./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 5fbdf5bf Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 098cac8041f427989b0fcb649de06793770da06a ..................................................................................................................................... Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 098cac8041f427989b0fcb649de06793770da06a .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Execution finished normally Writing output log to file Ultimate.log Result: UNKNOWN --- Real Ultimate output --- This is Ultimate 0.2.1-wip.dd.seqcomp-5fbdf5b [2021-09-13 23:47:44,259 INFO L177 SettingsManager]: Resetting all preferences to default values... [2021-09-13 23:47:44,262 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2021-09-13 23:47:44,292 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2021-09-13 23:47:44,292 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2021-09-13 23:47:44,295 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2021-09-13 23:47:44,296 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2021-09-13 23:47:44,300 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2021-09-13 23:47:44,301 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2021-09-13 23:47:44,305 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2021-09-13 23:47:44,306 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2021-09-13 23:47:44,309 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2021-09-13 23:47:44,309 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2021-09-13 23:47:44,311 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2021-09-13 23:47:44,312 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2021-09-13 23:47:44,314 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2021-09-13 23:47:44,315 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2021-09-13 23:47:44,316 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2021-09-13 23:47:44,317 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2021-09-13 23:47:44,322 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2021-09-13 23:47:44,323 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2021-09-13 23:47:44,323 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2021-09-13 23:47:44,325 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2021-09-13 23:47:44,326 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2021-09-13 23:47:44,330 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2021-09-13 23:47:44,331 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2021-09-13 23:47:44,331 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2021-09-13 23:47:44,332 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2021-09-13 23:47:44,332 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2021-09-13 23:47:44,333 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2021-09-13 23:47:44,333 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2021-09-13 23:47:44,333 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2021-09-13 23:47:44,335 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2021-09-13 23:47:44,335 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2021-09-13 23:47:44,336 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2021-09-13 23:47:44,336 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2021-09-13 23:47:44,337 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2021-09-13 23:47:44,337 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2021-09-13 23:47:44,337 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2021-09-13 23:47:44,338 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2021-09-13 23:47:44,339 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2021-09-13 23:47:44,339 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2021-09-13 23:47:44,366 INFO L113 SettingsManager]: Loading preferences was successful [2021-09-13 23:47:44,367 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2021-09-13 23:47:44,368 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2021-09-13 23:47:44,368 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2021-09-13 23:47:44,369 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2021-09-13 23:47:44,369 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2021-09-13 23:47:44,369 INFO L138 SettingsManager]: * Use SBE=true [2021-09-13 23:47:44,370 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * sizeof long=4 [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * sizeof POINTER=4 [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2021-09-13 23:47:44,370 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * sizeof long double=12 [2021-09-13 23:47:44,371 INFO L138 SettingsManager]: * Use constant arrays=true [2021-09-13 23:47:44,371 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2021-09-13 23:47:44,372 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2021-09-13 23:47:44,372 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2021-09-13 23:47:44,386 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-09-13 23:47:44,386 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2021-09-13 23:47:44,386 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2021-09-13 23:47:44,386 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2021-09-13 23:47:44,386 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2021-09-13 23:47:44,386 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2021-09-13 23:47:44,387 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 098cac8041f427989b0fcb649de06793770da06a [2021-09-13 23:47:44,620 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2021-09-13 23:47:44,638 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2021-09-13 23:47:44,639 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2021-09-13 23:47:44,641 INFO L271 PluginConnector]: Initializing CDTParser... [2021-09-13 23:47:44,641 INFO L275 PluginConnector]: CDTParser initialized [2021-09-13 23:47:44,642 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i [2021-09-13 23:47:44,693 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2837a3baf/fc502e5d2df74a8da5fe9376b48ac586/FLAG4d6e68450 [2021-09-13 23:47:45,046 INFO L306 CDTParser]: Found 1 translation units. [2021-09-13 23:47:45,047 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i [2021-09-13 23:47:45,062 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2837a3baf/fc502e5d2df74a8da5fe9376b48ac586/FLAG4d6e68450 [2021-09-13 23:47:45,438 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2837a3baf/fc502e5d2df74a8da5fe9376b48ac586 [2021-09-13 23:47:45,440 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2021-09-13 23:47:45,441 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2021-09-13 23:47:45,444 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2021-09-13 23:47:45,444 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2021-09-13 23:47:45,449 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2021-09-13 23:47:45,450 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.09 11:47:45" (1/1) ... [2021-09-13 23:47:45,451 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2755863e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:45, skipping insertion in model container [2021-09-13 23:47:45,451 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.09 11:47:45" (1/1) ... [2021-09-13 23:47:45,456 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2021-09-13 23:47:45,507 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-09-13 23:47:45,756 INFO L206 PostProcessor]: Analyzing one entry point: main [2021-09-13 23:47:45,767 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2021-09-13 23:47:45,768 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@50806d31 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:45, skipping insertion in model container [2021-09-13 23:47:45,768 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2021-09-13 23:47:45,768 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.preprocessor [2021-09-13 23:47:45,770 INFO L158 Benchmark]: Toolchain (without parser) took 328.03ms. Allocated memory is still 86.0MB. Free memory was 50.5MB in the beginning and 65.8MB in the end (delta: -15.2MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. [2021-09-13 23:47:45,770 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 86.0MB. Free memory was 68.5MB in the beginning and 68.4MB in the end (delta: 71.3kB). There was no memory consumed. Max. memory is 16.1GB. [2021-09-13 23:47:45,770 INFO L158 Benchmark]: CACSL2BoogieTranslator took 323.92ms. Allocated memory is still 86.0MB. Free memory was 50.3MB in the beginning and 65.8MB in the end (delta: -15.5MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. [2021-09-13 23:47:45,771 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 86.0MB. Free memory was 68.5MB in the beginning and 68.4MB in the end (delta: 71.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 323.92ms. Allocated memory is still 86.0MB. Free memory was 50.3MB in the beginning and 65.8MB in the end (delta: -15.5MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... ### Bit-precise run ### This is Ultimate 0.2.1-wip.dd.seqcomp-5fbdf5b [2021-09-13 23:47:47,095 INFO L177 SettingsManager]: Resetting all preferences to default values... [2021-09-13 23:47:47,096 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2021-09-13 23:47:47,114 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2021-09-13 23:47:47,114 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2021-09-13 23:47:47,115 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2021-09-13 23:47:47,116 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2021-09-13 23:47:47,117 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2021-09-13 23:47:47,118 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2021-09-13 23:47:47,119 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2021-09-13 23:47:47,119 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2021-09-13 23:47:47,120 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2021-09-13 23:47:47,120 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2021-09-13 23:47:47,121 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2021-09-13 23:47:47,122 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2021-09-13 23:47:47,123 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2021-09-13 23:47:47,123 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2021-09-13 23:47:47,124 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2021-09-13 23:47:47,125 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2021-09-13 23:47:47,127 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2021-09-13 23:47:47,128 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2021-09-13 23:47:47,129 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2021-09-13 23:47:47,130 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2021-09-13 23:47:47,131 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2021-09-13 23:47:47,133 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2021-09-13 23:47:47,133 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2021-09-13 23:47:47,133 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2021-09-13 23:47:47,134 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2021-09-13 23:47:47,134 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2021-09-13 23:47:47,135 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2021-09-13 23:47:47,135 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2021-09-13 23:47:47,136 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2021-09-13 23:47:47,136 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2021-09-13 23:47:47,137 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2021-09-13 23:47:47,137 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2021-09-13 23:47:47,138 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2021-09-13 23:47:47,138 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2021-09-13 23:47:47,138 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2021-09-13 23:47:47,138 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2021-09-13 23:47:47,139 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2021-09-13 23:47:47,140 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2021-09-13 23:47:47,140 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2021-09-13 23:47:47,155 INFO L113 SettingsManager]: Loading preferences was successful [2021-09-13 23:47:47,155 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2021-09-13 23:47:47,155 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2021-09-13 23:47:47,155 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2021-09-13 23:47:47,156 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2021-09-13 23:47:47,156 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2021-09-13 23:47:47,157 INFO L138 SettingsManager]: * Use SBE=true [2021-09-13 23:47:47,157 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2021-09-13 23:47:47,157 INFO L138 SettingsManager]: * sizeof long=4 [2021-09-13 23:47:47,157 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2021-09-13 23:47:47,157 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2021-09-13 23:47:47,157 INFO L138 SettingsManager]: * sizeof POINTER=4 [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2021-09-13 23:47:47,158 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2021-09-13 23:47:47,163 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2021-09-13 23:47:47,163 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2021-09-13 23:47:47,163 INFO L138 SettingsManager]: * sizeof long double=12 [2021-09-13 23:47:47,163 INFO L138 SettingsManager]: * Use constant arrays=true [2021-09-13 23:47:47,164 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2021-09-13 23:47:47,164 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2021-09-13 23:47:47,164 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2021-09-13 23:47:47,164 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-09-13 23:47:47,164 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2021-09-13 23:47:47,165 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 098cac8041f427989b0fcb649de06793770da06a [2021-09-13 23:47:47,384 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2021-09-13 23:47:47,397 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2021-09-13 23:47:47,399 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2021-09-13 23:47:47,399 INFO L271 PluginConnector]: Initializing CDTParser... [2021-09-13 23:47:47,400 INFO L275 PluginConnector]: CDTParser initialized [2021-09-13 23:47:47,401 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i [2021-09-13 23:47:47,441 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ad2173e6/670b7a7285e14b72bdb70304a12e237b/FLAGc0080dfac [2021-09-13 23:47:47,829 INFO L306 CDTParser]: Found 1 translation units. [2021-09-13 23:47:47,830 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test6_2.i [2021-09-13 23:47:47,839 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ad2173e6/670b7a7285e14b72bdb70304a12e237b/FLAGc0080dfac [2021-09-13 23:47:47,847 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ad2173e6/670b7a7285e14b72bdb70304a12e237b [2021-09-13 23:47:47,850 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2021-09-13 23:47:47,851 INFO L131 ToolchainWalker]: Walking toolchain with 5 elements. [2021-09-13 23:47:47,859 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2021-09-13 23:47:47,859 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2021-09-13 23:47:47,865 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2021-09-13 23:47:47,866 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.09 11:47:47" (1/1) ... [2021-09-13 23:47:47,866 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7a643247 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:47, skipping insertion in model container [2021-09-13 23:47:47,867 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.09 11:47:47" (1/1) ... [2021-09-13 23:47:47,871 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2021-09-13 23:47:47,928 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-09-13 23:47:48,272 INFO L206 PostProcessor]: Analyzing one entry point: main [2021-09-13 23:47:48,289 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2021-09-13 23:47:48,298 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-09-13 23:47:48,354 INFO L206 PostProcessor]: Analyzing one entry point: main [2021-09-13 23:47:48,368 INFO L203 MainTranslator]: Completed pre-run [2021-09-13 23:47:48,434 INFO L206 PostProcessor]: Analyzing one entry point: main [2021-09-13 23:47:48,471 INFO L208 MainTranslator]: Completed translation [2021-09-13 23:47:48,472 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48 WrapperNode [2021-09-13 23:47:48,472 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2021-09-13 23:47:48,473 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2021-09-13 23:47:48,473 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2021-09-13 23:47:48,473 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2021-09-13 23:47:48,480 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,481 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,509 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,511 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,543 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,554 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,559 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,570 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2021-09-13 23:47:48,571 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2021-09-13 23:47:48,571 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2021-09-13 23:47:48,571 INFO L275 PluginConnector]: RCFGBuilder initialized [2021-09-13 23:47:48,572 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (1/1) ... [2021-09-13 23:47:48,576 INFO L170 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-09-13 23:47:48,588 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-09-13 23:47:48,596 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2021-09-13 23:47:48,606 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2021-09-13 23:47:48,622 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2021-09-13 23:47:48,622 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure ##fun~$Pointer$~TO~VOID [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.setCurrentRoundingMode [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_32 [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure __bswap_64 [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint16_identity [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint32_identity [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure __uint64_identity [2021-09-13 23:47:48,623 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_nonpositive [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_positive [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_zalloc [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure LDV_INIT_LIST_HEAD [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_add [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_del [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_add [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_add_tail [2021-09-13 23:47:48,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_del [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_alloc [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_fill [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_msg_free [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_submit_msg [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_destroy_msgs [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_dev_get_drvdata [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_dev_set_drvdata [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_atomic_add_return [2021-09-13 23:47:48,625 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_atomic_sub_return [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_sub [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_init [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_get [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kref_put [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_del [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_cleanup [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_release [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_put [2021-09-13 23:47:48,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_get [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_init_internal [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_init [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_kobject_create [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure f [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure g [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure f6 [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure g6 [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure probe3_6 [2021-09-13 23:47:48,627 INFO L138 BoogieDeclarations]: Found implementation of procedure disconnect_6 [2021-09-13 23:47:48,628 INFO L138 BoogieDeclarations]: Found implementation of procedure entry_point [2021-09-13 23:47:48,628 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2021-09-13 23:47:48,628 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.C_memset [2021-09-13 23:47:48,628 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.meminit [2021-09-13 23:47:48,628 INFO L138 BoogieDeclarations]: Found implementation of procedure #Ultimate.C_memcpy [2021-09-13 23:47:48,628 INFO L130 BoogieDeclarations]: Found specification of procedure __ctype_get_mb_cur_max [2021-09-13 23:47:48,628 INFO L130 BoogieDeclarations]: Found specification of procedure atof [2021-09-13 23:47:48,628 INFO L130 BoogieDeclarations]: Found specification of procedure atoi [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure atol [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure atoll [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtod [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtof [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtold [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtol [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtoul [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtoq [2021-09-13 23:47:48,629 INFO L130 BoogieDeclarations]: Found specification of procedure strtouq [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure strtoll [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure strtoull [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure l64a [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure a64l [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_32 [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure __bswap_64 [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure __uint16_identity [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure __uint32_identity [2021-09-13 23:47:48,630 INFO L130 BoogieDeclarations]: Found specification of procedure __uint64_identity [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure select [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure pselect [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_major [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_minor [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure gnu_dev_makedev [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure random [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure srandom [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure initstate [2021-09-13 23:47:48,631 INFO L130 BoogieDeclarations]: Found specification of procedure setstate [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure random_r [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure srandom_r [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure initstate_r [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure setstate_r [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure rand [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure srand [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure rand_r [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure drand48 [2021-09-13 23:47:48,632 INFO L130 BoogieDeclarations]: Found specification of procedure erand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure srand48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure seed48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48 [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure drand48_r [2021-09-13 23:47:48,633 INFO L130 BoogieDeclarations]: Found specification of procedure erand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure lrand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure nrand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure mrand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure jrand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure srand48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure seed48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure lcong48_r [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure malloc [2021-09-13 23:47:48,634 INFO L130 BoogieDeclarations]: Found specification of procedure calloc [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure realloc [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure free [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure alloca [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure valloc [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure posix_memalign [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure aligned_alloc [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure abort [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure atexit [2021-09-13 23:47:48,635 INFO L130 BoogieDeclarations]: Found specification of procedure at_quick_exit [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure on_exit [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure exit [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure quick_exit [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure _Exit [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure getenv [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure putenv [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure setenv [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure unsetenv [2021-09-13 23:47:48,636 INFO L130 BoogieDeclarations]: Found specification of procedure clearenv [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure mktemp [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemp [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure mkstemps [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure mkdtemp [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure system [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure realpath [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure bsearch [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure qsort [2021-09-13 23:47:48,637 INFO L130 BoogieDeclarations]: Found specification of procedure abs [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure labs [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure llabs [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure div [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure ldiv [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure lldiv [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure gcvt [2021-09-13 23:47:48,638 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure qgcvt [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure ecvt_r [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure fcvt_r [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure qecvt_r [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure qfcvt_r [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure mblen [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure mbtowc [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure wctomb [2021-09-13 23:47:48,639 INFO L130 BoogieDeclarations]: Found specification of procedure mbstowcs [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure wcstombs [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure rpmatch [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure getsubopt [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure getloadavg [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure kfree [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_nondet_int [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_nonpositive [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_positive [2021-09-13 23:47:48,640 INFO L130 BoogieDeclarations]: Found specification of procedure memcpy [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure memset [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_zalloc [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.meminit [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure LDV_INIT_LIST_HEAD [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_add [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_del [2021-09-13 23:47:48,641 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_add [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_add_tail [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_del [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_alloc [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_fill [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.C_memcpy [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_msg_free [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2021-09-13 23:47:48,642 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_submit_msg [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_destroy_msgs [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_dev_get_drvdata [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_dev_set_drvdata [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_atomic_add_return [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_atomic_sub_return [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_sub [2021-09-13 23:47:48,643 INFO L130 BoogieDeclarations]: Found specification of procedure ##fun~$Pointer$~TO~VOID [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_init [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_get [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kref_put [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_del [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_cleanup [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_release [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_put [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_get [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_init_internal [2021-09-13 23:47:48,644 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_init [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_kobject_create [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.C_memset [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure f [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure g [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure f6 [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure g6 [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure probe3_6 [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure disconnect_6 [2021-09-13 23:47:48,645 INFO L130 BoogieDeclarations]: Found specification of procedure entry_point [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure main [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.setCurrentRoundingMode [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~$Pointer$ [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure read~unchecked~$Pointer$ [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure write~unchecked~intINTTYPE4 [2021-09-13 23:47:48,646 INFO L130 BoogieDeclarations]: Found specification of procedure read~unchecked~intINTTYPE4 [2021-09-13 23:47:49,160 WARN L804 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2021-09-13 23:47:49,405 WARN L804 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2021-09-13 23:47:49,470 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2021-09-13 23:47:49,470 INFO L299 CfgBuilder]: Removed 1 assume(true) statements. [2021-09-13 23:47:49,473 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.09 11:47:49 BoogieIcfgContainer [2021-09-13 23:47:49,474 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2021-09-13 23:47:49,475 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2021-09-13 23:47:49,475 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2021-09-13 23:47:49,477 INFO L275 PluginConnector]: TraceAbstraction initialized [2021-09-13 23:47:49,477 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.09 11:47:47" (1/3) ... [2021-09-13 23:47:49,478 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39d4a9ac and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.09 11:47:49, skipping insertion in model container [2021-09-13 23:47:49,478 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.09 11:47:48" (2/3) ... [2021-09-13 23:47:49,478 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39d4a9ac and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.09 11:47:49, skipping insertion in model container [2021-09-13 23:47:49,479 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.09 11:47:49" (3/3) ... [2021-09-13 23:47:49,479 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test6_2.i [2021-09-13 23:47:49,483 INFO L204 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2021-09-13 23:47:49,484 INFO L163 ceAbstractionStarter]: Applying trace abstraction to program that has 86 error locations. [2021-09-13 23:47:49,512 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2021-09-13 23:47:49,516 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2021-09-13 23:47:49,516 INFO L340 AbstractCegarLoop]: Starting to check reachability of 86 error locations. [2021-09-13 23:47:49,529 INFO L276 IsEmpty]: Start isEmpty. Operand has 139 states, 76 states have (on average 1.5657894736842106) internal successors, (119), 110 states have internal predecessors, (119), 15 states have call successors, (15), 14 states have call predecessors, (15), 14 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2021-09-13 23:47:49,533 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2021-09-13 23:47:49,534 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:49,534 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:49,535 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting entry_pointErr0REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:49,538 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:49,538 INFO L82 PathProgramCache]: Analyzing trace with hash -2083337596, now seen corresponding path program 1 times [2021-09-13 23:47:49,546 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:49,546 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1153447238] [2021-09-13 23:47:49,546 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:49,547 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:49,547 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:49,554 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:49,584 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2021-09-13 23:47:49,732 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:49,736 INFO L263 TraceCheckSpWp]: Trace formula consists of 106 conjuncts, 4 conjunts are in the unsatisfiable core [2021-09-13 23:47:49,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:49,749 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:49,899 INFO L264 TraceCheckUtils]: 0: Hoare triple {142#true} call ULTIMATE.init(); {142#true} is VALID [2021-09-13 23:47:49,899 INFO L281 TraceCheckUtils]: 1: Hoare triple {142#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {142#true} is VALID [2021-09-13 23:47:49,900 INFO L281 TraceCheckUtils]: 2: Hoare triple {142#true} assume true; {142#true} is VALID [2021-09-13 23:47:49,903 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {142#true} {142#true} #506#return; {142#true} is VALID [2021-09-13 23:47:49,903 INFO L264 TraceCheckUtils]: 4: Hoare triple {142#true} call main(); {142#true} is VALID [2021-09-13 23:47:49,903 INFO L264 TraceCheckUtils]: 5: Hoare triple {142#true} call entry_point(); {142#true} is VALID [2021-09-13 23:47:49,903 INFO L264 TraceCheckUtils]: 6: Hoare triple {142#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {142#true} is VALID [2021-09-13 23:47:49,904 INFO L281 TraceCheckUtils]: 7: Hoare triple {142#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {142#true} is VALID [2021-09-13 23:47:49,904 INFO L264 TraceCheckUtils]: 8: Hoare triple {142#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {142#true} is VALID [2021-09-13 23:47:49,904 INFO L281 TraceCheckUtils]: 9: Hoare triple {142#true} ~size := #in~size; {142#true} is VALID [2021-09-13 23:47:49,905 INFO L281 TraceCheckUtils]: 10: Hoare triple {142#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:49,905 INFO L281 TraceCheckUtils]: 11: Hoare triple {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:49,906 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {142#true} #462#return; {184#(not (= |probe3_6_#t~ret40.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:49,907 INFO L281 TraceCheckUtils]: 13: Hoare triple {184#(not (= |probe3_6_#t~ret40.base| (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {188#(not (= probe3_6_~p~0.base (_ bv0 32)))} is VALID [2021-09-13 23:47:49,907 INFO L281 TraceCheckUtils]: 14: Hoare triple {188#(not (= probe3_6_~p~0.base (_ bv0 32)))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {143#false} is VALID [2021-09-13 23:47:49,907 INFO L281 TraceCheckUtils]: 15: Hoare triple {143#false} assume true; {143#false} is VALID [2021-09-13 23:47:49,908 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {143#false} {142#true} #494#return; {143#false} is VALID [2021-09-13 23:47:49,908 INFO L281 TraceCheckUtils]: 17: Hoare triple {143#false} ~ret~1 := #t~ret44;havoc #t~ret44; {143#false} is VALID [2021-09-13 23:47:49,908 INFO L281 TraceCheckUtils]: 18: Hoare triple {143#false} assume !(0bv32 == ~ret~1); {143#false} is VALID [2021-09-13 23:47:49,908 INFO L281 TraceCheckUtils]: 19: Hoare triple {143#false} assume !(1bv1 == #valid[~#a6~0.base]); {143#false} is VALID [2021-09-13 23:47:49,909 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:49,909 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:50,073 INFO L281 TraceCheckUtils]: 19: Hoare triple {143#false} assume !(1bv1 == #valid[~#a6~0.base]); {143#false} is VALID [2021-09-13 23:47:50,073 INFO L281 TraceCheckUtils]: 18: Hoare triple {143#false} assume !(0bv32 == ~ret~1); {143#false} is VALID [2021-09-13 23:47:50,074 INFO L281 TraceCheckUtils]: 17: Hoare triple {143#false} ~ret~1 := #t~ret44;havoc #t~ret44; {143#false} is VALID [2021-09-13 23:47:50,074 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {143#false} {142#true} #494#return; {143#false} is VALID [2021-09-13 23:47:50,074 INFO L281 TraceCheckUtils]: 15: Hoare triple {143#false} assume true; {143#false} is VALID [2021-09-13 23:47:50,075 INFO L281 TraceCheckUtils]: 14: Hoare triple {188#(not (= probe3_6_~p~0.base (_ bv0 32)))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {143#false} is VALID [2021-09-13 23:47:50,075 INFO L281 TraceCheckUtils]: 13: Hoare triple {184#(not (= |probe3_6_#t~ret40.base| (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {188#(not (= probe3_6_~p~0.base (_ bv0 32)))} is VALID [2021-09-13 23:47:50,076 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {142#true} #462#return; {184#(not (= |probe3_6_#t~ret40.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:50,076 INFO L281 TraceCheckUtils]: 11: Hoare triple {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:50,077 INFO L281 TraceCheckUtils]: 10: Hoare triple {142#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {177#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:50,077 INFO L281 TraceCheckUtils]: 9: Hoare triple {142#true} ~size := #in~size; {142#true} is VALID [2021-09-13 23:47:50,077 INFO L264 TraceCheckUtils]: 8: Hoare triple {142#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {142#true} is VALID [2021-09-13 23:47:50,077 INFO L281 TraceCheckUtils]: 7: Hoare triple {142#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {142#true} is VALID [2021-09-13 23:47:50,078 INFO L264 TraceCheckUtils]: 6: Hoare triple {142#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {142#true} is VALID [2021-09-13 23:47:50,078 INFO L264 TraceCheckUtils]: 5: Hoare triple {142#true} call entry_point(); {142#true} is VALID [2021-09-13 23:47:50,078 INFO L264 TraceCheckUtils]: 4: Hoare triple {142#true} call main(); {142#true} is VALID [2021-09-13 23:47:50,078 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {142#true} {142#true} #506#return; {142#true} is VALID [2021-09-13 23:47:50,078 INFO L281 TraceCheckUtils]: 2: Hoare triple {142#true} assume true; {142#true} is VALID [2021-09-13 23:47:50,078 INFO L281 TraceCheckUtils]: 1: Hoare triple {142#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {142#true} is VALID [2021-09-13 23:47:50,079 INFO L264 TraceCheckUtils]: 0: Hoare triple {142#true} call ULTIMATE.init(); {142#true} is VALID [2021-09-13 23:47:50,079 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:50,079 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:50,080 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1153447238] [2021-09-13 23:47:50,080 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1153447238] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:50,081 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:50,081 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2021-09-13 23:47:50,082 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [950755474] [2021-09-13 23:47:50,086 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) Word has length 20 [2021-09-13 23:47:50,087 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:50,089 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) [2021-09-13 23:47:50,115 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:50,115 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2021-09-13 23:47:50,115 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:50,132 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2021-09-13 23:47:50,133 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:47:50,137 INFO L87 Difference]: Start difference. First operand has 139 states, 76 states have (on average 1.5657894736842106) internal successors, (119), 110 states have internal predecessors, (119), 15 states have call successors, (15), 14 states have call predecessors, (15), 14 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) [2021-09-13 23:47:50,654 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:50,654 INFO L93 Difference]: Finished difference Result 94 states and 104 transitions. [2021-09-13 23:47:50,655 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2021-09-13 23:47:50,655 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) Word has length 20 [2021-09-13 23:47:50,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:50,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) [2021-09-13 23:47:50,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 105 transitions. [2021-09-13 23:47:50,671 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) [2021-09-13 23:47:50,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 105 transitions. [2021-09-13 23:47:50,681 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 105 transitions. [2021-09-13 23:47:50,757 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 105 edges. 105 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:50,764 INFO L225 Difference]: With dead ends: 94 [2021-09-13 23:47:50,765 INFO L226 Difference]: Without dead ends: 91 [2021-09-13 23:47:50,766 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 15.32ms TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:47:50,768 INFO L928 BasicCegarLoop]: 20 mSDtfsCounter, 22 mSDsluCounter, 269 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 219.69ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 78 SdHoareTripleChecker+Invalid, 257 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 6.31ms SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 224.26ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:50,768 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [24 Valid, 78 Invalid, 257 Unknown, 0 Unchecked, 6.31ms Time], IncrementalHoareTripleChecker [2 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 224.26ms Time] [2021-09-13 23:47:50,783 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2021-09-13 23:47:50,791 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 70. [2021-09-13 23:47:50,792 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:50,792 INFO L82 GeneralOperation]: Start isEquivalent. First operand 91 states. Second operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:47:50,793 INFO L74 IsIncluded]: Start isIncluded. First operand 91 states. Second operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:47:50,793 INFO L87 Difference]: Start difference. First operand 91 states. Second operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:47:50,798 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:50,798 INFO L93 Difference]: Finished difference Result 91 states and 101 transitions. [2021-09-13 23:47:50,798 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 101 transitions. [2021-09-13 23:47:50,799 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:50,799 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:50,799 INFO L74 IsIncluded]: Start isIncluded. First operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 91 states. [2021-09-13 23:47:50,800 INFO L87 Difference]: Start difference. First operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 91 states. [2021-09-13 23:47:50,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:50,804 INFO L93 Difference]: Finished difference Result 91 states and 101 transitions. [2021-09-13 23:47:50,804 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 101 transitions. [2021-09-13 23:47:50,804 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:50,805 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:50,805 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:50,805 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:50,805 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 38 states have (on average 1.5263157894736843) internal successors, (58), 54 states have internal predecessors, (58), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:47:50,807 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 74 transitions. [2021-09-13 23:47:50,808 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 74 transitions. Word has length 20 [2021-09-13 23:47:50,808 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:50,808 INFO L470 AbstractCegarLoop]: Abstraction has 70 states and 74 transitions. [2021-09-13 23:47:50,808 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (3), 3 states have call predecessors, (3), 1 states have call successors, (3) [2021-09-13 23:47:50,808 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 74 transitions. [2021-09-13 23:47:50,809 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2021-09-13 23:47:50,809 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:50,809 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:50,821 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2021-09-13 23:47:51,015 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:51,016 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting entry_pointErr0REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:51,016 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:51,016 INFO L82 PathProgramCache]: Analyzing trace with hash 2015116195, now seen corresponding path program 1 times [2021-09-13 23:47:51,017 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:51,017 