-29 01:19:35,423 INFO L280 TraceCheckUtils]: 19: Hoare triple {9762#(= 0 |main_#t~mem14.offset|)} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {9763#(= main_~x~0.offset 0)} is VALID [2020-07-29 01:19:35,424 INFO L280 TraceCheckUtils]: 20: Hoare triple {9763#(= main_~x~0.offset 0)} SUMMARY for call #t~mem15 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1027-3 {9763#(= main_~x~0.offset 0)} is VALID [2020-07-29 01:19:35,425 INFO L280 TraceCheckUtils]: 21: Hoare triple {9763#(= main_~x~0.offset 0)} assume !!(0 != #t~mem15);havoc #t~mem15;~head~0.base, ~head~0.offset := ~x~0.base, ~x~0.offset; {9758#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:35,425 INFO L280 TraceCheckUtils]: 22: Hoare triple {9758#(= 0 main_~head~0.offset)} SUMMARY for call #t~mem16.base, #t~mem16.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1030 {9758#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:35,426 INFO L280 TraceCheckUtils]: 23: Hoare triple {9758#(= 0 main_~head~0.offset)} ~x~0.base, ~x~0.offset := #t~mem16.base, #t~mem16.offset;havoc #t~mem16.base, #t~mem16.offset; {9758#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:35,427 INFO L280 TraceCheckUtils]: 24: Hoare triple {9758#(= 0 main_~head~0.offset)} assume !(0 == ~head~0.offset); {9754#false} is VALID [2020-07-29 01:19:35,429 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:35,429 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [999421733] [2020-07-29 01:19:35,429 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:35,429 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2020-07-29 01:19:35,429 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1203788255] [2020-07-29 01:19:35,430 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 25 [2020-07-29 01:19:35,430 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:35,430 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states. [2020-07-29 01:19:35,465 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:35,465 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2020-07-29 01:19:35,466 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:35,466 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2020-07-29 01:19:35,466 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2020-07-29 01:19:35,466 INFO L87 Difference]: Start difference. First operand 130 states and 158 transitions. Second operand 9 states. [2020-07-29 01:19:36,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:36,343 INFO L93 Difference]: Finished difference Result 150 states and 166 transitions. [2020-07-29 01:19:36,343 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2020-07-29 01:19:36,343 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 25 [2020-07-29 01:19:36,343 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:36,344 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:36,346 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 134 transitions. [2020-07-29 01:19:36,346 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2020-07-29 01:19:36,348 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 134 transitions. [2020-07-29 01:19:36,348 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 134 transitions. [2020-07-29 01:19:36,504 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 134 edges. 134 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:36,507 INFO L225 Difference]: With dead ends: 150 [2020-07-29 01:19:36,507 INFO L226 Difference]: Without dead ends: 150 [2020-07-29 01:19:36,508 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=112, Unknown=0, NotChecked=0, Total=156 [2020-07-29 01:19:36,508 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2020-07-29 01:19:36,511 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 132. [2020-07-29 01:19:36,512 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:36,512 INFO L82 GeneralOperation]: Start isEquivalent. First operand 150 states. Second operand 132 states. [2020-07-29 01:19:36,512 INFO L74 IsIncluded]: Start isIncluded. First operand 150 states. Second operand 132 states. [2020-07-29 01:19:36,512 INFO L87 Difference]: Start difference. First operand 150 states. Second operand 132 states. [2020-07-29 01:19:36,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:36,516 INFO L93 Difference]: Finished difference Result 150 states and 166 transitions. [2020-07-29 01:19:36,516 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 166 transitions. [2020-07-29 01:19:36,517 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:36,517 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:36,517 INFO L74 IsIncluded]: Start isIncluded. First operand 132 states. Second operand 150 states. [2020-07-29 01:19:36,518 INFO L87 Difference]: Start difference. First operand 132 states. Second operand 150 states. [2020-07-29 01:19:36,520 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:36,521 INFO L93 Difference]: Finished difference Result 150 states and 166 transitions. [2020-07-29 01:19:36,521 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 166 transitions. [2020-07-29 01:19:36,522 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:36,522 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:36,522 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:36,522 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:36,522 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 132 states. [2020-07-29 01:19:36,525 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 132 states to 132 states and 160 transitions. [2020-07-29 01:19:36,525 INFO L78 Accepts]: Start accepts. Automaton has 132 states and 160 transitions. Word has length 25 [2020-07-29 01:19:36,525 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:36,525 INFO L479 AbstractCegarLoop]: Abstraction has 132 states and 160 transitions. [2020-07-29 01:19:36,526 INFO L480 AbstractCegarLoop]: Interpolant automaton has 9 states. [2020-07-29 01:19:36,526 INFO L276 IsEmpty]: Start isEmpty. Operand 132 states and 160 transitions. [2020-07-29 01:19:36,526 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2020-07-29 01:19:36,526 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:36,527 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:36,527 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2020-07-29 01:19:36,527 INFO L427 AbstractCegarLoop]: === Iteration 20 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:36,529 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:36,529 INFO L82 PathProgramCache]: Analyzing trace with hash -2110522547, now seen corresponding path program 1 times [2020-07-29 01:19:36,529 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:36,530 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2075084947] [2020-07-29 01:19:36,530 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:36,540 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:36,601 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:36,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:36,606 INFO L280 TraceCheckUtils]: 0: Hoare triple {10365#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {10357#true} is VALID [2020-07-29 01:19:36,606 INFO L280 TraceCheckUtils]: 1: Hoare triple {10357#true} assume true; {10357#true} is VALID [2020-07-29 01:19:36,606 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {10357#true} {10357#true} #197#return; {10357#true} is VALID [2020-07-29 01:19:36,607 INFO L263 TraceCheckUtils]: 0: Hoare triple {10357#true} call ULTIMATE.init(); {10365#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:36,607 INFO L280 TraceCheckUtils]: 1: Hoare triple {10365#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {10357#true} is VALID [2020-07-29 01:19:36,608 INFO L280 TraceCheckUtils]: 2: Hoare triple {10357#true} assume true; {10357#true} is VALID [2020-07-29 01:19:36,608 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {10357#true} {10357#true} #197#return; {10357#true} is VALID [2020-07-29 01:19:36,608 INFO L263 TraceCheckUtils]: 4: Hoare triple {10357#true} call #t~ret17 := main(); {10357#true} is VALID [2020-07-29 01:19:36,608 INFO L280 TraceCheckUtils]: 5: Hoare triple {10357#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {10357#true} is VALID [2020-07-29 01:19:36,609 INFO L280 TraceCheckUtils]: 6: Hoare triple {10357#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {10357#true} is VALID [2020-07-29 01:19:36,609 INFO L280 TraceCheckUtils]: 7: Hoare triple {10357#true} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {10357#true} is VALID [2020-07-29 01:19:36,609 INFO L280 TraceCheckUtils]: 8: Hoare triple {10357#true} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {10357#true} is VALID [2020-07-29 01:19:36,609 INFO L280 TraceCheckUtils]: 9: Hoare triple {10357#true} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {10357#true} is VALID [2020-07-29 01:19:36,609 INFO L280 TraceCheckUtils]: 10: Hoare triple {10357#true} assume !(0 != #t~nondet1);havoc #t~nondet1; {10357#true} is VALID [2020-07-29 01:19:36,610 INFO L280 TraceCheckUtils]: 11: Hoare triple {10357#true} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {10357#true} is VALID [2020-07-29 01:19:36,610 INFO L280 TraceCheckUtils]: 12: Hoare triple {10357#true} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {10357#true} is VALID [2020-07-29 01:19:36,610 INFO L280 TraceCheckUtils]: 13: Hoare triple {10357#true} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {10357#true} is VALID [2020-07-29 01:19:36,610 INFO L280 TraceCheckUtils]: 14: Hoare triple {10357#true} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {10357#true} is VALID [2020-07-29 01:19:36,610 INFO L280 TraceCheckUtils]: 15: Hoare triple {10357#true} goto; {10357#true} is VALID [2020-07-29 01:19:36,611 INFO L280 TraceCheckUtils]: 16: Hoare triple {10357#true} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {10357#true} is VALID [2020-07-29 01:19:36,611 INFO L280 TraceCheckUtils]: 17: Hoare triple {10357#true} assume !!