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1066940785] [2021-09-13 23:47:51,017 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:51,017 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:51,017 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:51,018 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:51,019 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2021-09-13 23:47:51,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:51,148 INFO L263 TraceCheckSpWp]: Trace formula consists of 102 conjuncts, 10 conjunts are in the unsatisfiable core [2021-09-13 23:47:51,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:51,161 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:51,219 INFO L354 Elim1Store]: treesize reduction 34, result has 38.2 percent of original size [2021-09-13 23:47:51,221 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 12 treesize of output 26 [2021-09-13 23:47:51,336 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2021-09-13 23:47:51,405 INFO L264 TraceCheckUtils]: 0: Hoare triple {612#true} call ULTIMATE.init(); {612#true} is VALID [2021-09-13 23:47:51,407 INFO L281 TraceCheckUtils]: 1: Hoare triple {612#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,408 INFO L281 TraceCheckUtils]: 2: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,408 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {612#true} #506#return; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,409 INFO L264 TraceCheckUtils]: 4: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,409 INFO L264 TraceCheckUtils]: 5: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,410 INFO L264 TraceCheckUtils]: 6: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,410 INFO L281 TraceCheckUtils]: 7: Hoare triple {636#(= |old(#valid)| |#valid|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,411 INFO L264 TraceCheckUtils]: 8: Hoare triple {636#(= |old(#valid)| |#valid|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,411 INFO L281 TraceCheckUtils]: 9: Hoare triple {636#(= |old(#valid)| |#valid|)} ~size := #in~size; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,412 INFO L281 TraceCheckUtils]: 10: Hoare triple {636#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,412 INFO L281 TraceCheckUtils]: 11: Hoare triple {636#(= |old(#valid)| |#valid|)} assume true; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,417 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {636#(= |old(#valid)| |#valid|)} {636#(= |old(#valid)| |#valid|)} #462#return; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,418 INFO L281 TraceCheckUtils]: 13: Hoare triple {636#(= |old(#valid)| |#valid|)} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,418 INFO L281 TraceCheckUtils]: 14: Hoare triple {636#(= |old(#valid)| |#valid|)} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,418 INFO L281 TraceCheckUtils]: 15: Hoare triple {636#(= |old(#valid)| |#valid|)} assume true; {636#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:47:51,419 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {636#(= |old(#valid)| |#valid|)} {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} #494#return; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,419 INFO L281 TraceCheckUtils]: 17: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,420 INFO L281 TraceCheckUtils]: 18: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,420 INFO L281 TraceCheckUtils]: 19: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(1bv1 == #valid[~#a6~0.base]); {613#false} is VALID [2021-09-13 23:47:51,421 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:51,421 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:51,624 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 8 [2021-09-13 23:47:51,736 INFO L281 TraceCheckUtils]: 19: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(1bv1 == #valid[~#a6~0.base]); {613#false} is VALID [2021-09-13 23:47:51,736 INFO L281 TraceCheckUtils]: 18: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,737 INFO L281 TraceCheckUtils]: 17: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,738 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} #494#return; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,738 INFO L281 TraceCheckUtils]: 15: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume true; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,738 INFO L281 TraceCheckUtils]: 14: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,739 INFO L281 TraceCheckUtils]: 13: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,739 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} #462#return; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,740 INFO L281 TraceCheckUtils]: 11: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume true; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,740 INFO L281 TraceCheckUtils]: 10: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,741 INFO L281 TraceCheckUtils]: 9: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~size := #in~size; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,741 INFO L264 TraceCheckUtils]: 8: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,741 INFO L281 TraceCheckUtils]: 7: Hoare triple {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,742 INFO L264 TraceCheckUtils]: 6: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {688#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:47:51,742 INFO L264 TraceCheckUtils]: 5: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,743 INFO L264 TraceCheckUtils]: 4: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,743 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {612#true} #506#return; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,744 INFO L281 TraceCheckUtils]: 2: Hoare triple {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,745 INFO L281 TraceCheckUtils]: 1: Hoare triple {612#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {620#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:51,745 INFO L264 TraceCheckUtils]: 0: Hoare triple {612#true} call ULTIMATE.init(); {612#true} is VALID [2021-09-13 23:47:51,746 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:51,746 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:51,746 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1066940785] [2021-09-13 23:47:51,746 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1066940785] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:51,746 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:51,746 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3, 3] imperfect sequences [] total 4 [2021-09-13 23:47:51,747 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529801068] [2021-09-13 23:47:51,748 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 20 [2021-09-13 23:47:51,748 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:51,748 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2021-09-13 23:47:51,780 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:51,780 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2021-09-13 23:47:51,780 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:51,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2021-09-13 23:47:51,781 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:47:51,781 INFO L87 Difference]: Start difference. First operand 70 states and 74 transitions. Second operand has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2021-09-13 23:47:52,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:52,175 INFO L93 Difference]: Finished difference Result 111 states and 120 transitions. [2021-09-13 23:47:52,175 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2021-09-13 23:47:52,176 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 20 [2021-09-13 23:47:52,176 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:52,176 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2021-09-13 23:47:52,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 122 transitions. [2021-09-13 23:47:52,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2021-09-13 23:47:52,181 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 122 transitions. [2021-09-13 23:47:52,181 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 122 transitions. [2021-09-13 23:47:52,286 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 122 edges. 122 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:52,291 INFO L225 Difference]: With dead ends: 111 [2021-09-13 23:47:52,291 INFO L226 Difference]: Without dead ends: 108 [2021-09-13 23:47:52,291 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 33 SyntacticMatches, 3 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 32.26ms TimeCoverageRelationStatistics Valid=14, Invalid=16, Unknown=0, NotChecked=0, Total=30 [2021-09-13 23:47:52,295 INFO L928 BasicCegarLoop]: 12 mSDtfsCounter, 118 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 146 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 176.91ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 16 SdHoareTripleChecker+Invalid, 175 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.28ms SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 146 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 178.38ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:52,297 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [120 Valid, 16 Invalid, 175 Unknown, 0 Unchecked, 2.28ms Time], IncrementalHoareTripleChecker [29 Valid, 146 Invalid, 0 Unknown, 0 Unchecked, 178.38ms Time] [2021-09-13 23:47:52,298 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2021-09-13 23:47:52,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 75. [2021-09-13 23:47:52,308 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:52,308 INFO L82 GeneralOperation]: Start isEquivalent. First operand 108 states. Second operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:47:52,308 INFO L74 IsIncluded]: Start isIncluded. First operand 108 states. Second operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:47:52,309 INFO L87 Difference]: Start difference. First operand 108 states. Second operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:47:52,315 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:52,315 INFO L93 Difference]: Finished difference Result 108 states and 117 transitions. [2021-09-13 23:47:52,315 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 117 transitions. [2021-09-13 23:47:52,318 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:52,318 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:52,318 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) Second operand 108 states. [2021-09-13 23:47:52,319 INFO L87 Difference]: Start difference. First operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) Second operand 108 states. [2021-09-13 23:47:52,327 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:52,328 INFO L93 Difference]: Finished difference Result 108 states and 117 transitions. [2021-09-13 23:47:52,328 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 117 transitions. [2021-09-13 23:47:52,332 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:52,332 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:52,332 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:52,332 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:52,333 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 42 states have (on average 1.5) internal successors, (63), 58 states have internal predecessors, (63), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:47:52,335 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 80 transitions. [2021-09-13 23:47:52,335 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 80 transitions. Word has length 20 [2021-09-13 23:47:52,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:52,336 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 80 transitions. [2021-09-13 23:47:52,336 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2021-09-13 23:47:52,336 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 80 transitions. [2021-09-13 23:47:52,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2021-09-13 23:47:52,337 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:52,337 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:52,349 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2021-09-13 23:47:52,545 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:52,545 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting entry_pointErr1REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:52,546 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:52,546 INFO L82 PathProgramCache]: Analyzing trace with hash 2015116196, now seen corresponding path program 1 times [2021-09-13 23:47:52,546 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:52,546 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [283897960] [2021-09-13 23:47:52,546 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:52,546 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:52,546 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:52,547 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:52,548 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2021-09-13 23:47:52,655 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:52,657 INFO L263 TraceCheckSpWp]: Trace formula consists of 102 conjuncts, 11 conjunts are in the unsatisfiable core [2021-09-13 23:47:52,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:52,673 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:52,697 INFO L354 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2021-09-13 23:47:52,697 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 15 [2021-09-13 23:47:52,792 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2021-09-13 23:47:52,943 INFO L264 TraceCheckUtils]: 0: Hoare triple {1140#true} call ULTIMATE.init(); {1140#true} is VALID [2021-09-13 23:47:52,945 INFO L281 TraceCheckUtils]: 1: Hoare triple {1140#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,945 INFO L281 TraceCheckUtils]: 2: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume true; {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,946 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} {1140#true} #506#return; {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,947 INFO L264 TraceCheckUtils]: 4: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call main(); {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,948 INFO L264 TraceCheckUtils]: 5: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call entry_point(); {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,949 INFO L264 TraceCheckUtils]: 6: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,949 INFO L281 TraceCheckUtils]: 7: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,950 INFO L264 TraceCheckUtils]: 8: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,950 INFO L281 TraceCheckUtils]: 9: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} ~size := #in~size; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,950 INFO L281 TraceCheckUtils]: 10: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,951 INFO L281 TraceCheckUtils]: 11: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} assume true; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,951 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} #462#return; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,952 INFO L281 TraceCheckUtils]: 13: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,952 INFO L281 TraceCheckUtils]: 14: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,953 INFO L281 TraceCheckUtils]: 15: Hoare triple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} assume true; {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:47:52,961 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {1164#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} #494#return; {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,962 INFO L281 TraceCheckUtils]: 17: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,962 INFO L281 TraceCheckUtils]: 18: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:52,962 INFO L281 TraceCheckUtils]: 19: Hoare triple {1148#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~#a6~0.offset), #length[~#a6~0.base]) && ~bvule32(~#a6~0.offset, ~bvadd32(4bv32, ~#a6~0.offset))) && ~bvule32(0bv32, ~#a6~0.offset)); {1141#false} is VALID [2021-09-13 23:47:52,963 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:52,963 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:53,246 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 6 [2021-09-13 23:47:53,436 INFO L281 TraceCheckUtils]: 19: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~#a6~0.offset), #length[~#a6~0.base]) && ~bvule32(~#a6~0.offset, ~bvadd32(4bv32, ~#a6~0.offset))) && ~bvule32(0bv32, ~#a6~0.offset)); {1141#false} is VALID [2021-09-13 23:47:53,437 INFO L281 TraceCheckUtils]: 18: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,439 INFO L281 TraceCheckUtils]: 17: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,440 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} #494#return; {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,441 INFO L281 TraceCheckUtils]: 15: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume true; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,441 INFO L281 TraceCheckUtils]: 14: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,442 INFO L281 TraceCheckUtils]: 13: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,442 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} #462#return; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,443 INFO L281 TraceCheckUtils]: 11: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume true; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,443 INFO L281 TraceCheckUtils]: 10: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,444 INFO L281 TraceCheckUtils]: 9: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~size := #in~size; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,445 INFO L264 TraceCheckUtils]: 8: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,445 INFO L281 TraceCheckUtils]: 7: Hoare triple {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,446 INFO L264 TraceCheckUtils]: 6: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {1217#(or (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,447 INFO L264 TraceCheckUtils]: 5: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call entry_point(); {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,448 INFO L264 TraceCheckUtils]: 4: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call main(); {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,461 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} {1140#true} #506#return; {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,461 INFO L281 TraceCheckUtils]: 2: Hoare triple {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume true; {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,465 INFO L281 TraceCheckUtils]: 1: Hoare triple {1140#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {1204#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:47:53,466 INFO L264 TraceCheckUtils]: 0: Hoare triple {1140#true} call ULTIMATE.init(); {1140#true} is VALID [2021-09-13 23:47:53,466 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:53,466 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:53,466 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [283897960] [2021-09-13 23:47:53,466 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [283897960] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:53,466 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:53,466 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3, 3] imperfect sequences [] total 5 [2021-09-13 23:47:53,466 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [522175469] [2021-09-13 23:47:53,467 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 20 [2021-09-13 23:47:53,467 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:53,467 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2021-09-13 23:47:53,503 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:53,503 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-09-13 23:47:53,503 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:53,503 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-09-13 23:47:53,503 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2021-09-13 23:47:53,504 INFO L87 Difference]: Start difference. First operand 75 states and 80 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2021-09-13 23:47:54,076 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:54,076 INFO L93 Difference]: Finished difference Result 125 states and 131 transitions. [2021-09-13 23:47:54,076 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2021-09-13 23:47:54,076 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 20 [2021-09-13 23:47:54,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:54,077 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2021-09-13 23:47:54,079 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 127 transitions. [2021-09-13 23:47:54,079 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2021-09-13 23:47:54,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 127 transitions. [2021-09-13 23:47:54,081 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 127 transitions. [2021-09-13 23:47:54,189 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 127 edges. 127 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:54,191 INFO L225 Difference]: With dead ends: 125 [2021-09-13 23:47:54,191 INFO L226 Difference]: Without dead ends: 124 [2021-09-13 23:47:54,191 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 35 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 57.14ms TimeCoverageRelationStatistics Valid=19, Invalid=23, Unknown=0, NotChecked=0, Total=42 [2021-09-13 23:47:54,192 INFO L928 BasicCegarLoop]: 15 mSDtfsCounter, 203 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 170 mSolverCounterSat, 47 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 233.86ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 203 SdHoareTripleChecker+Valid, 19 SdHoareTripleChecker+Invalid, 217 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.21ms SdHoareTripleChecker+Time, 47 IncrementalHoareTripleChecker+Valid, 170 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 235.46ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:54,192 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [203 Valid, 19 Invalid, 217 Unknown, 0 Unchecked, 2.21ms Time], IncrementalHoareTripleChecker [47 Valid, 170 Invalid, 0 Unknown, 0 Unchecked, 235.46ms Time] [2021-09-13 23:47:54,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2021-09-13 23:47:54,196 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 106. [2021-09-13 23:47:54,196 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:54,197 INFO L82 GeneralOperation]: Start isEquivalent. First operand 124 states. Second operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:54,197 INFO L74 IsIncluded]: Start isIncluded. First operand 124 states. Second operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:54,198 INFO L87 Difference]: Start difference. First operand 124 states. Second operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:54,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:54,200 INFO L93 Difference]: Finished difference Result 124 states and 130 transitions. [2021-09-13 23:47:54,201 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 130 transitions. [2021-09-13 23:47:54,201 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:54,201 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:54,201 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) Second operand 124 states. [2021-09-13 23:47:54,202 INFO L87 Difference]: Start difference. First operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) Second operand 124 states. [2021-09-13 23:47:54,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:54,204 INFO L93 Difference]: Finished difference Result 124 states and 130 transitions. [2021-09-13 23:47:54,205 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 130 transitions. [2021-09-13 23:47:54,205 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:54,205 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:54,205 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:54,205 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:54,206 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 66 states have (on average 1.5606060606060606) internal successors, (103), 83 states have internal predecessors, (103), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:54,208 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 127 transitions. [2021-09-13 23:47:54,208 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 127 transitions. Word has length 20 [2021-09-13 23:47:54,208 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:54,208 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 127 transitions. [2021-09-13 23:47:54,208 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 5 states have call successors, (9), 5 states have call predecessors, (9), 4 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2021-09-13 23:47:54,209 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 127 transitions. [2021-09-13 23:47:54,209 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2021-09-13 23:47:54,209 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:54,209 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:54,215 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Ended with exit code 0 [2021-09-13 23:47:54,415 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:54,416 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting probe3_6Err5ASSERT_VIOLATIONMEMORY_FREE === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:54,416 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:54,416 INFO L82 PathProgramCache]: Analyzing trace with hash -1702507591, now seen corresponding path program 1 times [2021-09-13 23:47:54,416 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:54,417 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [24568571] [2021-09-13 23:47:54,417 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:54,417 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:54,417 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:54,417 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:54,418 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2021-09-13 23:47:54,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:54,533 INFO L263 TraceCheckSpWp]: Trace formula consists of 108 conjuncts, 4 conjunts are in the unsatisfiable core [2021-09-13 23:47:54,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:54,543 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:54,631 INFO L264 TraceCheckUtils]: 0: Hoare triple {1746#true} call ULTIMATE.init(); {1746#true} is VALID [2021-09-13 23:47:54,631 INFO L281 TraceCheckUtils]: 1: Hoare triple {1746#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {1746#true} is VALID [2021-09-13 23:47:54,631 INFO L281 TraceCheckUtils]: 2: Hoare triple {1746#true} assume true; {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {1746#true} {1746#true} #506#return; {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L264 TraceCheckUtils]: 4: Hoare triple {1746#true} call main(); {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L264 TraceCheckUtils]: 5: Hoare triple {1746#true} call entry_point(); {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L264 TraceCheckUtils]: 6: Hoare triple {1746#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L281 TraceCheckUtils]: 7: Hoare triple {1746#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {1746#true} is VALID [2021-09-13 23:47:54,632 INFO L264 TraceCheckUtils]: 8: Hoare triple {1746#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {1746#true} is VALID [2021-09-13 23:47:54,633 INFO L281 TraceCheckUtils]: 9: Hoare triple {1746#true} ~size := #in~size; {1746#true} is VALID [2021-09-13 23:47:54,633 INFO L281 TraceCheckUtils]: 10: Hoare triple {1746#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,634 INFO L281 TraceCheckUtils]: 11: Hoare triple {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,634 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} {1746#true} #462#return; {1788#(= |probe3_6_#t~ret40.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,635 INFO L281 TraceCheckUtils]: 13: Hoare triple {1788#(= |probe3_6_#t~ret40.offset| (_ bv0 32))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,635 INFO L281 TraceCheckUtils]: 14: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,635 INFO L264 TraceCheckUtils]: 15: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} call #t~ret41 := f6(); {1746#true} is VALID [2021-09-13 23:47:54,635 INFO L281 TraceCheckUtils]: 16: Hoare triple {1746#true} #res := #t~nondet38;havoc #t~nondet38; {1746#true} is VALID [2021-09-13 23:47:54,636 INFO L281 TraceCheckUtils]: 17: Hoare triple {1746#true} assume true; {1746#true} is VALID [2021-09-13 23:47:54,636 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {1746#true} {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} #464#return; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,636 INFO L281 TraceCheckUtils]: 19: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} ~ret~0 := #t~ret41;havoc #t~ret41; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,637 INFO L281 TraceCheckUtils]: 20: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume ~bvslt32(~ret~0, 0bv32); {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,637 INFO L281 TraceCheckUtils]: 21: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume !(0bv32 == ~p~0.offset); {1747#false} is VALID [2021-09-13 23:47:54,637 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:54,637 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:54,768 INFO L281 TraceCheckUtils]: 21: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume !(0bv32 == ~p~0.offset); {1747#false} is VALID [2021-09-13 23:47:54,769 INFO L281 TraceCheckUtils]: 20: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume ~bvslt32(~ret~0, 0bv32); {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,769 INFO L281 TraceCheckUtils]: 19: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} ~ret~0 := #t~ret41;havoc #t~ret41; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,770 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {1746#true} {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} #464#return; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,770 INFO L281 TraceCheckUtils]: 17: Hoare triple {1746#true} assume true; {1746#true} is VALID [2021-09-13 23:47:54,770 INFO L281 TraceCheckUtils]: 16: Hoare triple {1746#true} #res := #t~nondet38;havoc #t~nondet38; {1746#true} is VALID [2021-09-13 23:47:54,770 INFO L264 TraceCheckUtils]: 15: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} call #t~ret41 := f6(); {1746#true} is VALID [2021-09-13 23:47:54,770 INFO L281 TraceCheckUtils]: 14: Hoare triple {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,771 INFO L281 TraceCheckUtils]: 13: Hoare triple {1788#(= |probe3_6_#t~ret40.offset| (_ bv0 32))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {1792#(= (_ bv0 32) probe3_6_~p~0.offset)} is VALID [2021-09-13 23:47:54,772 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} {1746#true} #462#return; {1788#(= |probe3_6_#t~ret40.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,772 INFO L281 TraceCheckUtils]: 11: Hoare triple {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,772 INFO L281 TraceCheckUtils]: 10: Hoare triple {1746#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1781#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2021-09-13 23:47:54,772 INFO L281 TraceCheckUtils]: 9: Hoare triple {1746#true} ~size := #in~size; {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L264 TraceCheckUtils]: 8: Hoare triple {1746#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L281 TraceCheckUtils]: 7: Hoare triple {1746#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L264 TraceCheckUtils]: 6: Hoare triple {1746#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L264 TraceCheckUtils]: 5: Hoare triple {1746#true} call entry_point(); {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L264 TraceCheckUtils]: 4: Hoare triple {1746#true} call main(); {1746#true} is VALID [2021-09-13 23:47:54,773 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {1746#true} {1746#true} #506#return; {1746#true} is VALID [2021-09-13 23:47:54,774 INFO L281 TraceCheckUtils]: 2: Hoare triple {1746#true} assume true; {1746#true} is VALID [2021-09-13 23:47:54,774 INFO L281 TraceCheckUtils]: 1: Hoare triple {1746#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {1746#true} is VALID [2021-09-13 23:47:54,774 INFO L264 TraceCheckUtils]: 0: Hoare triple {1746#true} call ULTIMATE.init(); {1746#true} is VALID [2021-09-13 23:47:54,774 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:54,774 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:54,774 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [24568571] [2021-09-13 23:47:54,774 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [24568571] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:54,775 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:54,775 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4, 4] imperfect sequences [] total 4 [2021-09-13 23:47:54,775 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [177034203] [2021-09-13 23:47:54,775 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2021-09-13 23:47:54,776 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:54,776 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2021-09-13 23:47:54,791 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:54,791 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2021-09-13 23:47:54,791 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:54,792 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2021-09-13 23:47:54,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:47:54,792 INFO L87 Difference]: Start difference. First operand 106 states and 127 transitions. Second operand has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2021-09-13 23:47:55,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:55,124 INFO L93 Difference]: Finished difference Result 104 states and 123 transitions. [2021-09-13 23:47:55,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2021-09-13 23:47:55,124 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2021-09-13 23:47:55,124 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:55,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2021-09-13 23:47:55,126 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 70 transitions. [2021-09-13 23:47:55,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2021-09-13 23:47:55,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 70 transitions. [2021-09-13 23:47:55,127 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 70 transitions. [2021-09-13 23:47:55,188 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 70 edges. 70 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:55,191 INFO L225 Difference]: With dead ends: 104 [2021-09-13 23:47:55,191 INFO L226 Difference]: Without dead ends: 104 [2021-09-13 23:47:55,192 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 40 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 9.54ms TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:47:55,194 INFO L928 BasicCegarLoop]: 15 mSDtfsCounter, 19 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 186 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 132.71ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 57 SdHoareTripleChecker+Invalid, 188 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 1.19ms SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 186 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 133.61ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:55,195 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 57 Invalid, 188 Unknown, 0 Unchecked, 1.19ms Time], IncrementalHoareTripleChecker [2 Valid, 186 Invalid, 0 Unknown, 0 Unchecked, 133.61ms Time] [2021-09-13 23:47:55,197 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2021-09-13 23:47:55,209 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 104. [2021-09-13 23:47:55,209 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:55,210 INFO L82 GeneralOperation]: Start isEquivalent. First operand 104 states. Second operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:55,210 INFO L74 IsIncluded]: Start isIncluded. First operand 104 states. Second operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:55,210 INFO L87 Difference]: Start difference. First operand 104 states. Second operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:55,213 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:55,214 INFO L93 Difference]: Finished difference Result 104 states and 123 transitions. [2021-09-13 23:47:55,214 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 123 transitions. [2021-09-13 23:47:55,214 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:55,214 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:55,215 INFO L74 IsIncluded]: Start isIncluded. First operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) Second operand 104 states. [2021-09-13 23:47:55,215 INFO L87 Difference]: Start difference. First operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) Second operand 104 states. [2021-09-13 23:47:55,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:55,218 INFO L93 Difference]: Finished difference Result 104 states and 123 transitions. [2021-09-13 23:47:55,218 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 123 transitions. [2021-09-13 23:47:55,218 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:55,218 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:55,219 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:55,219 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:55,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 66 states have (on average 1.5) internal successors, (99), 81 states have internal predecessors, (99), 11 states have call successors, (11), 11 states have call predecessors, (11), 13 states have return successors, (13), 13 states have call predecessors, (13), 10 states have call successors, (13) [2021-09-13 23:47:55,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 123 transitions. [2021-09-13 23:47:55,222 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 123 transitions. Word has length 22 [2021-09-13 23:47:55,222 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:55,222 INFO L470 AbstractCegarLoop]: Abstraction has 104 states and 123 transitions. [2021-09-13 23:47:55,222 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 3.25) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2021-09-13 23:47:55,222 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 123 transitions. [2021-09-13 23:47:55,223 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2021-09-13 23:47:55,223 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:55,223 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:55,231 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2021-09-13 23:47:55,429 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:55,430 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting disconnect_6Err0REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:55,430 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:55,430 INFO L82 PathProgramCache]: Analyzing trace with hash -503576158, now seen corresponding path program 1 times [2021-09-13 23:47:55,430 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:55,431 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [438793907] [2021-09-13 23:47:55,431 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:55,431 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:55,431 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:55,432 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:55,432 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2021-09-13 23:47:55,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:55,520 INFO L263 TraceCheckSpWp]: Trace formula consists of 108 conjuncts, 5 conjunts are in the unsatisfiable core [2021-09-13 23:47:55,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:55,529 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:55,630 INFO L264 TraceCheckUtils]: 0: Hoare triple {2298#true} call ULTIMATE.init(); {2298#true} is VALID [2021-09-13 23:47:55,630 INFO L281 TraceCheckUtils]: 1: Hoare triple {2298#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {2298#true} is VALID [2021-09-13 23:47:55,630 INFO L281 TraceCheckUtils]: 2: Hoare triple {2298#true} assume true; {2298#true} is VALID [2021-09-13 23:47:55,630 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {2298#true} {2298#true} #506#return; {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L264 TraceCheckUtils]: 4: Hoare triple {2298#true} call main(); {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L264 TraceCheckUtils]: 5: Hoare triple {2298#true} call entry_point(); {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L264 TraceCheckUtils]: 6: Hoare triple {2298#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L281 TraceCheckUtils]: 7: Hoare triple {2298#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {2324#(= probe3_6_~ret~0 (_ bv3 32))} is VALID [2021-09-13 23:47:55,631 INFO L264 TraceCheckUtils]: 8: Hoare triple {2324#(= probe3_6_~ret~0 (_ bv3 32))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L281 TraceCheckUtils]: 9: Hoare triple {2298#true} ~size := #in~size; {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L281 TraceCheckUtils]: 10: Hoare triple {2298#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2298#true} is VALID [2021-09-13 23:47:55,631 INFO L281 TraceCheckUtils]: 11: Hoare triple {2298#true} assume true; {2298#true} is VALID [2021-09-13 23:47:55,632 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {2298#true} {2324#(= probe3_6_~ret~0 (_ bv3 32))} #462#return; {2324#(= probe3_6_~ret~0 (_ bv3 32))} is VALID [2021-09-13 23:47:55,632 INFO L281 TraceCheckUtils]: 13: Hoare triple {2324#(= probe3_6_~ret~0 (_ bv3 32))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {2324#(= probe3_6_~ret~0 (_ bv3 32))} is VALID [2021-09-13 23:47:55,633 INFO L281 TraceCheckUtils]: 14: Hoare triple {2324#(= probe3_6_~ret~0 (_ bv3 32))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {2346#(= |probe3_6_#res| (_ bv3 32))} is VALID [2021-09-13 23:47:55,633 INFO L281 TraceCheckUtils]: 15: Hoare triple {2346#(= |probe3_6_#res| (_ bv3 32))} assume true; {2346#(= |probe3_6_#res| (_ bv3 32))} is VALID [2021-09-13 23:47:55,634 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {2346#(= |probe3_6_#res| (_ bv3 32))} {2298#true} #494#return; {2353#(= (_ bv3 32) |entry_point_#t~ret44|)} is VALID [2021-09-13 23:47:55,634 INFO L281 TraceCheckUtils]: 17: Hoare triple {2353#(= (_ bv3 32) |entry_point_#t~ret44|)} ~ret~1 := #t~ret44;havoc #t~ret44; {2357#(= entry_point_~ret~1 (_ bv3 32))} is VALID [2021-09-13 23:47:55,634 INFO L281 TraceCheckUtils]: 18: Hoare triple {2357#(= entry_point_~ret~1 (_ bv3 32))} assume 0bv32 == ~ret~1; {2299#false} is VALID [2021-09-13 23:47:55,634 INFO L264 TraceCheckUtils]: 19: Hoare triple {2299#false} call disconnect_6(~#a6~0.base, ~#a6~0.offset); {2299#false} is VALID [2021-09-13 23:47:55,635 INFO L281 TraceCheckUtils]: 20: Hoare triple {2299#false} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {2299#false} is VALID [2021-09-13 23:47:55,635 INFO L281 TraceCheckUtils]: 21: Hoare triple {2299#false} assume !(1bv1 == #valid[~a.base]); {2299#false} is VALID [2021-09-13 23:47:55,635 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:55,635 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:55,810 INFO L281 TraceCheckUtils]: 21: Hoare triple {2299#false} assume !(1bv1 == #valid[~a.base]); {2299#false} is VALID [2021-09-13 23:47:55,810 INFO L281 TraceCheckUtils]: 20: Hoare triple {2299#false} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {2299#false} is VALID [2021-09-13 23:47:55,811 INFO L264 TraceCheckUtils]: 19: Hoare triple {2299#false} call disconnect_6(~#a6~0.base, ~#a6~0.offset); {2299#false} is VALID [2021-09-13 23:47:55,811 INFO L281 TraceCheckUtils]: 18: Hoare triple {2379#(not (= entry_point_~ret~1 (_ bv0 32)))} assume 0bv32 == ~ret~1; {2299#false} is VALID [2021-09-13 23:47:55,811 INFO L281 TraceCheckUtils]: 17: Hoare triple {2383#(not (= (_ bv0 32) |entry_point_#t~ret44|))} ~ret~1 := #t~ret44;havoc #t~ret44; {2379#(not (= entry_point_~ret~1 (_ bv0 32)))} is VALID [2021-09-13 23:47:55,812 INFO L276 TraceCheckUtils]: 16: Hoare quadruple {2390#(not (= |probe3_6_#res| (_ bv0 32)))} {2298#true} #494#return; {2383#(not (= (_ bv0 32) |entry_point_#t~ret44|))} is VALID [2021-09-13 23:47:55,812 INFO L281 TraceCheckUtils]: 15: Hoare triple {2390#(not (= |probe3_6_#res| (_ bv0 32)))} assume true; {2390#(not (= |probe3_6_#res| (_ bv0 32)))} is VALID [2021-09-13 23:47:55,813 INFO L281 TraceCheckUtils]: 14: Hoare triple {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} assume ~p~0.base == 0bv32 && ~p~0.offset == 0bv32;#res := ~ret~0; {2390#(not (= |probe3_6_#res| (_ bv0 32)))} is VALID [2021-09-13 23:47:55,813 INFO L281 TraceCheckUtils]: 13: Hoare triple {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} is VALID [2021-09-13 23:47:55,814 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {2298#true} {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} #462#return; {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} is VALID [2021-09-13 23:47:55,814 INFO L281 TraceCheckUtils]: 11: Hoare triple {2298#true} assume true; {2298#true} is VALID [2021-09-13 23:47:55,814 INFO L281 TraceCheckUtils]: 10: Hoare triple {2298#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2298#true} is VALID [2021-09-13 23:47:55,814 INFO L281 TraceCheckUtils]: 9: Hoare triple {2298#true} ~size := #in~size; {2298#true} is VALID [2021-09-13 23:47:55,814 INFO L264 TraceCheckUtils]: 8: Hoare triple {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {2298#true} is VALID [2021-09-13 23:47:55,815 INFO L281 TraceCheckUtils]: 7: Hoare triple {2298#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {2397#(not (= probe3_6_~ret~0 (_ bv0 32)))} is VALID [2021-09-13 23:47:55,815 INFO L264 TraceCheckUtils]: 6: Hoare triple {2298#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {2298#true} is VALID [2021-09-13 23:47:55,815 INFO L264 TraceCheckUtils]: 5: Hoare triple {2298#true} call entry_point(); {2298#true} is VALID [2021-09-13 23:47:55,815 INFO L264 TraceCheckUtils]: 4: Hoare triple {2298#true} call main(); {2298#true} is VALID [2021-09-13 23:47:55,815 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {2298#true} {2298#true} #506#return; {2298#true} is VALID [2021-09-13 23:47:55,816 INFO L281 TraceCheckUtils]: 2: Hoare triple {2298#true} assume true; {2298#true} is VALID [2021-09-13 23:47:55,816 INFO L281 TraceCheckUtils]: 1: Hoare triple {2298#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {2298#true} is VALID [2021-09-13 23:47:55,816 INFO L264 TraceCheckUtils]: 0: Hoare triple {2298#true} call ULTIMATE.init(); {2298#true} is VALID [2021-09-13 23:47:55,816 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:55,816 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:55,816 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [438793907] [2021-09-13 23:47:55,817 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [438793907] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:55,817 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:55,817 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6, 6] imperfect sequences [] total 10 [2021-09-13 23:47:55,817 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1543812804] [2021-09-13 23:47:55,817 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) Word has length 22 [2021-09-13 23:47:55,818 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:55,818 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) [2021-09-13 23:47:55,842 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:55,843 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2021-09-13 23:47:55,843 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:55,843 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2021-09-13 23:47:55,843 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2021-09-13 23:47:55,844 INFO L87 Difference]: Start difference. First operand 104 states and 123 transitions. Second operand has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) [2021-09-13 23:47:56,559 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:56,559 INFO L93 Difference]: Finished difference Result 118 states and 137 transitions. [2021-09-13 23:47:56,559 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2021-09-13 23:47:56,559 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) Word has length 22 [2021-09-13 23:47:56,560 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:56,560 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) [2021-09-13 23:47:56,561 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 82 transitions. [2021-09-13 23:47:56,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) [2021-09-13 23:47:56,563 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 82 transitions. [2021-09-13 23:47:56,563 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 82 transitions. [2021-09-13 23:47:56,622 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 82 edges. 