(0 != #t~mem6);havoc #t~mem6; {10357#true} is VALID [2020-07-29 01:19:36,613 INFO L280 TraceCheckUtils]: 18: Hoare triple {10357#true} SUMMARY for call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-13 {10362#(= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) |main_#t~mem7.base|)} is VALID [2020-07-29 01:19:36,614 INFO L280 TraceCheckUtils]: 19: Hoare triple {10362#(= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) |main_#t~mem7.base|)} SUMMARY for call #t~mem8 := read~int(#t~mem7.base, 4 + #t~mem7.offset, 4); srcloc: L1021-1 {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:36,614 INFO L280 TraceCheckUtils]: 20: Hoare triple {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} #t~short12 := 0 != #t~mem8; {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:36,615 INFO L280 TraceCheckUtils]: 21: Hoare triple {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} assume #t~short12; {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:36,616 INFO L280 TraceCheckUtils]: 22: Hoare triple {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem10 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1021-4 {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} is VALID [2020-07-29 01:19:36,617 INFO L280 TraceCheckUtils]: 23: Hoare triple {10363#(= 1 (select |#valid| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset)))} SUMMARY for call #t~mem9.base, #t~mem9.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-5 {10364#(= 1 (select |#valid| |main_#t~mem9.base|))} is VALID [2020-07-29 01:19:36,618 INFO L280 TraceCheckUtils]: 24: Hoare triple {10364#(= 1 (select |#valid| |main_#t~mem9.base|))} assume !(1 == #valid[#t~mem9.base]); {10358#false} is VALID [2020-07-29 01:19:36,619 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:36,619 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2075084947] [2020-07-29 01:19:36,620 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:36,620 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2020-07-29 01:19:36,620 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2061634073] [2020-07-29 01:19:36,621 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 25 [2020-07-29 01:19:36,621 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:36,621 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states. [2020-07-29 01:19:36,654 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:36,654 INFO L459 AbstractCegarLoop]: Interpolant automaton has 6 states [2020-07-29 01:19:36,654 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:36,654 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2020-07-29 01:19:36,655 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2020-07-29 01:19:36,655 INFO L87 Difference]: Start difference. First operand 132 states and 160 transitions. Second operand 6 states. [2020-07-29 01:19:37,225 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:37,225 INFO L93 Difference]: Finished difference Result 133 states and 161 transitions. [2020-07-29 01:19:37,225 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2020-07-29 01:19:37,226 INFO L78 Accepts]: Start accepts. Automaton has 6 states. Word has length 25 [2020-07-29 01:19:37,226 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:37,227 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:19:37,228 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 84 transitions. [2020-07-29 01:19:37,229 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2020-07-29 01:19:37,230 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 84 transitions. [2020-07-29 01:19:37,231 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 84 transitions. [2020-07-29 01:19:37,355 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 84 edges. 84 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:37,359 INFO L225 Difference]: With dead ends: 133 [2020-07-29 01:19:37,359 INFO L226 Difference]: Without dead ends: 133 [2020-07-29 01:19:37,359 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2020-07-29 01:19:37,360 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2020-07-29 01:19:37,364 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 131. [2020-07-29 01:19:37,365 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:37,365 INFO L82 GeneralOperation]: Start isEquivalent. First operand 133 states. Second operand 131 states. [2020-07-29 01:19:37,365 INFO L74 IsIncluded]: Start isIncluded. First operand 133 states. Second operand 131 states. [2020-07-29 01:19:37,365 INFO L87 Difference]: Start difference. First operand 133 states. Second operand 131 states. [2020-07-29 01:19:37,371 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:37,372 INFO L93 Difference]: Finished difference Result 133 states and 161 transitions. [2020-07-29 01:19:37,372 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 161 transitions. [2020-07-29 01:19:37,373 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:37,374 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:37,374 INFO L74 IsIncluded]: Start isIncluded. First operand 131 states. Second operand 133 states. [2020-07-29 01:19:37,374 INFO L87 Difference]: Start difference. First operand 131 states. Second operand 133 states. [2020-07-29 01:19:37,378 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:37,379 INFO L93 Difference]: Finished difference Result 133 states and 161 transitions. [2020-07-29 01:19:37,379 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 161 transitions. [2020-07-29 01:19:37,380 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:37,380 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:37,381 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:37,381 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:37,381 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 131 states. [2020-07-29 01:19:37,386 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 157 transitions. [2020-07-29 01:19:37,387 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 157 transitions. Word has length 25 [2020-07-29 01:19:37,387 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:37,388 INFO L479 AbstractCegarLoop]: Abstraction has 131 states and 157 transitions. [2020-07-29 01:19:37,388 INFO L480 AbstractCegarLoop]: Interpolant automaton has 6 states. [2020-07-29 01:19:37,388 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 157 transitions. [2020-07-29 01:19:37,389 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2020-07-29 01:19:37,390 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:37,390 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:37,390 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2020-07-29 01:19:37,391 INFO L427 AbstractCegarLoop]: === Iteration 21 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:37,391 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:37,392 INFO L82 PathProgramCache]: Analyzing trace with hash -2110522546, now seen corresponding path program 1 times [2020-07-29 01:19:37,392 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:37,392 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [307264549] [2020-07-29 01:19:37,393 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:37,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:37,741 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:37,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:37,745 INFO L280 TraceCheckUtils]: 0: Hoare triple {10915#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {10902#true} is VALID [2020-07-29 01:19:37,746 INFO L280 TraceCheckUtils]: 1: Hoare triple {10902#true} assume true; {10902#true} is VALID [2020-07-29 01:19:37,746 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {10902#true} {10902#true} #197#return; {10902#true} is VALID [2020-07-29 01:19:37,747 INFO L263 TraceCheckUtils]: 0: Hoare triple {10902#true} call ULTIMATE.init(); {10915#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:37,747 INFO L280 TraceCheckUtils]: 1: Hoare triple {10915#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {10902#true} is VALID [2020-07-29 01:19:37,747 INFO L280 TraceCheckUtils]: 2: Hoare triple {10902#true} assume true; {10902#true} is VALID [2020-07-29 01:19:37,748 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {10902#true} {10902#true} #197#return; {10902#true} is VALID [2020-07-29 01:19:37,748 INFO L263 TraceCheckUtils]: 4: Hoare triple {10902#true} call #t~ret17 := main(); {10902#true} is VALID [2020-07-29 01:19:37,750 INFO L280 TraceCheckUtils]: 5: Hoare triple {10902#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {10907#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:37,751 INFO L280 TraceCheckUtils]: 6: Hoare triple {10907#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,753 INFO L280 TraceCheckUtils]: 7: Hoare triple {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,754 INFO L280 TraceCheckUtils]: 8: Hoare triple {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,755 INFO L280 TraceCheckUtils]: 9: Hoare triple {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,756 INFO L280 TraceCheckUtils]: 10: Hoare triple {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} assume !(0 != #t~nondet1);havoc #t~nondet1; {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,758 INFO L280 TraceCheckUtils]: 11: Hoare triple {10909#(and (not (= main_~head~0.offset (+ main_~x~0.offset 4))) (= main_~head~0.offset (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:37,759 INFO L280 TraceCheckUtils]: 12: Hoare triple {10908#(and (= (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset) main_~head~0.offset) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {10910#(= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|))} is VALID [2020-07-29 01:19:37,760 INFO L280 TraceCheckUtils]: 13: Hoare triple {10910#(= 0 (select (select |#memory_$Pointer$.offset| |main_#t~mem5.base|) |main_#t~mem5.offset|))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} is VALID [2020-07-29 01:19:37,761 INFO L280 TraceCheckUtils]: 14: Hoare triple {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} is VALID [2020-07-29 01:19:37,761 INFO L280 TraceCheckUtils]: 15: Hoare triple {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} goto; {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} is VALID [2020-07-29 01:19:37,762 INFO L280 TraceCheckUtils]: 16: Hoare triple {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} is VALID [2020-07-29 01:19:37,763 INFO L280 TraceCheckUtils]: 17: Hoare triple {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} assume !!(0 != #t~mem6);havoc #t~mem6; {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} is VALID [2020-07-29 01:19:37,764 INFO L280 TraceCheckUtils]: 18: Hoare triple {10911#(= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset))} SUMMARY for call #t~mem7.base, #t~mem7.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-13 {10912#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) |main_#t~mem7.base|) (= |main_#t~mem7.offset| (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (= 0 |main_#t~mem7.offset|))} is VALID [2020-07-29 01:19:37,765 INFO L280 TraceCheckUtils]: 19: Hoare triple {10912#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) |main_#t~mem7.base|) (= |main_#t~mem7.offset| (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (= 0 |main_#t~mem7.offset|))} SUMMARY for call #t~mem8 := read~int(#t~mem7.base, 4 + #t~mem7.offset, 4); srcloc: L1021-1 {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} is VALID [2020-07-29 01:19:37,766 INFO L280 TraceCheckUtils]: 20: Hoare triple {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} #t~short12 := 0 != #t~mem8; {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} is VALID [2020-07-29 01:19:37,767 INFO L280 TraceCheckUtils]: 21: Hoare triple {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} assume #t~short12; {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} is VALID [2020-07-29 01:19:37,768 INFO L280 TraceCheckUtils]: 22: Hoare triple {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} SUMMARY for call #t~mem10 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1021-4 {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} is VALID [2020-07-29 01:19:37,769 INFO L280 TraceCheckUtils]: 23: Hoare triple {10913#(and (<= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (<= (+ (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 8) (select |#length| (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset))))} SUMMARY for call #t~mem9.base, #t~mem9.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L1021-5 {10914#(and (<= 0 |main_#t~mem9.offset|) (<= (+ |main_#t~mem9.offset| 8) (select |#length| |main_#t~mem9.base|)))} is VALID [2020-07-29 01:19:37,770 INFO L280 TraceCheckUtils]: 24: Hoare triple {10914#(and (<= 0 |main_#t~mem9.offset|) (<= (+ |main_#t~mem9.offset| 8) (select |#length| |main_#t~mem9.base|)))} assume !(4 + (4 + #t~mem9.offset) <= #length[#t~mem9.base] && 0 <= 4 + #t~mem9.offset); {10903#false} is VALID [2020-07-29 01:19:37,773 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:37,773 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [307264549] [2020-07-29 01:19:37,773 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:37,774 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2020-07-29 01:19:37,774 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1942078086] [2020-07-29 01:19:37,774 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 25 [2020-07-29 01:19:37,775 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:37,775 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states. [2020-07-29 01:19:37,809 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:37,809 INFO L459 AbstractCegarLoop]: Interpolant automaton has 11 states [2020-07-29 01:19:37,810 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:37,810 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2020-07-29 01:19:37,810 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2020-07-29 01:19:37,811 INFO L87 Difference]: Start difference. First operand 131 states and 157 transitions. Second operand 11 states. [2020-07-29 01:19:39,522 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:39,522 INFO L93 Difference]: Finished difference Result 151 states and 164 transitions. [2020-07-29 01:19:39,523 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2020-07-29 01:19:39,523 INFO L78 Accepts]: Start accepts. Automaton has 11 states. Word has length 25 [2020-07-29 01:19:39,523 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:39,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2020-07-29 01:19:39,528 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 146 transitions. [2020-07-29 01:19:39,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2020-07-29 01:19:39,530 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 146 transitions. [2020-07-29 01:19:39,530 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 146 transitions. [2020-07-29 01:19:39,749 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 146 edges. 146 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:39,751 INFO L225 Difference]: With dead ends: 151 [2020-07-29 01:19:39,751 INFO L226 Difference]: Without dead ends: 151 [2020-07-29 01:19:39,752 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 3 SyntacticMatches, 1 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 40 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=91, Invalid=251, Unknown=0, NotChecked=0, Total=342 [2020-07-29 01:19:39,752 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 151 states. [2020-07-29 01:19:39,754 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 151 to 131. [2020-07-29 01:19:39,755 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:39,755 INFO L82 GeneralOperation]: Start isEquivalent. First operand 151 states. Second operand 131 states. [2020-07-29 01:19:39,755 INFO L74 IsIncluded]: Start isIncluded. First operand 151 states. Second operand 131 states. [2020-07-29 01:19:39,755 INFO L87 Difference]: Start difference. First operand 151 states. Second operand 131 states. [2020-07-29 01:19:39,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:39,758 INFO L93 Difference]: Finished difference Result 151 states and 164 transitions. [2020-07-29 01:19:39,758 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 164 transitions. [2020-07-29 01:19:39,759 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:39,759 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:39,759 INFO L74 IsIncluded]: Start isIncluded. First operand 131 states. Second operand 151 states. [2020-07-29 01:19:39,759 INFO L87 Difference]: Start difference. First operand 131 states. Second operand 151 states. [2020-07-29 01:19:39,762 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:39,762 INFO L93 Difference]: Finished difference Result 151 states and 164 transitions. [2020-07-29 01:19:39,763 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 164 transitions. [2020-07-29 01:19:39,763 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:39,763 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:39,764 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:39,764 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:39,764 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 131 states. [2020-07-29 01:19:39,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 156 transitions. [2020-07-29 01:19:39,766 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 156 transitions. Word has length 25 [2020-07-29 01:19:39,766 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:39,766 INFO L479 AbstractCegarLoop]: Abstraction has 131 states and 156 transitions. [2020-07-29 01:19:39,767 INFO L480 AbstractCegarLoop]: Interpolant automaton has 11 states. [2020-07-29 01:19:39,767 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 156 transitions. [2020-07-29 01:19:39,767 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2020-07-29 01:19:39,767 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:39,768 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:39,768 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2020-07-29 01:19:39,768 INFO L427 AbstractCegarLoop]: === Iteration 22 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:39,768 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:39,769 INFO L82 PathProgramCache]: Analyzing trace with hash 2111088500, now seen corresponding path program 1 times [2020-07-29 01:19:39,769 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:39,769 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1730694734] [2020-07-29 01:19:39,769 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:39,781 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:40,008 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:40,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:40,021 INFO L280 TraceCheckUtils]: 0: Hoare triple {11530#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {11518#true} is