82 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:56,623 INFO L225 Difference]: With dead ends: 118 [2021-09-13 23:47:56,624 INFO L226 Difference]: Without dead ends: 114 [2021-09-13 23:47:56,624 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 35 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 60.14ms TimeCoverageRelationStatistics Valid=32, Invalid=100, Unknown=0, NotChecked=0, Total=132 [2021-09-13 23:47:56,624 INFO L928 BasicCegarLoop]: 15 mSDtfsCounter, 14 mSDsluCounter, 467 mSDsCounter, 0 mSdLazyCounter, 406 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 298.77ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 410 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.79ms SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 406 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 300.94ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:56,625 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [15 Valid, 116 Invalid, 410 Unknown, 0 Unchecked, 2.79ms Time], IncrementalHoareTripleChecker [4 Valid, 406 Invalid, 0 Unknown, 0 Unchecked, 300.94ms Time] [2021-09-13 23:47:56,625 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 114 states. [2021-09-13 23:47:56,628 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 114 to 108. [2021-09-13 23:47:56,628 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:56,628 INFO L82 GeneralOperation]: Start isEquivalent. First operand 114 states. Second operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:56,629 INFO L74 IsIncluded]: Start isIncluded. First operand 114 states. Second operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:56,629 INFO L87 Difference]: Start difference. First operand 114 states. Second operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:56,631 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:56,631 INFO L93 Difference]: Finished difference Result 114 states and 133 transitions. [2021-09-13 23:47:56,631 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 133 transitions. [2021-09-13 23:47:56,632 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:56,632 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:56,632 INFO L74 IsIncluded]: Start isIncluded. First operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 114 states. [2021-09-13 23:47:56,632 INFO L87 Difference]: Start difference. First operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 114 states. [2021-09-13 23:47:56,635 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:56,635 INFO L93 Difference]: Finished difference Result 114 states and 133 transitions. [2021-09-13 23:47:56,635 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 133 transitions. [2021-09-13 23:47:56,635 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:56,635 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:56,635 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:56,636 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:56,636 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 69 states have (on average 1.463768115942029) internal successors, (101), 84 states have internal predecessors, (101), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:56,638 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 126 transitions. [2021-09-13 23:47:56,638 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 126 transitions. Word has length 22 [2021-09-13 23:47:56,638 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:56,638 INFO L470 AbstractCegarLoop]: Abstraction has 108 states and 126 transitions. [2021-09-13 23:47:56,638 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 1.9) internal successors, (19), 8 states have internal predecessors, (19), 4 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (5), 5 states have call predecessors, (5), 3 states have call successors, (5) [2021-09-13 23:47:56,639 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 126 transitions. [2021-09-13 23:47:56,639 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2021-09-13 23:47:56,639 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:56,639 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:56,650 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Ended with exit code 0 [2021-09-13 23:47:56,845 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:56,846 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting probe3_6Err6ASSERT_VIOLATIONMEMORY_FREE === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:56,846 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:56,846 INFO L82 PathProgramCache]: Analyzing trace with hash -1238127481, now seen corresponding path program 1 times [2021-09-13 23:47:56,846 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:56,846 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [50447653] [2021-09-13 23:47:56,846 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:56,846 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:56,846 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:56,847 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:56,848 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2021-09-13 23:47:56,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:56,937 INFO L263 TraceCheckSpWp]: Trace formula consists of 109 conjuncts, 6 conjunts are in the unsatisfiable core [2021-09-13 23:47:56,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:56,953 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:57,297 INFO L264 TraceCheckUtils]: 0: Hoare triple {2897#true} call ULTIMATE.init(); {2897#true} is VALID [2021-09-13 23:47:57,298 INFO L281 TraceCheckUtils]: 1: Hoare triple {2897#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,298 INFO L281 TraceCheckUtils]: 2: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume true; {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,299 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} {2897#true} #506#return; {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,299 INFO L264 TraceCheckUtils]: 4: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} call main(); {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,299 INFO L264 TraceCheckUtils]: 5: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point(); {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,300 INFO L264 TraceCheckUtils]: 6: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,300 INFO L281 TraceCheckUtils]: 7: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,301 INFO L264 TraceCheckUtils]: 8: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,301 INFO L281 TraceCheckUtils]: 9: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,302 INFO L281 TraceCheckUtils]: 10: Hoare triple {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2933#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2021-09-13 23:47:57,302 INFO L281 TraceCheckUtils]: 11: Hoare triple {2933#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {2933#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2021-09-13 23:47:57,303 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {2933#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {2905#(bvult (_ bv0 32) |#StackHeapBarrier|)} #462#return; {2940#(and (not (= |probe3_6_#t~ret40.base| (_ bv0 32))) (bvult |probe3_6_#t~ret40.base| |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,303 INFO L281 TraceCheckUtils]: 13: Hoare triple {2940#(and (not (= |probe3_6_#t~ret40.base| (_ bv0 32))) (bvult |probe3_6_#t~ret40.base| |#StackHeapBarrier|))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,303 INFO L281 TraceCheckUtils]: 14: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,305 INFO L264 TraceCheckUtils]: 15: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} call #t~ret41 := f6(); {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} is VALID [2021-09-13 23:47:57,305 INFO L281 TraceCheckUtils]: 16: Hoare triple {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} #res := #t~nondet38;havoc #t~nondet38; {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} is VALID [2021-09-13 23:47:57,306 INFO L281 TraceCheckUtils]: 17: Hoare triple {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} assume true; {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} is VALID [2021-09-13 23:47:57,306 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {2951#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ BitVec 32))) (and (bvult v_probe3_6_~p~0.base_BEFORE_CALL_1 |#StackHeapBarrier|) (not (= v_probe3_6_~p~0.base_BEFORE_CALL_1 (_ bv0 32)))))} {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} #464#return; {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,307 INFO L281 TraceCheckUtils]: 19: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} ~ret~0 := #t~ret41;havoc #t~ret41; {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,307 INFO L281 TraceCheckUtils]: 20: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} assume ~bvslt32(~ret~0, 0bv32); {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,307 INFO L281 TraceCheckUtils]: 21: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} assume 0bv32 == ~p~0.offset; {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} is VALID [2021-09-13 23:47:57,308 INFO L281 TraceCheckUtils]: 22: Hoare triple {2944#(and (not (= probe3_6_~p~0.base (_ bv0 32))) (bvult probe3_6_~p~0.base |#StackHeapBarrier|))} assume !~bvult32(~p~0.base, #StackHeapBarrier); {2898#false} is VALID [2021-09-13 23:47:57,308 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:57,308 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:57,456 INFO L281 TraceCheckUtils]: 22: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} assume !~bvult32(~p~0.base, #StackHeapBarrier); {2898#false} is VALID [2021-09-13 23:47:57,457 INFO L281 TraceCheckUtils]: 21: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} assume 0bv32 == ~p~0.offset; {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,457 INFO L281 TraceCheckUtils]: 20: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} assume ~bvslt32(~ret~0, 0bv32); {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,457 INFO L281 TraceCheckUtils]: 19: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} ~ret~0 := #t~ret41;havoc #t~ret41; {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,458 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {2897#true} {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} #464#return; {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,458 INFO L281 TraceCheckUtils]: 17: Hoare triple {2897#true} assume true; {2897#true} is VALID [2021-09-13 23:47:57,458 INFO L281 TraceCheckUtils]: 16: Hoare triple {2897#true} #res := #t~nondet38;havoc #t~nondet38; {2897#true} is VALID [2021-09-13 23:47:57,458 INFO L264 TraceCheckUtils]: 15: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} call #t~ret41 := f6(); {2897#true} is VALID [2021-09-13 23:47:57,458 INFO L281 TraceCheckUtils]: 14: Hoare triple {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,463 INFO L281 TraceCheckUtils]: 13: Hoare triple {3001#(bvult |probe3_6_#t~ret40.base| |#StackHeapBarrier|)} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {2973#(bvult probe3_6_~p~0.base |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,464 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {3008#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {2897#true} #462#return; {3001#(bvult |probe3_6_#t~ret40.base| |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,465 INFO L281 TraceCheckUtils]: 11: Hoare triple {3008#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {3008#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,465 INFO L281 TraceCheckUtils]: 10: Hoare triple {2897#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3008#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2021-09-13 23:47:57,465 INFO L281 TraceCheckUtils]: 9: Hoare triple {2897#true} ~size := #in~size; {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L264 TraceCheckUtils]: 8: Hoare triple {2897#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L281 TraceCheckUtils]: 7: Hoare triple {2897#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L264 TraceCheckUtils]: 6: Hoare triple {2897#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L264 TraceCheckUtils]: 5: Hoare triple {2897#true} call entry_point(); {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L264 TraceCheckUtils]: 4: Hoare triple {2897#true} call main(); {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {2897#true} {2897#true} #506#return; {2897#true} is VALID [2021-09-13 23:47:57,466 INFO L281 TraceCheckUtils]: 2: Hoare triple {2897#true} assume true; {2897#true} is VALID [2021-09-13 23:47:57,467 INFO L281 TraceCheckUtils]: 1: Hoare triple {2897#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {2897#true} is VALID [2021-09-13 23:47:57,467 INFO L264 TraceCheckUtils]: 0: Hoare triple {2897#true} call ULTIMATE.init(); {2897#true} is VALID [2021-09-13 23:47:57,467 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:57,467 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:57,467 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [50447653] [2021-09-13 23:47:57,467 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [50447653] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:57,467 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:57,468 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6, 4] imperfect sequences [] total 9 [2021-09-13 23:47:57,468 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1996961867] [2021-09-13 23:47:57,468 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) Word has length 23 [2021-09-13 23:47:57,468 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:57,469 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2021-09-13 23:47:57,522 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 45 edges. 45 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:57,522 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2021-09-13 23:47:57,522 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:57,524 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2021-09-13 23:47:57,524 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2021-09-13 23:47:57,525 INFO L87 Difference]: Start difference. First operand 108 states and 126 transitions. Second operand has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2021-09-13 23:47:58,265 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:58,266 INFO L93 Difference]: Finished difference Result 108 states and 122 transitions. [2021-09-13 23:47:58,266 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2021-09-13 23:47:58,266 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) Word has length 23 [2021-09-13 23:47:58,266 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:58,266 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2021-09-13 23:47:58,269 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 98 transitions. [2021-09-13 23:47:58,269 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2021-09-13 23:47:58,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 98 transitions. [2021-09-13 23:47:58,271 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 98 transitions. [2021-09-13 23:47:58,369 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 98 edges. 98 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:58,370 INFO L225 Difference]: With dead ends: 108 [2021-09-13 23:47:58,370 INFO L226 Difference]: Without dead ends: 108 [2021-09-13 23:47:58,370 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 36 SyntacticMatches, 1 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 73.28ms TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2021-09-13 23:47:58,371 INFO L928 BasicCegarLoop]: 14 mSDtfsCounter, 64 mSDsluCounter, 252 mSDsCounter, 0 mSdLazyCounter, 356 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 343.42ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 20 SdHoareTripleChecker+Invalid, 435 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.09ms SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 356 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 67 IncrementalHoareTripleChecker+Unchecked, 346.09ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:58,371 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [70 Valid, 20 Invalid, 435 Unknown, 0 Unchecked, 2.09ms Time], IncrementalHoareTripleChecker [12 Valid, 356 Invalid, 0 Unknown, 67 Unchecked, 346.09ms Time] [2021-09-13 23:47:58,372 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2021-09-13 23:47:58,382 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 106. [2021-09-13 23:47:58,382 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:58,382 INFO L82 GeneralOperation]: Start isEquivalent. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:58,383 INFO L74 IsIncluded]: Start isIncluded. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:58,383 INFO L87 Difference]: Start difference. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:58,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:58,385 INFO L93 Difference]: Finished difference Result 108 states and 122 transitions. [2021-09-13 23:47:58,385 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 122 transitions. [2021-09-13 23:47:58,385 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:58,385 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:58,386 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 108 states. [2021-09-13 23:47:58,386 INFO L87 Difference]: Start difference. First operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 108 states. [2021-09-13 23:47:58,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:58,388 INFO L93 Difference]: Finished difference Result 108 states and 122 transitions. [2021-09-13 23:47:58,388 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 122 transitions. [2021-09-13 23:47:58,388 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:58,388 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:58,388 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:58,389 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:58,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 69 states have (on average 1.4057971014492754) internal successors, (97), 82 states have internal predecessors, (97), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:58,391 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 122 transitions. [2021-09-13 23:47:58,391 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 122 transitions. Word has length 23 [2021-09-13 23:47:58,392 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:58,393 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 122 transitions. [2021-09-13 23:47:58,393 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 3.111111111111111) internal successors, (28), 8 states have internal predecessors, (28), 4 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (6), 6 states have call predecessors, (6), 4 states have call successors, (6) [2021-09-13 23:47:58,393 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 122 transitions. [2021-09-13 23:47:58,393 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2021-09-13 23:47:58,393 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:58,393 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:58,404 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2021-09-13 23:47:58,606 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:58,606 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting probe3_6Err7ASSERT_VIOLATIONMEMORY_FREE === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:58,606 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:58,606 INFO L82 PathProgramCache]: Analyzing trace with hash 272754043, now seen corresponding path program 1 times [2021-09-13 23:47:58,606 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:58,606 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2124601574] [2021-09-13 23:47:58,606 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:58,607 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:58,607 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:58,607 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:58,608 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2021-09-13 23:47:58,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:58,698 INFO L263 TraceCheckSpWp]: Trace formula consists of 111 conjuncts, 4 conjunts are in the unsatisfiable core [2021-09-13 23:47:58,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:58,708 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:58,742 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2021-09-13 23:47:58,885 INFO L264 TraceCheckUtils]: 0: Hoare triple {3474#true} call ULTIMATE.init(); {3474#true} is VALID [2021-09-13 23:47:58,888 INFO L281 TraceCheckUtils]: 1: Hoare triple {3474#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {3474#true} is VALID [2021-09-13 23:47:58,888 INFO L281 TraceCheckUtils]: 2: Hoare triple {3474#true} assume true; {3474#true} is VALID [2021-09-13 23:47:58,888 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {3474#true} {3474#true} #506#return; {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L264 TraceCheckUtils]: 4: Hoare triple {3474#true} call main(); {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L264 TraceCheckUtils]: 5: Hoare triple {3474#true} call entry_point(); {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L264 TraceCheckUtils]: 6: Hoare triple {3474#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L281 TraceCheckUtils]: 7: Hoare triple {3474#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L264 TraceCheckUtils]: 8: Hoare triple {3474#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {3474#true} is VALID [2021-09-13 23:47:58,889 INFO L281 TraceCheckUtils]: 9: Hoare triple {3474#true} ~size := #in~size; {3474#true} is VALID [2021-09-13 23:47:58,890 INFO L281 TraceCheckUtils]: 10: Hoare triple {3474#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} is VALID [2021-09-13 23:47:58,891 INFO L281 TraceCheckUtils]: 11: Hoare triple {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} assume true; {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} is VALID [2021-09-13 23:47:58,891 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} {3474#true} #462#return; {3516#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| |probe3_6_#t~ret40.base|)))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,892 INFO L281 TraceCheckUtils]: 13: Hoare triple {3516#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| |probe3_6_#t~ret40.base|)))))) (_ bv1 1)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,892 INFO L281 TraceCheckUtils]: 14: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,893 INFO L264 TraceCheckUtils]: 15: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} call #t~ret41 := f6(); {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} is VALID [2021-09-13 23:47:58,893 INFO L281 TraceCheckUtils]: 16: Hoare triple {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} #res := #t~nondet38;havoc #t~nondet38; {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} is VALID [2021-09-13 23:47:58,894 INFO L281 TraceCheckUtils]: 17: Hoare triple {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} assume true; {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} is VALID [2021-09-13 23:47:58,894 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {3527#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_3 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_3))))))))))) (_ bv1 1))))} {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} #464#return; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,894 INFO L281 TraceCheckUtils]: 19: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} ~ret~0 := #t~ret41;havoc #t~ret41; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,895 INFO L281 TraceCheckUtils]: 20: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume ~bvslt32(~ret~0, 0bv32); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,896 INFO L281 TraceCheckUtils]: 21: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume 0bv32 == ~p~0.offset; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,896 INFO L281 TraceCheckUtils]: 22: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:58,897 INFO L281 TraceCheckUtils]: 23: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume !(0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base]); {3475#false} is VALID [2021-09-13 23:47:58,897 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:58,897 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:47:59,067 INFO L281 TraceCheckUtils]: 23: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume !(0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base]); {3475#false} is VALID [2021-09-13 23:47:59,067 INFO L281 TraceCheckUtils]: 22: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,068 INFO L281 TraceCheckUtils]: 21: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume 0bv32 == ~p~0.offset; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,068 INFO L281 TraceCheckUtils]: 20: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume ~bvslt32(~ret~0, 0bv32); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,068 INFO L281 TraceCheckUtils]: 19: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} ~ret~0 := #t~ret41;havoc #t~ret41; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,069 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {3474#true} {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} #464#return; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,069 INFO L281 TraceCheckUtils]: 17: Hoare triple {3474#true} assume true; {3474#true} is VALID [2021-09-13 23:47:59,069 INFO L281 TraceCheckUtils]: 16: Hoare triple {3474#true} #res := #t~nondet38;havoc #t~nondet38; {3474#true} is VALID [2021-09-13 23:47:59,069 INFO L264 TraceCheckUtils]: 15: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} call #t~ret41 := f6(); {3474#true} is VALID [2021-09-13 23:47:59,069 INFO L281 TraceCheckUtils]: 14: Hoare triple {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,070 INFO L281 TraceCheckUtils]: 13: Hoare triple {3516#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| |probe3_6_#t~ret40.base|)))))) (_ bv1 1)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {3520#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| probe3_6_~p~0.base))))))))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,070 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} {3474#true} #462#return; {3516#(= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (bvneg (bvneg (select |#valid| |probe3_6_#t~ret40.base|)))))) (_ bv1 1)))} is VALID [2021-09-13 23:47:59,071 INFO L281 TraceCheckUtils]: 11: Hoare triple {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} assume true; {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} is VALID [2021-09-13 23:47:59,072 INFO L281 TraceCheckUtils]: 10: Hoare triple {3474#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3509#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)))} is VALID [2021-09-13 23:47:59,072 INFO L281 TraceCheckUtils]: 9: Hoare triple {3474#true} ~size := #in~size; {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L264 TraceCheckUtils]: 8: Hoare triple {3474#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L281 TraceCheckUtils]: 7: Hoare triple {3474#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L264 TraceCheckUtils]: 6: Hoare triple {3474#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L264 TraceCheckUtils]: 5: Hoare triple {3474#true} call entry_point(); {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L264 TraceCheckUtils]: 4: Hoare triple {3474#true} call main(); {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {3474#true} {3474#true} #506#return; {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L281 TraceCheckUtils]: 2: Hoare triple {3474#true} assume true; {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L281 TraceCheckUtils]: 1: Hoare triple {3474#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {3474#true} is VALID [2021-09-13 23:47:59,072 INFO L264 TraceCheckUtils]: 0: Hoare triple {3474#true} call ULTIMATE.init(); {3474#true} is VALID [2021-09-13 23:47:59,073 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:59,073 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:47:59,073 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2124601574] [2021-09-13 23:47:59,073 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2124601574] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:47:59,073 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:47:59,073 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 4] imperfect sequences [] total 5 [2021-09-13 23:47:59,073 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [107932904] [2021-09-13 23:47:59,074 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 24 [2021-09-13 23:47:59,074 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:47:59,074 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:47:59,094 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:59,094 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-09-13 23:47:59,094 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:47:59,094 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-09-13 23:47:59,094 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2021-09-13 23:47:59,095 INFO L87 Difference]: Start difference. First operand 106 states and 122 transitions. Second operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:47:59,454 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:59,454 INFO L93 Difference]: Finished difference Result 108 states and 120 transitions. [2021-09-13 23:47:59,454 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2021-09-13 23:47:59,455 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 24 [2021-09-13 23:47:59,455 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:47:59,455 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:47:59,456 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 92 transitions. [2021-09-13 23:47:59,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:47:59,457 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 92 transitions. [2021-09-13 23:47:59,458 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 92 transitions. [2021-09-13 23:47:59,518 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 92 edges. 92 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:47:59,519 INFO L225 Difference]: With dead ends: 108 [2021-09-13 23:47:59,519 INFO L226 Difference]: Without dead ends: 108 [2021-09-13 23:47:59,519 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 47 GetRequests, 39 SyntacticMatches, 4 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 41.65ms TimeCoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2021-09-13 23:47:59,520 INFO L928 BasicCegarLoop]: 16 mSDtfsCounter, 15 mSDsluCounter, 213 mSDsCounter, 0 mSdLazyCounter, 201 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 152.46ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 68 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 1.70ms SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 201 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 56 IncrementalHoareTripleChecker+Unchecked, 153.90ms IncrementalHoareTripleChecker+Time [2021-09-13 23:47:59,520 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 68 Invalid, 258 Unknown, 0 Unchecked, 1.70ms Time], IncrementalHoareTripleChecker [1 Valid, 201 Invalid, 0 Unknown, 56 Unchecked, 153.90ms Time] [2021-09-13 23:47:59,521 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2021-09-13 23:47:59,522 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 106. [2021-09-13 23:47:59,522 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:47:59,523 INFO L82 GeneralOperation]: Start isEquivalent. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:59,523 INFO L74 IsIncluded]: Start isIncluded. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:59,523 INFO L87 Difference]: Start difference. First operand 108 states. Second operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:59,525 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:59,525 INFO L93 Difference]: Finished difference Result 108 states and 120 transitions. [2021-09-13 23:47:59,529 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 120 transitions. [2021-09-13 23:47:59,529 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:59,529 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:59,530 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 108 states. [2021-09-13 23:47:59,530 INFO L87 Difference]: Start difference. First operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) Second operand 108 states. [2021-09-13 23:47:59,532 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:47:59,532 INFO L93 Difference]: Finished difference Result 108 states and 120 transitions. [2021-09-13 23:47:59,532 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 120 transitions. [2021-09-13 23:47:59,532 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:47:59,532 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:47:59,533 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:47:59,533 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:47:59,533 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 82 states have internal predecessors, (95), 11 states have call successors, (11), 11 states have call predecessors, (11), 14 states have return successors, (14), 14 states have call predecessors, (14), 10 states have call successors, (14) [2021-09-13 23:47:59,535 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 120 transitions. [2021-09-13 23:47:59,535 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 120 transitions. Word has length 24 [2021-09-13 23:47:59,535 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:47:59,535 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 120 transitions. [2021-09-13 23:47:59,535 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:47:59,535 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 120 transitions. [2021-09-13 23:47:59,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2021-09-13 23:47:59,536 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:47:59,536 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:47:59,544 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2021-09-13 23:47:59,742 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:47:59,742 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting probe3_6Err7ASSERT_VIOLATIONMEMORY_FREE === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:47:59,743 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:47:59,743 INFO L82 PathProgramCache]: Analyzing trace with hash -232804582, now seen corresponding path program 1 times [2021-09-13 23:47:59,743 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:47:59,743 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [751793044] [2021-09-13 23:47:59,743 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:47:59,743 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:47:59,743 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:47:59,744 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:47:59,745 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2021-09-13 23:47:59,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:59,833 INFO L263 TraceCheckSpWp]: Trace formula consists of 107 conjuncts, 7 conjunts are in the unsatisfiable core [2021-09-13 23:47:59,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:47:59,847 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:47:59,986 INFO L264 TraceCheckUtils]: 0: Hoare triple {4053#true} call ULTIMATE.init(); {4053#true} is VALID [2021-09-13 23:47:59,986 INFO L281 TraceCheckUtils]: 1: Hoare triple {4053#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {4053#true} is VALID [2021-09-13 23:47:59,986 INFO L281 TraceCheckUtils]: 2: Hoare triple {4053#true} assume true; {4053#true} is VALID [2021-09-13 23:47:59,988 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {4053#true} {4053#true} #506#return; {4053#true} is VALID [2021-09-13 23:47:59,988 INFO L264 TraceCheckUtils]: 4: Hoare triple {4053#true} call main(); {4053#true} is VALID [2021-09-13 23:47:59,988 INFO L264 TraceCheckUtils]: 5: Hoare triple {4053#true} call entry_point(); {4053#true} is VALID [2021-09-13 23:47:59,988 INFO L264 TraceCheckUtils]: 6: Hoare triple {4053#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {4053#true} is VALID [2021-09-13 23:47:59,988 INFO L281 TraceCheckUtils]: 7: Hoare triple {4053#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {4053#true} is VALID [2021-09-13 23:47:59,989 INFO L264 TraceCheckUtils]: 8: Hoare triple {4053#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {4053#true} is VALID [2021-09-13 23:47:59,989 INFO L281 TraceCheckUtils]: 9: Hoare triple {4053#true} ~size := #in~size; {4053#true} is VALID [2021-09-13 23:47:59,989 INFO L281 TraceCheckUtils]: 10: Hoare triple {4053#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:59,990 INFO L281 TraceCheckUtils]: 11: Hoare triple {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:47:59,990 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {4053#true} #462#return; {4095#(and (= |probe3_6_#t~ret40.base| (_ bv0 32)) (= |probe3_6_#t~ret40.offset| (_ bv0 32)))} is VALID [2021-09-13 23:47:59,991 INFO L281 TraceCheckUtils]: 13: Hoare triple {4095#(and (= |probe3_6_#t~ret40.base| (_ bv0 32)) (= |probe3_6_#t~ret40.offset| (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4099#(and (= probe3_6_~p~0.base (_ bv0 32)) (= (_ bv0 32) probe3_6_~p~0.offset))} is VALID [2021-09-13 23:47:59,991 INFO L281 TraceCheckUtils]: 14: Hoare triple {4099#(and (= probe3_6_~p~0.base (_ bv0 32)) (= (_ bv0 32) probe3_6_~p~0.offset))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4054#false} is VALID [2021-09-13 23:47:59,991 INFO L264 TraceCheckUtils]: 15: Hoare triple {4054#false} call #t~ret41 := f6(); {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 16: Hoare triple {4054#false} #res := #t~nondet38;havoc #t~nondet38; {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 17: Hoare triple {4054#false} assume true; {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4054#false} {4054#false} #464#return; {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 19: Hoare triple {4054#false} ~ret~0 := #t~ret41;havoc #t~ret41; {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 20: Hoare triple {4054#false} assume ~bvslt32(~ret~0, 0bv32); {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 21: Hoare triple {4054#false} assume 0bv32 == ~p~0.offset; {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 22: Hoare triple {4054#false} assume ~bvult32(~p~0.base, #StackHeapBarrier); {4054#false} is VALID [2021-09-13 23:47:59,992 INFO L281 TraceCheckUtils]: 23: Hoare triple {4054#false} assume !(0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base]); {4054#false} is VALID [2021-09-13 23:47:59,993 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:47:59,993 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:00,158 INFO L281 TraceCheckUtils]: 23: Hoare triple {4054#false} assume !(0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base]); {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L281 TraceCheckUtils]: 22: Hoare triple {4054#false} assume ~bvult32(~p~0.base, #StackHeapBarrier); {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L281 TraceCheckUtils]: 21: Hoare triple {4054#false} assume 0bv32 == ~p~0.offset; {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L281 TraceCheckUtils]: 20: Hoare triple {4054#false} assume ~bvslt32(~ret~0, 0bv32); {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L281 TraceCheckUtils]: 19: Hoare triple {4054#false} ~ret~0 := #t~ret41;havoc #t~ret41; {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4053#true} {4054#false} #464#return; {4054#false} is VALID [2021-09-13 23:48:00,159 INFO L281 TraceCheckUtils]: 17: Hoare triple {4053#true} assume true; {4053#true} is VALID [2021-09-13 23:48:00,160 INFO L281 TraceCheckUtils]: 16: Hoare triple {4053#true} #res := #t~nondet38;havoc #t~nondet38; {4053#true} is VALID [2021-09-13 23:48:00,160 INFO L264 TraceCheckUtils]: 15: Hoare triple {4054#false} call #t~ret41 := f6(); {4053#true} is VALID [2021-09-13 23:48:00,160 INFO L281 TraceCheckUtils]: 14: Hoare triple {4099#(and (= probe3_6_~p~0.base (_ bv0 32)) (= (_ bv0 32) probe3_6_~p~0.offset))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4054#false} is VALID [2021-09-13 23:48:00,160 INFO L281 TraceCheckUtils]: 13: Hoare triple {4095#(and (= |probe3_6_#t~ret40.base| (_ bv0 32)) (= |probe3_6_#t~ret40.offset| (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4099#(and (= probe3_6_~p~0.base (_ bv0 32)) (= (_ bv0 32) probe3_6_~p~0.offset))} is VALID [2021-09-13 23:48:00,161 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {4053#true} #462#return; {4095#(and (= |probe3_6_#t~ret40.base| (_ bv0 32)) (= |probe3_6_#t~ret40.offset| (_ bv0 32)))} is VALID [2021-09-13 23:48:00,162 INFO L281 TraceCheckUtils]: 11: Hoare triple {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:48:00,162 INFO L281 TraceCheckUtils]: 10: Hoare triple {4053#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4088#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2021-09-13 23:48:00,162 INFO L281 TraceCheckUtils]: 9: Hoare triple {4053#true} ~size := #in~size; {4053#true} is VALID [2021-09-13 23:48:00,162 INFO L264 TraceCheckUtils]: 8: Hoare triple {4053#true} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {4053#true} is VALID [2021-09-13 23:48:00,162 INFO L281 TraceCheckUtils]: 7: Hoare triple {4053#true} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {4053#true} is VALID [2021-09-13 23:48:00,162 INFO L264 TraceCheckUtils]: 6: Hoare triple {4053#true} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {4053#true} is VALID [2021-09-13 23:48:00,164 INFO L264 TraceCheckUtils]: 5: Hoare triple {4053#true} call entry_point(); {4053#true} is VALID [2021-09-13 23:48:00,165 INFO L264 TraceCheckUtils]: 4: Hoare triple {4053#true} call main(); {4053#true} is VALID [2021-09-13 23:48:00,165 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {4053#true} {4053#true} #506#return; {4053#true} is VALID [2021-09-13 23:48:00,165 INFO L281 TraceCheckUtils]: 2: Hoare triple {4053#true} assume true; {4053#true} is VALID [2021-09-13 23:48:00,165 INFO L281 TraceCheckUtils]: 1: Hoare triple {4053#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {4053#true} is VALID [2021-09-13 23:48:00,166 INFO L264 TraceCheckUtils]: 0: Hoare triple {4053#true} call ULTIMATE.init(); {4053#true} is VALID [2021-09-13 23:48:00,166 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:00,166 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:00,166 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [751793044] [2021-09-13 23:48:00,166 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [751793044] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:48:00,166 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:00,166 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5, 5] imperfect sequences [] total 5 [2021-09-13 23:48:00,166 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1396870237] [2021-09-13 23:48:00,167 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 24 [2021-09-13 23:48:00,167 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:48:00,167 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:48:00,188 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:00,188 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2021-09-13 23:48:00,188 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:48:00,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2021-09-13 23:48:00,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:48:00,189 INFO L87 Difference]: Start difference. First operand 106 states and 120 transitions. Second operand has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:48:00,519 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:00,519 INFO L93 Difference]: Finished difference Result 68 states and 70 transitions. [2021-09-13 23:48:00,519 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2021-09-13 23:48:00,520 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 24 [2021-09-13 23:48:00,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:48:00,520 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:48:00,521 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 67 transitions. [2021-09-13 23:48:00,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:48:00,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 67 transitions. [2021-09-13 23:48:00,522 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 67 transitions. [2021-09-13 23:48:00,570 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 67 edges. 