VALID [2020-07-29 01:19:40,021 INFO L280 TraceCheckUtils]: 1: Hoare triple {11518#true} assume true; {11518#true} is VALID [2020-07-29 01:19:40,021 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {11518#true} {11518#true} #197#return; {11518#true} is VALID [2020-07-29 01:19:40,023 INFO L263 TraceCheckUtils]: 0: Hoare triple {11518#true} call ULTIMATE.init(); {11530#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:40,023 INFO L280 TraceCheckUtils]: 1: Hoare triple {11530#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {11518#true} is VALID [2020-07-29 01:19:40,023 INFO L280 TraceCheckUtils]: 2: Hoare triple {11518#true} assume true; {11518#true} is VALID [2020-07-29 01:19:40,023 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {11518#true} {11518#true} #197#return; {11518#true} is VALID [2020-07-29 01:19:40,023 INFO L263 TraceCheckUtils]: 4: Hoare triple {11518#true} call #t~ret17 := main(); {11518#true} is VALID [2020-07-29 01:19:40,025 INFO L280 TraceCheckUtils]: 5: Hoare triple {11518#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {11523#(= 0 main_~head~0.offset)} is VALID [2020-07-29 01:19:40,026 INFO L280 TraceCheckUtils]: 6: Hoare triple {11523#(= 0 main_~head~0.offset)} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {11524#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:40,028 INFO L280 TraceCheckUtils]: 7: Hoare triple {11524#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {11524#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} is VALID [2020-07-29 01:19:40,030 INFO L280 TraceCheckUtils]: 8: Hoare triple {11524#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:40,036 INFO L280 TraceCheckUtils]: 9: Hoare triple {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:40,038 INFO L280 TraceCheckUtils]: 10: Hoare triple {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} assume !(0 != #t~nondet1);havoc #t~nondet1; {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} is VALID [2020-07-29 01:19:40,040 INFO L280 TraceCheckUtils]: 11: Hoare triple {11525#(and (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~head~0.offset) main_~x~0.base) (= 1 main_~state~0) (= main_~x~0.offset main_~head~0.offset) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~head~0.offset)) (= main_~head~0.base main_~x~0.base) (= 0 main_~head~0.offset))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {11526#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= 1 (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) (+ main_~head~0.offset 4))))} is VALID [2020-07-29 01:19:40,042 INFO L280 TraceCheckUtils]: 12: Hoare triple {11526#(and (= 0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset)) (= 0 main_~head~0.offset) (= 1 (select (select |#memory_int| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) (+ main_~head~0.offset 4))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {11527#(and (= 0 |main_#t~mem5.offset|) (= 1 (select (select |#memory_int| |main_#t~mem5.base|) 4)))} is VALID [2020-07-29 01:19:40,043 INFO L280 TraceCheckUtils]: 13: Hoare triple {11527#(and (= 0 |main_#t~mem5.offset|) (= 1 (select (select |#memory_int| |main_#t~mem5.base|) 4)))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} is VALID [2020-07-29 01:19:40,044 INFO L280 TraceCheckUtils]: 14: Hoare triple {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} is VALID [2020-07-29 01:19:40,045 INFO L280 TraceCheckUtils]: 15: Hoare triple {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} goto; {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} is VALID [2020-07-29 01:19:40,046 INFO L280 TraceCheckUtils]: 16: Hoare triple {11528#(and (= main_~x~0.offset 0) (= (select (select |#memory_int| main_~x~0.base) (+ main_~x~0.offset 4)) 1))} SUMMARY for call #t~mem6 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1019-2 {11529#(= 1 |main_#t~mem6|)} is VALID [2020-07-29 01:19:40,046 INFO L280 TraceCheckUtils]: 17: Hoare triple {11529#(= 1 |main_#t~mem6|)} assume !(0 != #t~mem6);havoc #t~mem6; {11519#false} is VALID [2020-07-29 01:19:40,047 INFO L280 TraceCheckUtils]: 18: Hoare triple {11519#false} SUMMARY for call #t~mem14.base, #t~mem14.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1019-3 {11519#false} is VALID [2020-07-29 01:19:40,047 INFO L280 TraceCheckUtils]: 19: Hoare triple {11519#false} ~x~0.base, ~x~0.offset := #t~mem14.base, #t~mem14.offset;havoc #t~mem14.base, #t~mem14.offset; {11519#false} is VALID [2020-07-29 01:19:40,047 INFO L280 TraceCheckUtils]: 20: Hoare triple {11519#false} SUMMARY for call #t~mem15 := read~int(~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1027-3 {11519#false} is VALID [2020-07-29 01:19:40,047 INFO L280 TraceCheckUtils]: 21: Hoare triple {11519#false} assume !(0 != #t~mem15);havoc #t~mem15; {11519#false} is VALID [2020-07-29 01:19:40,047 INFO L280 TraceCheckUtils]: 22: Hoare triple {11519#false} assume 0 == ~x~0.offset; {11519#false} is VALID [2020-07-29 01:19:40,048 INFO L280 TraceCheckUtils]: 23: Hoare triple {11519#false} assume ~x~0.base < #StackHeapBarrier; {11519#false} is VALID [2020-07-29 01:19:40,048 INFO L280 TraceCheckUtils]: 24: Hoare triple {11519#false} assume 0 == ~x~0.base || 1 == #valid[~x~0.base];call ULTIMATE.dealloc(~x~0.base, ~x~0.offset);#res := 0; {11519#false} is VALID [2020-07-29 01:19:40,049 INFO L280 TraceCheckUtils]: 25: Hoare triple {11519#false} assume !(#valid == old(#valid)); {11519#false} is VALID [2020-07-29 01:19:40,050 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:40,051 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1730694734] [2020-07-29 01:19:40,051 INFO L220 FreeRefinementEngine]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2020-07-29 01:19:40,051 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2020-07-29 01:19:40,051 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1640894785] [2020-07-29 01:19:40,052 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 26 [2020-07-29 01:19:40,052 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:40,052 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2020-07-29 01:19:40,092 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:40,093 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2020-07-29 01:19:40,093 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:40,093 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2020-07-29 01:19:40,093 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2020-07-29 01:19:40,094 INFO L87 Difference]: Start difference. First operand 131 states and 156 transitions. Second operand 10 states. [2020-07-29 01:19:41,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:41,534 INFO L93 Difference]: Finished difference Result 149 states and 161 transitions. [2020-07-29 01:19:41,534 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2020-07-29 01:19:41,534 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 26 [2020-07-29 01:19:41,535 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:41,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:19:41,537 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 143 transitions. [2020-07-29 01:19:41,537 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2020-07-29 01:19:41,538 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 143 transitions. [2020-07-29 01:19:41,538 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 143 transitions. [2020-07-29 01:19:41,758 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 143 edges. 143 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:41,761 INFO L225 Difference]: With dead ends: 149 [2020-07-29 01:19:41,762 INFO L226 Difference]: Without dead ends: 149 [2020-07-29 01:19:41,762 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=62, Invalid=148, Unknown=0, NotChecked=0, Total=210 [2020-07-29 01:19:41,763 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2020-07-29 01:19:41,766 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 131. [2020-07-29 01:19:41,767 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:41,767 INFO L82 GeneralOperation]: Start isEquivalent. First operand 149 states. Second operand 131 states. [2020-07-29 01:19:41,767 INFO L74 IsIncluded]: Start isIncluded. First operand 149 states. Second operand 131 states. [2020-07-29 01:19:41,767 INFO L87 Difference]: Start difference. First operand 149 states. Second operand 131 states. [2020-07-29 01:19:41,770 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:41,770 INFO L93 Difference]: Finished difference Result 149 states and 161 transitions. [2020-07-29 01:19:41,770 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 161 transitions. [2020-07-29 01:19:41,771 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:41,771 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:41,771 INFO L74 IsIncluded]: Start isIncluded. First operand 131 states. Second operand 149 states. [2020-07-29 01:19:41,772 INFO L87 Difference]: Start difference. First operand 131 states. Second operand 149 states. [2020-07-29 01:19:41,774 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:41,774 INFO L93 Difference]: Finished difference Result 149 states and 161 transitions. [2020-07-29 01:19:41,775 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 161 transitions. [2020-07-29 01:19:41,775 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:41,775 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:41,776 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:41,776 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:41,776 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 131 states. [2020-07-29 01:19:41,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 155 