67 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:00,571 INFO L225 Difference]: With dead ends: 68 [2021-09-13 23:48:00,571 INFO L226 Difference]: Without dead ends: 64 [2021-09-13 23:48:00,572 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 47 GetRequests, 44 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 16.11ms TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2021-09-13 23:48:00,572 INFO L928 BasicCegarLoop]: 16 mSDtfsCounter, 0 mSDsluCounter, 230 mSDsCounter, 0 mSdLazyCounter, 197 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 134.77ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 63 SdHoareTripleChecker+Invalid, 197 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 1.51ms SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 197 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 135.63ms IncrementalHoareTripleChecker+Time [2021-09-13 23:48:00,572 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 63 Invalid, 197 Unknown, 0 Unchecked, 1.51ms Time], IncrementalHoareTripleChecker [0 Valid, 197 Invalid, 0 Unknown, 0 Unchecked, 135.63ms Time] [2021-09-13 23:48:00,573 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2021-09-13 23:48:00,574 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2021-09-13 23:48:00,574 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:48:00,574 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:00,574 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:00,574 INFO L87 Difference]: Start difference. First operand 64 states. Second operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:00,575 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:00,576 INFO L93 Difference]: Finished difference Result 64 states and 66 transitions. [2021-09-13 23:48:00,576 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2021-09-13 23:48:00,576 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:00,576 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:00,576 INFO L74 IsIncluded]: Start isIncluded. First operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 64 states. [2021-09-13 23:48:00,577 INFO L87 Difference]: Start difference. First operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 64 states. [2021-09-13 23:48:00,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:00,578 INFO L93 Difference]: Finished difference Result 64 states and 66 transitions. [2021-09-13 23:48:00,578 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2021-09-13 23:48:00,578 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:00,578 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:00,578 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:48:00,578 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:48:00,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 38 states have (on average 1.3157894736842106) internal successors, (50), 48 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:00,579 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 66 transitions. [2021-09-13 23:48:00,579 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 66 transitions. Word has length 24 [2021-09-13 23:48:00,580 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:48:00,580 INFO L470 AbstractCegarLoop]: Abstraction has 64 states and 66 transitions. [2021-09-13 23:48:00,580 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.4) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2021-09-13 23:48:00,580 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 66 transitions. [2021-09-13 23:48:00,580 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2021-09-13 23:48:00,580 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:48:00,581 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:48:00,589 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:00,787 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:48:00,787 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting probe3_6Err0REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:48:00,787 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:48:00,787 INFO L82 PathProgramCache]: Analyzing trace with hash 1514319562, now seen corresponding path program 1 times [2021-09-13 23:48:00,788 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:48:00,788 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [582269805] [2021-09-13 23:48:00,788 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:00,788 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:48:00,788 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:48:00,789 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:48:00,832 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2021-09-13 23:48:00,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:00,909 INFO L263 TraceCheckSpWp]: Trace formula consists of 116 conjuncts, 13 conjunts are in the unsatisfiable core [2021-09-13 23:48:00,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:00,922 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:00,950 INFO L354 Elim1Store]: treesize reduction 34, result has 38.2 percent of original size [2021-09-13 23:48:00,950 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 12 treesize of output 26 [2021-09-13 23:48:01,131 INFO L354 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2021-09-13 23:48:01,132 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 21 [2021-09-13 23:48:01,303 INFO L264 TraceCheckUtils]: 0: Hoare triple {4461#true} call ULTIMATE.init(); {4461#true} is VALID [2021-09-13 23:48:01,304 INFO L281 TraceCheckUtils]: 1: Hoare triple {4461#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,305 INFO L281 TraceCheckUtils]: 2: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,305 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {4461#true} #506#return; {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,305 INFO L264 TraceCheckUtils]: 4: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,306 INFO L264 TraceCheckUtils]: 5: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,306 INFO L264 TraceCheckUtils]: 6: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {4485#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| |probe3_6_#in~a.base|))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,307 INFO L281 TraceCheckUtils]: 7: Hoare triple {4485#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| |probe3_6_#in~a.base|))) (_ bv1 1)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,307 INFO L264 TraceCheckUtils]: 8: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {4493#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:01,307 INFO L281 TraceCheckUtils]: 9: Hoare triple {4493#(= |old(#valid)| |#valid|)} ~size := #in~size; {4493#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:01,308 INFO L281 TraceCheckUtils]: 10: Hoare triple {4493#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4500#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:01,309 INFO L281 TraceCheckUtils]: 11: Hoare triple {4500#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {4500#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:01,309 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {4500#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #462#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,310 INFO L281 TraceCheckUtils]: 13: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,310 INFO L281 TraceCheckUtils]: 14: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,311 INFO L264 TraceCheckUtils]: 15: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret41 := f6(); {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,311 INFO L281 TraceCheckUtils]: 16: Hoare triple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} #res := #t~nondet38;havoc #t~nondet38; {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,312 INFO L281 TraceCheckUtils]: 17: Hoare triple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} assume true; {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,313 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #464#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,313 INFO L281 TraceCheckUtils]: 19: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~ret~0 := #t~ret41;havoc #t~ret41; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,317 INFO L281 TraceCheckUtils]: 20: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !~bvslt32(~ret~0, 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,317 INFO L264 TraceCheckUtils]: 21: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret42 := g6(); {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,319 INFO L281 TraceCheckUtils]: 22: Hoare triple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} #res := #t~nondet39;havoc #t~nondet39; {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,319 INFO L281 TraceCheckUtils]: 23: Hoare triple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} assume true; {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} is VALID [2021-09-13 23:48:01,320 INFO L276 TraceCheckUtils]: 24: Hoare quadruple {4516#(exists ((v_probe3_6_~a.base_BEFORE_CALL_2 (_ BitVec 32))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_2)))))))} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #466#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,320 INFO L281 TraceCheckUtils]: 25: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~ret~0 := #t~ret42;havoc #t~ret42; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,320 INFO L281 TraceCheckUtils]: 26: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !~bvslt32(~ret~0, 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,321 INFO L281 TraceCheckUtils]: 27: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !(1bv1 == #valid[~a.base]); {4462#false} is VALID [2021-09-13 23:48:01,321 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:01,321 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:01,623 INFO L281 TraceCheckUtils]: 27: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !(1bv1 == #valid[~a.base]); {4462#false} is VALID [2021-09-13 23:48:01,623 INFO L281 TraceCheckUtils]: 26: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !~bvslt32(~ret~0, 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,623 INFO L281 TraceCheckUtils]: 25: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~ret~0 := #t~ret42;havoc #t~ret42; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,624 INFO L276 TraceCheckUtils]: 24: Hoare quadruple {4461#true} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #466#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,624 INFO L281 TraceCheckUtils]: 23: Hoare triple {4461#true} assume true; {4461#true} is VALID [2021-09-13 23:48:01,624 INFO L281 TraceCheckUtils]: 22: Hoare triple {4461#true} #res := #t~nondet39;havoc #t~nondet39; {4461#true} is VALID [2021-09-13 23:48:01,624 INFO L264 TraceCheckUtils]: 21: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret42 := g6(); {4461#true} is VALID [2021-09-13 23:48:01,628 INFO L281 TraceCheckUtils]: 20: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !~bvslt32(~ret~0, 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,628 INFO L281 TraceCheckUtils]: 19: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~ret~0 := #t~ret41;havoc #t~ret41; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,629 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4461#true} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #464#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,629 INFO L281 TraceCheckUtils]: 17: Hoare triple {4461#true} assume true; {4461#true} is VALID [2021-09-13 23:48:01,629 INFO L281 TraceCheckUtils]: 16: Hoare triple {4461#true} #res := #t~nondet38;havoc #t~nondet38; {4461#true} is VALID [2021-09-13 23:48:01,629 INFO L264 TraceCheckUtils]: 15: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret41 := f6(); {4461#true} is VALID [2021-09-13 23:48:01,629 INFO L281 TraceCheckUtils]: 14: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,629 INFO L281 TraceCheckUtils]: 13: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,630 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} #462#return; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,631 INFO L281 TraceCheckUtils]: 11: Hoare triple {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} assume true; {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} is VALID [2021-09-13 23:48:01,632 INFO L281 TraceCheckUtils]: 10: Hoare triple {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} is VALID [2021-09-13 23:48:01,632 INFO L281 TraceCheckUtils]: 9: Hoare triple {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} ~size := #in~size; {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} is VALID [2021-09-13 23:48:01,632 INFO L264 TraceCheckUtils]: 8: Hoare triple {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {4601#(forall ((v_probe3_6_~a.base_BEFORE_CALL_6 (_ BitVec 32))) (or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (select |#valid| v_probe3_6_~a.base_BEFORE_CALL_6))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| v_probe3_6_~a.base_BEFORE_CALL_6)))) (_ bv1 1))))))} is VALID [2021-09-13 23:48:01,633 INFO L281 TraceCheckUtils]: 7: Hoare triple {4485#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| |probe3_6_#in~a.base|))) (_ bv1 1)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {4489#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| probe3_6_~a.base))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,633 INFO L264 TraceCheckUtils]: 6: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {4485#(= (_ bv0 1) (bvadd (bvneg (bvneg (select |#valid| |probe3_6_#in~a.base|))) (_ bv1 1)))} is VALID [2021-09-13 23:48:01,634 INFO L264 TraceCheckUtils]: 5: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,637 INFO L264 TraceCheckUtils]: 4: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,637 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {4461#true} #506#return; {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,637 INFO L281 TraceCheckUtils]: 2: Hoare triple {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,639 INFO L281 TraceCheckUtils]: 1: Hoare triple {4461#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {4469#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:01,639 INFO L264 TraceCheckUtils]: 0: Hoare triple {4461#true} call ULTIMATE.init(); {4461#true} is VALID [2021-09-13 23:48:01,639 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:01,639 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:01,639 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [582269805] [2021-09-13 23:48:01,639 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [582269805] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:48:01,639 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:01,639 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7, 5] imperfect sequences [] total 8 [2021-09-13 23:48:01,639 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [134088895] [2021-09-13 23:48:01,640 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 28 [2021-09-13 23:48:01,640 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:48:01,640 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2021-09-13 23:48:01,671 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 41 edges. 41 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:01,671 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2021-09-13 23:48:01,671 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:48:01,671 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2021-09-13 23:48:01,671 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2021-09-13 23:48:01,672 INFO L87 Difference]: Start difference. First operand 64 states and 66 transitions. Second operand has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2021-09-13 23:48:02,009 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:02,010 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2021-09-13 23:48:02,010 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2021-09-13 23:48:02,010 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 28 [2021-09-13 23:48:02,010 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:48:02,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2021-09-13 23:48:02,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 62 transitions. [2021-09-13 23:48:02,011 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2021-09-13 23:48:02,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 62 transitions. [2021-09-13 23:48:02,012 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 62 transitions. [2021-09-13 23:48:02,063 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 62 edges. 62 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:02,063 INFO L225 Difference]: With dead ends: 63 [2021-09-13 23:48:02,063 INFO L226 Difference]: Without dead ends: 63 [2021-09-13 23:48:02,064 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 60 GetRequests, 37 SyntacticMatches, 12 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 167.65ms TimeCoverageRelationStatistics Valid=47, Invalid=109, Unknown=0, NotChecked=0, Total=156 [2021-09-13 23:48:02,064 INFO L928 BasicCegarLoop]: 12 mSDtfsCounter, 16 mSDsluCounter, 145 mSDsCounter, 0 mSdLazyCounter, 159 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 124.29ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 27 SdHoareTripleChecker+Invalid, 219 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 1.22ms SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 159 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 57 IncrementalHoareTripleChecker+Unchecked, 125.18ms IncrementalHoareTripleChecker+Time [2021-09-13 23:48:02,064 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [16 Valid, 27 Invalid, 219 Unknown, 0 Unchecked, 1.22ms Time], IncrementalHoareTripleChecker [3 Valid, 159 Invalid, 0 Unknown, 57 Unchecked, 125.18ms Time] [2021-09-13 23:48:02,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2021-09-13 23:48:02,066 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2021-09-13 23:48:02,066 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:48:02,066 INFO L82 GeneralOperation]: Start isEquivalent. First operand 63 states. Second operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:02,066 INFO L74 IsIncluded]: Start isIncluded. First operand 63 states. Second operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:02,067 INFO L87 Difference]: Start difference. First operand 63 states. Second operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:02,068 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:02,068 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2021-09-13 23:48:02,068 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2021-09-13 23:48:02,068 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:02,068 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:02,068 INFO L74 IsIncluded]: Start isIncluded. First operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 63 states. [2021-09-13 23:48:02,069 INFO L87 Difference]: Start difference. First operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 63 states. [2021-09-13 23:48:02,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:02,070 INFO L93 Difference]: Finished difference Result 63 states and 65 transitions. [2021-09-13 23:48:02,070 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2021-09-13 23:48:02,070 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:02,070 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:02,070 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:48:02,070 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:48:02,071 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 38 states have (on average 1.2894736842105263) internal successors, (49), 47 states have internal predecessors, (49), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:02,071 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 65 transitions. [2021-09-13 23:48:02,072 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 65 transitions. Word has length 28 [2021-09-13 23:48:02,072 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:48:02,072 INFO L470 AbstractCegarLoop]: Abstraction has 63 states and 65 transitions. [2021-09-13 23:48:02,072 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 3.0) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2021-09-13 23:48:02,072 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 65 transitions. [2021-09-13 23:48:02,072 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2021-09-13 23:48:02,072 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:48:02,073 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:48:02,080 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:02,279 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:48:02,279 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting probe3_6Err1REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:48:02,280 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:48:02,280 INFO L82 PathProgramCache]: Analyzing trace with hash 1514319563, now seen corresponding path program 1 times [2021-09-13 23:48:02,280 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:48:02,280 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1691920049] [2021-09-13 23:48:02,280 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:02,280 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:48:02,281 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:48:02,281 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:48:02,282 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Waiting until timeout for monitored process [2021-09-13 23:48:02,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:02,373 INFO L263 TraceCheckSpWp]: Trace formula consists of 116 conjuncts, 18 conjunts are in the unsatisfiable core [2021-09-13 23:48:02,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:02,385 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:02,414 INFO L354 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2021-09-13 23:48:02,414 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 15 [2021-09-13 23:48:06,648 INFO L354 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2021-09-13 23:48:06,648 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2021-09-13 23:48:06,852 INFO L264 TraceCheckUtils]: 0: Hoare triple {4898#true} call ULTIMATE.init(); {4898#true} is VALID [2021-09-13 23:48:06,854 INFO L281 TraceCheckUtils]: 1: Hoare triple {4898#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:06,855 INFO L281 TraceCheckUtils]: 2: Hoare triple {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume true; {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:06,855 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} {4898#true} #506#return; {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:06,856 INFO L264 TraceCheckUtils]: 4: Hoare triple {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call main(); {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:06,856 INFO L264 TraceCheckUtils]: 5: Hoare triple {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call entry_point(); {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:06,857 INFO L264 TraceCheckUtils]: 6: Hoare triple {4906#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {4922#(and (= |probe3_6_#in~a.offset| (_ bv0 32)) (= (select |#length| |probe3_6_#in~a.base|) (_ bv4 32)))} is VALID [2021-09-13 23:48:06,857 INFO L281 TraceCheckUtils]: 7: Hoare triple {4922#(and (= |probe3_6_#in~a.offset| (_ bv0 32)) (= (select |#length| |probe3_6_#in~a.base|) (_ bv4 32)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,857 INFO L264 TraceCheckUtils]: 8: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {4930#(= |#length| |old(#length)|)} is VALID [2021-09-13 23:48:06,858 INFO L281 TraceCheckUtils]: 9: Hoare triple {4930#(= |#length| |old(#length)|)} ~size := #in~size; {4934#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:48:06,859 INFO L281 TraceCheckUtils]: 10: Hoare triple {4934#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4938#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2021-09-13 23:48:06,859 INFO L281 TraceCheckUtils]: 11: Hoare triple {4938#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} assume true; {4938#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2021-09-13 23:48:06,861 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {4938#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} #462#return; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,861 INFO L281 TraceCheckUtils]: 13: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,861 INFO L281 TraceCheckUtils]: 14: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,862 INFO L264 TraceCheckUtils]: 15: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} call #t~ret41 := f6(); {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,862 INFO L281 TraceCheckUtils]: 16: Hoare triple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} #res := #t~nondet38;havoc #t~nondet38; {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,863 INFO L281 TraceCheckUtils]: 17: Hoare triple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} assume true; {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,863 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} #464#return; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,863 INFO L281 TraceCheckUtils]: 19: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} ~ret~0 := #t~ret41;havoc #t~ret41; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,864 INFO L281 TraceCheckUtils]: 20: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} assume !