transitions. [2020-07-29 01:19:41,778 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 155 transitions. Word has length 26 [2020-07-29 01:19:41,779 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:41,779 INFO L479 AbstractCegarLoop]: Abstraction has 131 states and 155 transitions. [2020-07-29 01:19:41,779 INFO L480 AbstractCegarLoop]: Interpolant automaton has 10 states. [2020-07-29 01:19:41,779 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 155 transitions. [2020-07-29 01:19:41,780 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2020-07-29 01:19:41,780 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:41,780 INFO L422 BasicCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:41,780 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2020-07-29 01:19:41,780 INFO L427 AbstractCegarLoop]: === Iteration 23 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:41,781 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:41,781 INFO L82 PathProgramCache]: Analyzing trace with hash 1023526327, now seen corresponding path program 1 times [2020-07-29 01:19:41,781 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:41,782 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2013706196] [2020-07-29 01:19:41,782 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:41,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:42,046 INFO L375 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2020-07-29 01:19:42,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:42,050 INFO L280 TraceCheckUtils]: 0: Hoare triple {12136#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {12121#true} is VALID [2020-07-29 01:19:42,050 INFO L280 TraceCheckUtils]: 1: Hoare triple {12121#true} assume true; {12121#true} is VALID [2020-07-29 01:19:42,050 INFO L275 TraceCheckUtils]: 2: Hoare quadruple {12121#true} {12121#true} #197#return; {12121#true} is VALID [2020-07-29 01:19:42,052 INFO L263 TraceCheckUtils]: 0: Hoare triple {12121#true} call ULTIMATE.init(); {12136#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} is VALID [2020-07-29 01:19:42,052 INFO L280 TraceCheckUtils]: 1: Hoare triple {12136#(and (= |#valid| |old(#valid)|) (= |#NULL.base| |old(#NULL.base)|) (= |#NULL.offset| |old(#NULL.offset)|))} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {12121#true} is VALID [2020-07-29 01:19:42,052 INFO L280 TraceCheckUtils]: 2: Hoare triple {12121#true} assume true; {12121#true} is VALID [2020-07-29 01:19:42,052 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {12121#true} {12121#true} #197#return; {12121#true} is VALID [2020-07-29 01:19:42,052 INFO L263 TraceCheckUtils]: 4: Hoare triple {12121#true} call #t~ret17 := main(); {12121#true} is VALID [2020-07-29 01:19:42,053 INFO L280 TraceCheckUtils]: 5: Hoare triple {12121#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {12121#true} is VALID [2020-07-29 01:19:42,054 INFO L280 TraceCheckUtils]: 6: Hoare triple {12121#true} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {12126#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:42,054 INFO L280 TraceCheckUtils]: 7: Hoare triple {12126#(= 1 (select |#valid| main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {12126#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:42,055 INFO L280 TraceCheckUtils]: 8: Hoare triple {12126#(= 1 (select |#valid| main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:42,056 INFO L280 TraceCheckUtils]: 9: Hoare triple {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:42,058 INFO L280 TraceCheckUtils]: 10: Hoare triple {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {12128#(and (= 0 |main_#t~malloc2.offset|) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:42,060 INFO L280 TraceCheckUtils]: 11: Hoare triple {12128#(and (= 0 |main_#t~malloc2.offset|) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base))} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {12129#(and (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (not (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base)))} is VALID [2020-07-29 01:19:42,062 INFO L280 TraceCheckUtils]: 12: Hoare triple {12129#(and (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base) (= 0 (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset)) (not (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~x~0.base)))} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {12130#(and (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem3.base|) (not (= |main_#t~mem3.base| main_~head~0.base)) (= 0 |main_#t~mem3.offset|))} is VALID [2020-07-29 01:19:42,063 INFO L280 TraceCheckUtils]: 13: Hoare triple {12130#(and (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem3.base|) (not (= |main_#t~mem3.base| main_~head~0.base)) (= 0 |main_#t~mem3.offset|))} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:42,066 INFO L280 TraceCheckUtils]: 14: Hoare triple {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L998 {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:42,107 INFO L280 TraceCheckUtils]: 15: Hoare triple {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} assume -2147483648 <= #t~nondet4 && #t~nondet4 <= 2147483647; {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:42,113 INFO L280 TraceCheckUtils]: 16: Hoare triple {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} assume !(0 != #t~nondet4);havoc #t~nondet4; {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:42,116 INFO L280 TraceCheckUtils]: 17: Hoare triple {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1000-1 {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} is VALID [2020-07-29 01:19:42,118 INFO L280 TraceCheckUtils]: 18: Hoare triple {12131#(and (not (= main_~head~0.base main_~x~0.base)) (= (select (select (store |#memory_$Pointer$.base| main_~x~0.base (store (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset main_~head~0.base)) main_~head~0.base) main_~head~0.offset) main_~x~0.base) (= main_~x~0.offset 0))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} is VALID [2020-07-29 01:19:42,119 INFO L280 TraceCheckUtils]: 19: Hoare triple {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} goto; {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} is VALID [2020-07-29 01:19:42,120 INFO L280 TraceCheckUtils]: 20: Hoare triple {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} is VALID [2020-07-29 01:19:42,121 INFO L280 TraceCheckUtils]: 21: Hoare triple {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} assume !(0 != #t~nondet1);havoc #t~nondet1; {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} is VALID [2020-07-29 01:19:42,123 INFO L280 TraceCheckUtils]: 22: Hoare triple {12132#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= main_~head~0.base main_~x~0.base)))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {12133#(not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} is VALID [2020-07-29 01:19:42,124 INFO L280 TraceCheckUtils]: 23: Hoare triple {12133#(not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {12134#(not (= 0 |main_#t~mem5.base|))} is VALID [2020-07-29 01:19:42,125 INFO L280 TraceCheckUtils]: 24: Hoare triple {12134#(not (= 0 |main_#t~mem5.base|))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {12135#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:42,126 INFO L280 TraceCheckUtils]: 25: Hoare triple {12135#(not (= 0 main_~x~0.base))} assume !(0 != ~x~0.base || 0 != ~x~0.offset); {12122#false} is VALID [2020-07-29 01:19:42,126 INFO L280 TraceCheckUtils]: 26: Hoare triple {12122#false} assume !false; {12122#false} is VALID [2020-07-29 01:19:42,134 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:42,135 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2013706196] [2020-07-29 01:19:42,135 INFO L354 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [7246931] [2020-07-29 01:19:42,136 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true [2020-07-29 01:19:42,274 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:42,278 INFO L263 TraceCheckSpWp]: Trace formula consists of 142 conjuncts, 31 conjunts are in the unsatisfiable core [2020-07-29 01:19:42,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2020-07-29 01:19:42,300 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2020-07-29 01:19:42,418 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2020-07-29 01:19:42,419 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,428 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,428 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,428 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:6, output treesize:5 [2020-07-29 01:19:42,435 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:19:42,435 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_55|]. (= |#valid| (store |v_#valid_55| main_~head~0.base 1)) [2020-07-29 01:19:42,436 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (= 1 (select |#valid| main_~head~0.base)) [2020-07-29 01:19:42,514 INFO L350 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,516 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 15 [2020-07-29 01:19:42,517 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,527 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,528 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,528 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:20, output treesize:14 [2020-07-29 01:19:42,533 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:19:42,533 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#valid_56|]. (and (= 0 (select |v_#valid_56| |main_#t~malloc2.base|)) (= 1 (select |v_#valid_56| main_~head~0.base)) (<= |main_#t~malloc2.offset| 0) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base)) [2020-07-29 01:19:42,533 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (<= |main_#t~malloc2.offset| 0) (= main_~x~0.offset main_~head~0.offset) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~head~0.base main_~x~0.base)) [2020-07-29 01:19:42,631 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2020-07-29 01:19:42,631 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,645 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,654 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2020-07-29 01:19:42,654 INFO L544 ElimStorePlain]: Start of recursive call 3: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,667 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,670 INFO L544 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 2 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,670 INFO L244 ElimStorePlain]: Needed 3 recursive calls to eliminate 4 variables, input treesize:36, output treesize:22 [2020-07-29 01:19:42,676 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:19:42,677 WARN L407 uantifierElimination]: Input elimination task: ∃ [|v_#memory_$Pointer$.base_22|, |main_#t~malloc2.base|, |main_#t~malloc2.offset|, |v_#memory_$Pointer$.offset_22|]. (and (<= |main_#t~malloc2.offset| 0) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_22| main_~x~0.base (store (select |v_#memory_$Pointer$.base_22| main_~x~0.base) main_~x~0.offset |main_#t~malloc2.base|))) (= (store |v_#memory_$Pointer$.offset_22| main_~x~0.base (store (select |v_#memory_$Pointer$.offset_22| main_~x~0.base) main_~x~0.offset |main_#t~malloc2.offset|)) |#memory_$Pointer$.offset|)) [2020-07-29 01:19:42,677 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (and (<= (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 0) (= main_~x~0.offset main_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base)) (= main_~head~0.base main_~x~0.base)) [2020-07-29 01:19:42,734 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2020-07-29 01:19:42,748 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,758 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,758 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,758 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:30, output treesize:19 [2020-07-29 01:19:42,762 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:19:42,762 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.offset|]. (let ((.cse1 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) (.cse0 (select (select |#memory_$Pointer$.offset| main_~head~0.base) main_~head~0.offset))) (and (<= |main_#t~mem3.offset| .cse0) (not (= .cse1 main_~head~0.base)) (= .cse1 |main_#t~mem3.base|) (<= .cse0 0))) [2020-07-29 01:19:42,762 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (let ((.cse0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (and (not (= .cse0 main_~head~0.base)) (= .cse0 |main_#t~mem3.base|) (<= |main_#t~mem3.offset| 0))) [2020-07-29 01:19:42,897 INFO L350 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:42,898 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 46 [2020-07-29 01:19:42,899 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,923 INFO L624 ElimStorePlain]: treesize reduction 24, result has 51.0 percent of original size [2020-07-29 01:19:42,924 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:42,924 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:33, output treesize:25 [2020-07-29 01:19:42,995 INFO L190 IndexEqualityManager]: detected not equals via solver [2020-07-29 01:19:42,997 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 2 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 0 case distinctions, treesize of input 34 treesize of output 21 [2020-07-29 01:19:42,998 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:43,010 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:43,010 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:43,011 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 1 variables, input treesize:44, output treesize:25 [2020-07-29 01:19:43,172 INFO L190 IndexEqualityManager]: detected not equals via solver [2020-07-29 01:19:43,206 INFO L350 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:43,207 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 59 treesize of output 90 [2020-07-29 01:19:43,250 INFO L342 QuantifierPusher]: Applying distributivity to a CONJUNCTION[6, 3, 2, 1] term [2020-07-29 01:19:43,250 INFO L523 QuantifierPusher]: Distributing 2 conjuncts over 6 disjuncts [2020-07-29 01:19:43,253 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:43,281 INFO L624 ElimStorePlain]: treesize reduction 60, result has 36.2 percent of original size [2020-07-29 01:19:43,291 INFO L544 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-2 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2020-07-29 01:19:43,291 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:65, output treesize:34 [2020-07-29 01:19:43,423 INFO L350 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:43,423 INFO L384 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 35 treesize of output 30 [2020-07-29 01:19:43,424 INFO L544 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2020-07-29 01:19:43,433 INFO L624 ElimStorePlain]: treesize reduction 0, result has 100.0 percent of original size [2020-07-29 01:19:43,453 INFO L544 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-2 vars, End of recursive call: and 1 xjuncts. [2020-07-29 01:19:43,453 INFO L244 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:41, output treesize:4 [2020-07-29 01:19:43,456 WARN L406 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2020-07-29 01:19:43,456 WARN L407 uantifierElimination]: Input elimination task: ∃ [|#memory_$Pointer$.base|, main_~head~0.base, main_~head~0.offset, main_~x~0.offset]. (let ((.cse0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (and (= (select (select |#memory_$Pointer$.base| .cse0) main_~x~0.offset) main_~head~0.base) (not (= 0 .cse0)) (not (= .cse0 main_~head~0.base)) (<= main_~x~0.offset 0) (= .cse0 |main_#t~mem5.base|) (<= 0 main_~x~0.offset))) [2020-07-29 01:19:43,457 WARN L408 uantifierElimination]: ElimStorePlain result: ∃ []. (not (= 0 |main_#t~mem5.base|)) [2020-07-29 01:19:43,461 INFO L263 TraceCheckUtils]: 0: Hoare triple {12121#true} call ULTIMATE.init(); {12121#true} is VALID [2020-07-29 01:19:43,461 INFO L280 TraceCheckUtils]: 1: Hoare triple {12121#true} #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := 0];assume 0 < #StackHeapBarrier; {12121#true} is VALID [2020-07-29 01:19:43,461 INFO L280 TraceCheckUtils]: 2: Hoare triple {12121#true} assume true; {12121#true} is VALID [2020-07-29 01:19:43,462 INFO L275 TraceCheckUtils]: 3: Hoare quadruple {12121#true} {12121#true} #197#return; {12121#true} is VALID [2020-07-29 01:19:43,462 INFO L263 TraceCheckUtils]: 4: Hoare triple {12121#true} call #t~ret17 := main(); {12121#true} is VALID [2020-07-29 01:19:43,464 INFO L280 TraceCheckUtils]: 5: Hoare triple {12121#true} call #t~malloc0.base, #t~malloc0.offset := #Ultimate.allocOnHeap(8);~head~0.base, ~head~0.offset := #t~malloc0.base, #t~malloc0.offset; {12126#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:43,465 INFO L280 TraceCheckUtils]: 6: Hoare triple {12126#(= 1 (select |#valid| main_~head~0.base))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~head~0.base, ~head~0.offset, 4); srcloc: L986 {12126#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:43,465 INFO L280 TraceCheckUtils]: 7: Hoare triple {12126#(= 1 (select |#valid| main_~head~0.base))} SUMMARY for call write~int(0, ~head~0.base, 4 + ~head~0.offset, 4); srcloc: L986-1 {12126#(= 1 (select |#valid| main_~head~0.base))} is VALID [2020-07-29 01:19:43,466 INFO L280 TraceCheckUtils]: 8: Hoare triple {12126#(= 1 (select |#valid| main_~head~0.base))} ~x~0.base, ~x~0.offset := ~head~0.base, ~head~0.offset;~state~0 := 1; {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:43,467 INFO L280 TraceCheckUtils]: 9: Hoare triple {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:43,469 INFO L280 TraceCheckUtils]: 10: Hoare triple {12127#(and (= main_~x~0.offset main_~head~0.offset) (= 1 (select |#valid| main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} assume !!(0 != #t~nondet1);havoc #t~nondet1;call #t~malloc2.base, #t~malloc2.offset := #Ultimate.allocOnHeap(8); {12170#(and (<= |main_#t~malloc2.offset| 0) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:43,470 INFO L280 TraceCheckUtils]: 11: Hoare triple {12170#(and (<= |main_#t~malloc2.offset| 0) (not (= |main_#t~malloc2.base| main_~head~0.base)) (= main_~x~0.offset main_~head~0.offset) (= main_~head~0.base main_~x~0.base))} SUMMARY for call write~$Pointer$(#t~malloc2.base, #t~malloc2.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L996 {12174#(and (<= (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 0) (= main_~x~0.offset main_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} is VALID [2020-07-29 01:19:43,472 INFO L280 TraceCheckUtils]: 12: Hoare triple {12174#(and (<= (select (select |#memory_$Pointer$.offset| main_~x~0.base) main_~x~0.offset) 0) (= main_~x~0.offset main_~head~0.offset) (not (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base)) (= main_~head~0.base main_~x~0.base))} SUMMARY for call #t~mem3.base, #t~mem3.offset := read~$Pointer$(~x~0.base, ~x~0.offset, 4); srcloc: L996-1 {12178#(and (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem3.base|) (<= |main_#t~mem3.offset| 0))} is VALID [2020-07-29 01:19:43,473 INFO L280 TraceCheckUtils]: 13: Hoare triple {12178#(and (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) |main_#t~mem3.base|) (<= |main_#t~mem3.offset| 0))} ~x~0.base, ~x~0.offset := #t~mem3.base, #t~mem3.offset;havoc #t~mem3.base, #t~mem3.offset; {12182#(and (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:43,475 INFO L280 TraceCheckUtils]: 14: Hoare triple {12182#(and (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} SUMMARY for call write~$Pointer$(~head~0.base, ~head~0.offset, ~x~0.base, ~x~0.offset, 4); srcloc: L998 {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:43,476 INFO L280 TraceCheckUtils]: 15: Hoare triple {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} assume -2147483648 <= #t~nondet4 && #t~nondet4 <= 2147483647; {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:43,477 INFO L280 TraceCheckUtils]: 16: Hoare triple {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} assume !(0 != #t~nondet4);havoc #t~nondet4; {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:43,479 INFO L280 TraceCheckUtils]: 17: Hoare triple {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L1000-1 {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} is VALID [2020-07-29 01:19:43,485 INFO L280 TraceCheckUtils]: 18: Hoare triple {12186#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base))} assume !!(0 != ~x~0.base || 0 != ~x~0.offset); {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} is VALID [2020-07-29 01:19:43,486 INFO L280 TraceCheckUtils]: 19: Hoare triple {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} goto; {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} is VALID [2020-07-29 01:19:43,487 INFO L280 TraceCheckUtils]: 20: Hoare triple {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} assume -2147483648 <= #t~nondet1 && #t~nondet1 <= 2147483647; {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} is VALID [2020-07-29 01:19:43,488 INFO L280 TraceCheckUtils]: 21: Hoare triple {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} assume !(0 != #t~nondet1);havoc #t~nondet1; {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} is VALID [2020-07-29 01:19:43,491 INFO L280 TraceCheckUtils]: 22: Hoare triple {12199#(and (not (= main_~head~0.base main_~x~0.base)) (<= main_~x~0.offset 0) (= (select (select |#memory_$Pointer$.base| main_~x~0.base) main_~x~0.offset) main_~head~0.base) (<= 0 main_~x~0.offset) (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~x~0.base) (not (= 0 main_~x~0.base)))} SUMMARY for call write~int(~state~0, ~x~0.base, 4 + ~x~0.offset, 4); srcloc: L993-3 {12212#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (exists ((main_~x~0.offset Int)) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) main_~x~0.offset) main_~head~0.base) (<= main_~x~0.offset 0) (<= 0 main_~x~0.offset))))} is VALID [2020-07-29 01:19:43,492 INFO L280 TraceCheckUtils]: 23: Hoare triple {12212#(and (not (= 0 (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset))) (not (= (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset) main_~head~0.base)) (exists ((main_~x~0.offset Int)) (and (= (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| main_~head~0.base) main_~head~0.offset)) main_~x~0.offset) main_~head~0.base) (<= main_~x~0.offset 0) (<= 0 main_~x~0.offset))))} SUMMARY for call #t~mem5.base, #t~mem5.offset := read~$Pointer$(~head~0.base, ~head~0.offset, 4); srcloc: L1014 {12134#(not (= 0 |main_#t~mem5.base|))} is VALID [2020-07-29 01:19:43,493 INFO L280 TraceCheckUtils]: 24: Hoare triple {12134#(not (= 0 |main_#t~mem5.base|))} ~x~0.base, ~x~0.offset := #t~mem5.base, #t~mem5.offset;havoc #t~mem5.base, #t~mem5.offset; {12135#(not (= 0 main_~x~0.base))} is VALID [2020-07-29 01:19:43,493 INFO L280 TraceCheckUtils]: 25: Hoare triple {12135#(not (= 0 main_~x~0.base))} assume !(0 != ~x~0.base || 0 != ~x~0.offset); {12122#false} is VALID [2020-07-29 01:19:43,493 INFO L280 TraceCheckUtils]: 26: Hoare triple {12122#false} assume !false; {12122#false} is VALID [2020-07-29 01:19:43,499 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2020-07-29 01:19:43,499 INFO L220 FreeRefinementEngine]: Constructing automaton from 0 perfect and 2 imperfect interpolant sequences. [2020-07-29 01:19:43,499 INFO L233 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13] total 20 [2020-07-29 01:19:43,500 INFO L156 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1022204252] [2020-07-29 01:19:43,501 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 27 [2020-07-29 01:19:43,502 INFO L84 Accepts]: Finished accepts. word is accepted. [2020-07-29 01:19:43,502 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 20 states. [2020-07-29 01:19:43,564 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 45 edges. 45 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:43,564 INFO L459 AbstractCegarLoop]: Interpolant automaton has 20 states [2020-07-29 01:19:43,564 INFO L143 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2020-07-29 01:19:43,564 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2020-07-29 01:19:43,565 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=53, Invalid=327, Unknown=0, NotChecked=0, Total=380 [2020-07-29 01:19:43,565 INFO L87 Difference]: Start difference. First operand 131 states and 155 transitions. Second operand 20 states. [2020-07-29 01:19:47,561 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:47,561 INFO L93 Difference]: Finished difference Result 232 states and 263 transitions. [2020-07-29 01:19:47,562 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2020-07-29 01:19:47,562 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 27 [2020-07-29 01:19:47,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2020-07-29 01:19:47,563 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2020-07-29 01:19:47,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 188 transitions. [2020-07-29 01:19:47,567 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20 states. [2020-07-29 01:19:47,569 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 188 transitions. [2020-07-29 01:19:47,569 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states and 188 transitions. [2020-07-29 01:19:47,862 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 188 edges. 188 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2020-07-29 01:19:47,867 INFO L225 Difference]: With dead ends: 232 [2020-07-29 01:19:47,867 INFO L226 Difference]: Without dead ends: 232 [2020-07-29 01:19:47,869 INFO L675 BasicCegarLoop]: 0 DeclaredPredicates, 55 GetRequests, 22 SyntacticMatches, 2 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 145 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=179, Invalid=877, Unknown=0, NotChecked=0, Total=1056 [2020-07-29 01:19:47,870 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2020-07-29 01:19:47,876 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 152. [2020-07-29 01:19:47,879 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2020-07-29 01:19:47,879 INFO L82 GeneralOperation]: Start isEquivalent. First operand 232 states. Second operand 152 states. [2020-07-29 01:19:47,880 INFO L74 IsIncluded]: Start isIncluded. First operand 232 states. Second operand 152 states. [2020-07-29 01:19:47,880 INFO L87 Difference]: Start difference. First operand 232 states. Second operand 152 states. [2020-07-29 01:19:47,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:47,885 INFO L93 Difference]: Finished difference Result 232 states and 263 transitions. [2020-07-29 01:19:47,885 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 263 transitions. [2020-07-29 01:19:47,886 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:47,886 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:47,886 INFO L74 IsIncluded]: Start isIncluded. First operand 152 states. Second operand 232 states. [2020-07-29 01:19:47,887 INFO L87 Difference]: Start difference. First operand 152 states. Second operand 232 states. [2020-07-29 01:19:47,891 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2020-07-29 01:19:47,891 INFO L93 Difference]: Finished difference Result 232 states and 263 transitions. [2020-07-29 01:19:47,892 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 263 transitions. [2020-07-29 01:19:47,892 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2020-07-29 01:19:47,892 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2020-07-29 01:19:47,893 INFO L88 GeneralOperation]: Finished isEquivalent. [2020-07-29 01:19:47,893 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2020-07-29 01:19:47,893 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 152 states. [2020-07-29 01:19:47,895 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 179 transitions. [2020-07-29 01:19:47,896 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 179 transitions. Word has length 27 [2020-07-29 01:19:47,896 INFO L84 Accepts]: Finished accepts. word is rejected. [2020-07-29 01:19:47,896 INFO L479 AbstractCegarLoop]: Abstraction has 152 states and 179 transitions. [2020-07-29 01:19:47,896 INFO L480 AbstractCegarLoop]: Interpolant automaton has 20 states. [2020-07-29 01:19:47,896 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 179 transitions. [2020-07-29 01:19:47,897 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2020-07-29 01:19:47,897 INFO L414 BasicCegarLoop]: Found error trace [2020-07-29 01:19:47,897 INFO L422 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2020-07-29 01:19:48,112 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable22 [2020-07-29 01:19:48,112 INFO L427 AbstractCegarLoop]: === Iteration 24 === [mainErr8REQUIRES_VIOLATION, mainErr29REQUIRES_VIOLATION, mainErr9REQUIRES_VIOLATION, mainErr31REQUIRES_VIOLATION, mainErr42ASSERT_VIOLATIONMEMORY_FREE, mainErr5REQUIRES_VIOLATION, mainErr27REQUIRES_VIOLATION, mainErr26REQUIRES_VIOLATION, mainErr45ENSURES_VIOLATIONMEMORY_LEAK, mainErr28REQUIRES_VIOLATION, mainErr6REQUIRES_VIOLATION, mainErr7REQUIRES_VIOLATION, mainErr17ASSERT_VIOLATIONMEMORY_LEAK, mainErr24REQUIRES_VIOLATION, mainErr2REQUIRES_VIOLATION, mainErr3REQUIRES_VIOLATION, mainErr40ASSERT_VIOLATIONMEMORY_FREE, mainErr4REQUIRES_VIOLATION, mainErr25REQUIRES_VIOLATION, mainErr30ASSERT_VIOLATIONMEMORY_LEAK, mainErr0REQUIRES_VIOLATION, mainErr21REQUIRES_VIOLATION, mainErr1REQUIRES_VIOLATION, mainErr44ASSERT_VIOLATIONMEMORY_FREE, mainErr23REQUIRES_VIOLATION, mainErr22REQUIRES_VIOLATION, mainErr19REQUIRES_VIOLATION, mainErr18REQUIRES_VIOLATION, mainErr43ASSERT_VIOLATIONMEMORY_FREE, mainErr20REQUIRES_VIOLATION, mainErr16REQUIRES_VIOLATION, mainErr37REQUIRES_VIOLATION, mainErr38REQUIRES_VIOLATION, mainErr35REQUIRES_VIOLATION, mainErr39ASSERT_VIOLATIONMEMORY_FREE, mainErr13REQUIRES_VIOLATION, mainErr34REQUIRES_VIOLATION, mainErr15REQUIRES_VIOLATION, mainErr36REQUIRES_VIOLATION, mainErr14REQUIRES_VIOLATION, mainErr41ASSERT_VIOLATIONMEMORY_FREE, mainErr32REQUIRES_VIOLATION, mainErr10REQUIRES_VIOLATION, mainErr11REQUIRES_VIOLATION, mainErr12ASSERT_VIOLATIONMEMORY_LEAK, mainErr33REQUIRES_VIOLATION]=== [2020-07-29 01:19:48,113 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2020-07-29 01:19:48,113 INFO L82 PathProgramCache]: Analyzing trace with hash -550852041, now seen corresponding path program 1 times [2020-07-29 01:19:48,113 INFO L163 FreeRefinementEngine]: Executing refinement strategy CAMEL [2020-07-29 01:19:48,114 INFO L354 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [735277218] [2020-07-29 01:19:48,114 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2020-07-29 01:19:48,136 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:19:48,137 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:19:48,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2020-07-29 01:19:48,155 INFO L221 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2020-07-29 01:19:48,190 INFO L174 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2020-07-29 01:19:48,191 INFO L520 BasicCegarLoop]: Counterexample might be feasible [2020-07-29 01:19:48,191 WARN L516 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable23 [2020-07-29 01:19:48,232 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 29.07 01:19:48 BoogieIcfgContainer [2020-07-29 01:19:48,232 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2020-07-29 01:19:48,233 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2020-07-29 01:19:48,233 INFO L271 PluginConnector]: Initializing Witness Printer... [2020-07-29 01:19:48,233 INFO L275 PluginConnector]: Witness Printer initialized [2020-07-29 01:19:48,234 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 29.07 01:19:05" (3/4) ... [2020-07-29 01:19:48,237 INFO L131 WitnessPrinter]: Generating witness for reachability counterexample [2020-07-29 01:19:48,300 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2020-07-29 01:19:48,300 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2020-07-29 01:19:48,303 INFO L168 Benchmark]: Toolchain (without parser) took 44490.91 ms. Allocated memory was 1.0 GB in the beginning and 1.6 GB in the end (delta: 565.7 MB). Free memory was 956.2 MB in the beginning and 1.5 GB in the end (delta: -512.5 MB). Peak memory consumption was 53.3 MB. Max. memory is 11.5 GB. [2020-07-29 01:19:48,303 INFO L168 Benchmark]: CDTParser took 0.53 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:19:48,304 INFO L168 Benchmark]: CACSL2BoogieTranslator took 571.79 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 140.0 MB). Free memory was 950.8 MB in the beginning and 1.1 GB in the end (delta: -171.6 MB). Peak memory consumption was 20.9 MB. Max. memory is 11.5 GB. [2020-07-29 01:19:48,304 INFO L168 Benchmark]: Boogie Preprocessor took 79.28 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 13.4 MB). Peak memory consumption was 13.4 MB. Max. memory is 11.5 GB. [2020-07-29 01:19:48,305 INFO L168 Benchmark]: RCFGBuilder took 972.09 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 78.2 MB). Peak memory consumption was 78.2 MB. Max. memory is 11.5 GB. [2020-07-29 01:19:48,305 INFO L168 Benchmark]: TraceAbstraction took 42792.28 ms. Allocated memory was 1.2 GB in the beginning and 1.6 GB in the end (delta: 425.7 MB). Free memory was 1.0 GB in the beginning and 1.5 GB in the end (delta: -452.5 MB). There was no memory consumed. Max. memory is 11.5 GB. [2020-07-29 01:19:48,306 INFO L168 Benchmark]: Witness Printer took 67.65 ms. Allocated memory is still 1.6 GB. Free memory was 1.5 GB in the beginning and 1.5 GB in the end (delta: 14.6 MB). Peak memory consumption was 14.6 MB. Max. memory is 11.5 GB. [2020-07-29 01:19:48,308 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.53 ms. Allocated memory is still 1.0 GB. Free memory is still 981.7 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 571.79 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 140.0 MB). Free memory was 950.8 MB in the beginning and 1.1 GB in the end (delta: -171.6 MB). Peak memory consumption was 20.9 MB. Max. memory is 11.5 GB. * Boogie Preprocessor took 79.28 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 13.4 MB). Peak memory consumption was 13.4 MB. Max. memory is 11.5 GB. * RCFGBuilder took 972.09 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.0 GB in the end (delta: 78.2 MB). Peak memory consumption was 78.2 MB. Max. memory is 11.5 GB. * TraceAbstraction took 42792.28 ms. Allocated memory was 1.2 GB in the beginning and 1.6 GB in the end (delta: 425.7 MB). Free memory was 1.0 GB in the beginning and 1.5 GB in the end (delta: -452.5 MB). There was no memory consumed. Max. memory is 11.5 GB. * Witness Printer took 67.65 ms. Allocated memory is still 1.6 GB. Free memory was 1.5 GB in the beginning and 1.5 GB in the end (delta: 14.6 MB). Peak memory consumption was 14.6 MB. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - CounterExampleResult [Line: 1021]: not all allocated memory was freed not all allocated memory was freed We found a FailurePath: [L985] SLL* head = malloc(sizeof(SLL)); VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}] [L986] head->next = head VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}] [L987] head->data = 0 VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}] [L989] SLL* x = head; [L990] int state = 1; VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}] [L993] COND FALSE !(__VERIFIER_nondet_int()) [L1014] x->data = state VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}] [L1016] EXPR head->next VAL [head={-1:0}, head->next={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}] [L1016] x = head->next [L1017] COND FALSE !(!(((void*)0) != x)) VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}] [L1019] EXPR x->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->data=1] [L1019] COND TRUE x->data != 0 [L1021] EXPR x->next VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->next={-1:0}] [L1021] EXPR x->next->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->next={-1:0}, x->next->data=1] [L1021] EXPR x->next->data != 0 && x->data > x->next->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->next={-1:0}, x->next->data=1, x->next->data != 0 && x->data > x->next->data=1] [L1021] EXPR x->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->data=1, x->next={-1:0}, x->next->data=1, x->next->data != 0 && x->data > x->next->data=1] [L1021] EXPR x->next VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->data=1, x->next={-1:0}, x->next={-1:0}, x->next->data=1, x->next->data != 0 && x->data > x->next->data=1] [L1021] EXPR x->next->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->data=1, x->next={-1:0}, x->next={-1:0}, x->next->data=1, x->next->data=1, x->next->data != 0 && x->data > x->next->data=1] [L1021] EXPR x->next->data != 0 && x->data > x->next->data VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}, x->data=1, x->next={-1:0}, x->next={-1:0}, x->next->data=1, x->next->data=1, x->next->data != 0 && x->data > x->next->data=0] [L1021] COND TRUE !(x->next->data != 0 && x->data > x->next->data) [L1021] __VERIFIER_error() VAL [head={-1:0}, malloc(sizeof(SLL))={-1:0}, state=1, x={-1:0}] - StatisticsResult: Ultimate Automizer benchmark data CFG has 3 procedures, 106 locations, 46 error locations. Started 1 CEGAR loops. VerificationResult: UNSAFE, OverallTime: 42.6s, OverallIterations: 24, TraceHistogramMax: 2, AutomataDifference: 34.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 1551 SDtfs, 4033 SDslu, 5076 SDs, 0 SdLazy, 7285 SolverSat, 347 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 9.4s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 353 GetRequests, 87 SyntacticMatches, 5 SemanticMatches, 261 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 474 ImplicationChecksByTransitivity, 5.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=152occurred in iteration=23, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 23 MinimizatonAttempts, 837 StatesRemovedByMinimization, 23 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 5.9s InterpolantComputationTime, 498 NumberOfCodeBlocks, 498 NumberOfCodeBlocksAsserted, 25 NumberOfCheckSat, 446 ConstructedInterpolants, 1 QuantifiedInterpolants, 83470 SizeOfPredicates, 13 NumberOfNonLiveVariables, 142 ConjunctsInSsa, 31 ConjunctsInUnsatCore, 24 InterpolantComputations, 22 PerfectInterpolantSequences, 0/4 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate proved your program to be incorrect! Received shutdown request...