~bvslt32(~ret~0, 0bv32); {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,864 INFO L264 TraceCheckUtils]: 21: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} call #t~ret42 := g6(); {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,865 INFO L281 TraceCheckUtils]: 22: Hoare triple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} #res := #t~nondet39;havoc #t~nondet39; {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,865 INFO L281 TraceCheckUtils]: 23: Hoare triple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} assume true; {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} is VALID [2021-09-13 23:48:06,866 INFO L276 TraceCheckUtils]: 24: Hoare quadruple {4954#(exists ((v_probe3_6_~a.base_BEFORE_CALL_8 (_ BitVec 32))) (= (_ bv4 32) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_8)))} {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} #466#return; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,866 INFO L281 TraceCheckUtils]: 25: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} ~ret~0 := #t~ret42;havoc #t~ret42; {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,866 INFO L281 TraceCheckUtils]: 26: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} assume !~bvslt32(~ret~0, 0bv32); {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} is VALID [2021-09-13 23:48:06,867 INFO L281 TraceCheckUtils]: 27: Hoare triple {4926#(and (= (_ bv4 32) (select |#length| probe3_6_~a.base)) (= probe3_6_~a.offset (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, ~a.offset), #length[~a.base]) && ~bvule32(~a.offset, ~bvadd32(4bv32, ~a.offset))) && ~bvule32(0bv32, ~a.offset)); {4899#false} is VALID [2021-09-13 23:48:06,867 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:06,867 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:08,210 INFO L281 TraceCheckUtils]: 27: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} assume !((~bvule32(~bvadd32(4bv32, ~a.offset), #length[~a.base]) && ~bvule32(~a.offset, ~bvadd32(4bv32, ~a.offset))) && ~bvule32(0bv32, ~a.offset)); {4899#false} is VALID [2021-09-13 23:48:08,210 INFO L281 TraceCheckUtils]: 26: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} assume !~bvslt32(~ret~0, 0bv32); {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,210 INFO L281 TraceCheckUtils]: 25: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} ~ret~0 := #t~ret42;havoc #t~ret42; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,211 INFO L276 TraceCheckUtils]: 24: Hoare quadruple {4898#true} {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} #466#return; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,211 INFO L281 TraceCheckUtils]: 23: Hoare triple {4898#true} assume true; {4898#true} is VALID [2021-09-13 23:48:08,211 INFO L281 TraceCheckUtils]: 22: Hoare triple {4898#true} #res := #t~nondet39;havoc #t~nondet39; {4898#true} is VALID [2021-09-13 23:48:08,211 INFO L264 TraceCheckUtils]: 21: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} call #t~ret42 := g6(); {4898#true} is VALID [2021-09-13 23:48:08,212 INFO L281 TraceCheckUtils]: 20: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} assume !~bvslt32(~ret~0, 0bv32); {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,212 INFO L281 TraceCheckUtils]: 19: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} ~ret~0 := #t~ret41;havoc #t~ret41; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,212 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {4898#true} {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} #464#return; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,212 INFO L281 TraceCheckUtils]: 17: Hoare triple {4898#true} assume true; {4898#true} is VALID [2021-09-13 23:48:08,213 INFO L281 TraceCheckUtils]: 16: Hoare triple {4898#true} #res := #t~nondet38;havoc #t~nondet38; {4898#true} is VALID [2021-09-13 23:48:08,213 INFO L264 TraceCheckUtils]: 15: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} call #t~ret41 := f6(); {4898#true} is VALID [2021-09-13 23:48:08,213 INFO L281 TraceCheckUtils]: 14: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,213 INFO L281 TraceCheckUtils]: 13: Hoare triple {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,272 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} {5037#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) probe3_6_~a.base))))} #462#return; {4991#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select |#length| probe3_6_~a.base)))} is VALID [2021-09-13 23:48:08,273 INFO L281 TraceCheckUtils]: 11: Hoare triple {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} assume true; {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} is VALID [2021-09-13 23:48:08,389 INFO L281 TraceCheckUtils]: 10: Hoare triple {5048#(or (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (|v_ldv_malloc_#res.base_54| (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |#length| |v_ldv_malloc_#res.base_54| ldv_malloc_~size) v_probe3_6_~a.base_BEFORE_CALL_12)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} is VALID [2021-09-13 23:48:08,400 INFO L281 TraceCheckUtils]: 9: Hoare triple {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} ~size := #in~size; {5048#(or (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (|v_ldv_malloc_#res.base_54| (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |#length| |v_ldv_malloc_#res.base_54| ldv_malloc_~size) v_probe3_6_~a.base_BEFORE_CALL_12)))))} is VALID [2021-09-13 23:48:08,412 INFO L264 TraceCheckUtils]: 8: Hoare triple {5037#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) probe3_6_~a.base))))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {5041#(or (forall ((v_probe3_6_~a.offset_BEFORE_CALL_6 (_ BitVec 32)) (v_probe3_6_~a.base_BEFORE_CALL_12 (_ BitVec 32))) (or (exists ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (not (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select (store |old(#length)| |v_ldv_malloc_#res.base_53| (_ bv4 32)) v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (bvule v_probe3_6_~a.offset_BEFORE_CALL_6 (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6))) (bvule (bvadd (_ bv4 32) v_probe3_6_~a.offset_BEFORE_CALL_6) (select |#length| v_probe3_6_~a.base_BEFORE_CALL_12)))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)))} is VALID [2021-09-13 23:48:08,413 INFO L281 TraceCheckUtils]: 7: Hoare triple {5055#(and (bvule |probe3_6_#in~a.offset| (bvadd (_ bv4 32) |probe3_6_#in~a.offset|)) (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd (_ bv4 32) |probe3_6_#in~a.offset|) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |probe3_6_#in~a.base|))))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {5037#(and (bvule probe3_6_~a.offset (bvadd (_ bv4 32) probe3_6_~a.offset)) (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd (_ bv4 32) probe3_6_~a.offset) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) probe3_6_~a.base))))} is VALID [2021-09-13 23:48:08,413 INFO L264 TraceCheckUtils]: 6: Hoare triple {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {5055#(and (bvule |probe3_6_#in~a.offset| (bvadd (_ bv4 32) |probe3_6_#in~a.offset|)) (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd (_ bv4 32) |probe3_6_#in~a.offset|) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |probe3_6_#in~a.base|))))} is VALID [2021-09-13 23:48:08,414 INFO L264 TraceCheckUtils]: 5: Hoare triple {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} call entry_point(); {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} is VALID [2021-09-13 23:48:08,414 INFO L264 TraceCheckUtils]: 4: Hoare triple {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} call main(); {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} is VALID [2021-09-13 23:48:08,414 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} {4898#true} #506#return; {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} is VALID [2021-09-13 23:48:08,415 INFO L281 TraceCheckUtils]: 2: Hoare triple {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} assume true; {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} is VALID [2021-09-13 23:48:08,417 INFO L281 TraceCheckUtils]: 1: Hoare triple {4898#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {5059#(and (forall ((|v_ldv_malloc_#res.base_53| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_53| (_ bv4 32)) |~#a6~0.base|))) (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))))} is VALID [2021-09-13 23:48:08,417 INFO L264 TraceCheckUtils]: 0: Hoare triple {4898#true} call ULTIMATE.init(); {4898#true} is VALID [2021-09-13 23:48:08,417 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:08,417 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:08,417 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1691920049] [2021-09-13 23:48:08,417 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1691920049] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:48:08,417 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:08,417 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8, 7] imperfect sequences [] total 14 [2021-09-13 23:48:08,417 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [156365199] [2021-09-13 23:48:08,418 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 28 [2021-09-13 23:48:08,418 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:48:08,418 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2021-09-13 23:48:08,697 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 55 edges. 55 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:08,697 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2021-09-13 23:48:08,697 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:48:08,698 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2021-09-13 23:48:08,698 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=167, Unknown=2, NotChecked=0, Total=210 [2021-09-13 23:48:08,698 INFO L87 Difference]: Start difference. First operand 63 states and 65 transitions. Second operand has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2021-09-13 23:48:09,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:09,310 INFO L93 Difference]: Finished difference Result 62 states and 64 transitions. [2021-09-13 23:48:09,310 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2021-09-13 23:48:09,311 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 28 [2021-09-13 23:48:09,311 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:48:09,311 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2021-09-13 23:48:09,312 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 61 transitions. [2021-09-13 23:48:09,312 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2021-09-13 23:48:09,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 61 transitions. [2021-09-13 23:48:09,313 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 61 transitions. [2021-09-13 23:48:09,367 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 61 edges. 61 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:09,367 INFO L225 Difference]: With dead ends: 62 [2021-09-13 23:48:09,367 INFO L226 Difference]: Without dead ends: 62 [2021-09-13 23:48:09,368 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 59 GetRequests, 37 SyntacticMatches, 5 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 56 ImplicationChecksByTransitivity, 5007.89ms TimeCoverageRelationStatistics Valid=74, Invalid=266, Unknown=2, NotChecked=0, Total=342 [2021-09-13 23:48:09,368 INFO L928 BasicCegarLoop]: 12 mSDtfsCounter, 37 mSDsluCounter, 223 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 230.70ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 29 SdHoareTripleChecker+Invalid, 471 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.38ms SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 261 IncrementalHoareTripleChecker+Unchecked, 232.40ms IncrementalHoareTripleChecker+Time [2021-09-13 23:48:09,368 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 29 Invalid, 471 Unknown, 0 Unchecked, 2.38ms Time], IncrementalHoareTripleChecker [8 Valid, 202 Invalid, 0 Unknown, 261 Unchecked, 232.40ms Time] [2021-09-13 23:48:09,369 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2021-09-13 23:48:09,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2021-09-13 23:48:09,370 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:48:09,370 INFO L82 GeneralOperation]: Start isEquivalent. First operand 62 states. Second operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:09,370 INFO L74 IsIncluded]: Start isIncluded. First operand 62 states. Second operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:09,370 INFO L87 Difference]: Start difference. First operand 62 states. Second operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:09,372 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:09,372 INFO L93 Difference]: Finished difference Result 62 states and 64 transitions. [2021-09-13 23:48:09,372 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 64 transitions. [2021-09-13 23:48:09,372 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:09,372 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:09,373 INFO L74 IsIncluded]: Start isIncluded. First operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 62 states. [2021-09-13 23:48:09,373 INFO L87 Difference]: Start difference. First operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 62 states. [2021-09-13 23:48:09,374 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:09,375 INFO L93 Difference]: Finished difference Result 62 states and 64 transitions. [2021-09-13 23:48:09,375 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 64 transitions. [2021-09-13 23:48:09,375 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:09,376 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:09,376 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:48:09,376 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:48:09,376 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 38 states have (on average 1.263157894736842) internal successors, (48), 46 states have internal predecessors, (48), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:09,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 64 transitions. [2021-09-13 23:48:09,377 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 64 transitions. Word has length 28 [2021-09-13 23:48:09,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:48:09,377 INFO L470 AbstractCegarLoop]: Abstraction has 62 states and 64 transitions. [2021-09-13 23:48:09,377 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 13 states have (on average 2.6153846153846154) internal successors, (34), 12 states have internal predecessors, (34), 6 states have call successors, (13), 8 states have call predecessors, (13), 6 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2021-09-13 23:48:09,377 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 64 transitions. [2021-09-13 23:48:09,377 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2021-09-13 23:48:09,378 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:48:09,378 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:48:09,384 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:09,582 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:48:09,582 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting entry_pointErr0REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:48:09,583 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:48:09,583 INFO L82 PathProgramCache]: Analyzing trace with hash -1727877462, now seen corresponding path program 1 times [2021-09-13 23:48:09,583 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:48:09,583 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1753214937] [2021-09-13 23:48:09,583 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:09,583 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:48:09,583 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:48:09,584 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:48:09,585 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2021-09-13 23:48:09,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:09,675 INFO L263 TraceCheckSpWp]: Trace formula consists of 117 conjuncts, 15 conjunts are in the unsatisfiable core [2021-09-13 23:48:09,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:09,689 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:09,720 INFO L354 Elim1Store]: treesize reduction 34, result has 38.2 percent of original size [2021-09-13 23:48:09,720 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 12 treesize of output 26 [2021-09-13 23:48:09,801 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2021-09-13 23:48:09,924 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 17 [2021-09-13 23:48:10,099 INFO L354 Elim1Store]: treesize reduction 20, result has 28.6 percent of original size [2021-09-13 23:48:10,099 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 27 treesize of output 30 [2021-09-13 23:48:10,151 INFO L264 TraceCheckUtils]: 0: Hoare triple {5336#true} call ULTIMATE.init(); {5336#true} is VALID [2021-09-13 23:48:10,153 INFO L281 TraceCheckUtils]: 1: Hoare triple {5336#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,154 INFO L281 TraceCheckUtils]: 2: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,154 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {5336#true} #506#return; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,155 INFO L264 TraceCheckUtils]: 4: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,155 INFO L264 TraceCheckUtils]: 5: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,156 INFO L264 TraceCheckUtils]: 6: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {5360#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:10,156 INFO L281 TraceCheckUtils]: 7: Hoare triple {5360#(= |old(#valid)| |#valid|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {5360#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:10,156 INFO L264 TraceCheckUtils]: 8: Hoare triple {5360#(= |old(#valid)| |#valid|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {5360#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:10,157 INFO L281 TraceCheckUtils]: 9: Hoare triple {5360#(= |old(#valid)| |#valid|)} ~size := #in~size; {5360#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:10,157 INFO L281 TraceCheckUtils]: 10: Hoare triple {5360#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5373#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:10,157 INFO L281 TraceCheckUtils]: 11: Hoare triple {5373#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} assume true; {5373#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:10,158 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {5373#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} {5360#(= |old(#valid)| |#valid|)} #462#return; {5380#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} is VALID [2021-09-13 23:48:10,159 INFO L281 TraceCheckUtils]: 13: Hoare triple {5380#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,159 INFO L281 TraceCheckUtils]: 14: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,160 INFO L264 TraceCheckUtils]: 15: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} call #t~ret41 := f6(); {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} is VALID [2021-09-13 23:48:10,160 INFO L281 TraceCheckUtils]: 16: Hoare triple {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} #res := #t~nondet38;havoc #t~nondet38; {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} is VALID [2021-09-13 23:48:10,161 INFO L281 TraceCheckUtils]: 17: Hoare triple {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} assume true; {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} is VALID [2021-09-13 23:48:10,161 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {5391#(exists ((v_probe3_6_~p~0.base_BEFORE_CALL_5 (_ BitVec 32))) (= (_ bv0 1) (bvadd (bvneg (select |#valid| v_probe3_6_~p~0.base_BEFORE_CALL_5)) (_ bv1 1))))} {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} #464#return; {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,161 INFO L281 TraceCheckUtils]: 19: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} ~ret~0 := #t~ret41;havoc #t~ret41; {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,162 INFO L281 TraceCheckUtils]: 20: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvslt32(~ret~0, 0bv32); {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,162 INFO L281 TraceCheckUtils]: 21: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.offset; {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,163 INFO L281 TraceCheckUtils]: 22: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:10,164 INFO L281 TraceCheckUtils]: 23: Hoare triple {5384#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {5416#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:10,164 INFO L281 TraceCheckUtils]: 24: Hoare triple {5416#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {5416#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:10,165 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {5416#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} #494#return; {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} is VALID [2021-09-13 23:48:10,166 INFO L281 TraceCheckUtils]: 26: Hoare triple {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} ~ret~1 := #t~ret44;havoc #t~ret44; {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} is VALID [2021-09-13 23:48:10,166 INFO L281 TraceCheckUtils]: 27: Hoare triple {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} assume !(0bv32 == ~ret~1); {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} is VALID [2021-09-13 23:48:10,167 INFO L281 TraceCheckUtils]: 28: Hoare triple {5423#(and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (exists ((probe3_6_~p~0.base (_ BitVec 32))) (= (_ bv0 1) (select |#valid| probe3_6_~p~0.base))))} assume !(1bv1 == #valid[~#a6~0.base]); {5337#false} is VALID [2021-09-13 23:48:10,167 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:10,167 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:10,629 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 7 [2021-09-13 23:48:10,785 INFO L281 TraceCheckUtils]: 28: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(1bv1 == #valid[~#a6~0.base]); {5337#false} is VALID [2021-09-13 23:48:10,785 INFO L281 TraceCheckUtils]: 27: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,786 INFO L281 TraceCheckUtils]: 26: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,786 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} #494#return; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,787 INFO L281 TraceCheckUtils]: 24: Hoare triple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume true; {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,787 INFO L281 TraceCheckUtils]: 23: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,787 INFO L281 TraceCheckUtils]: 22: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,788 INFO L281 TraceCheckUtils]: 21: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} assume 0bv32 == ~p~0.offset; {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,788 INFO L281 TraceCheckUtils]: 20: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} assume ~bvslt32(~ret~0, 0bv32); {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,788 INFO L281 TraceCheckUtils]: 19: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} ~ret~0 := #t~ret41;havoc #t~ret41; {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,789 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {5336#true} {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} #464#return; {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,789 INFO L281 TraceCheckUtils]: 17: Hoare triple {5336#true} assume true; {5336#true} is VALID [2021-09-13 23:48:10,789 INFO L281 TraceCheckUtils]: 16: Hoare triple {5336#true} #res := #t~nondet38;havoc #t~nondet38; {5336#true} is VALID [2021-09-13 23:48:10,789 INFO L264 TraceCheckUtils]: 15: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} call #t~ret41 := f6(); {5336#true} is VALID [2021-09-13 23:48:10,789 INFO L281 TraceCheckUtils]: 14: Hoare triple {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,790 INFO L281 TraceCheckUtils]: 13: Hoare triple {5483#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |probe3_6_#t~ret40.base| (_ bv0 1)) |~#a6~0.base|)))))))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {5452#(or (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (select (store |#valid| probe3_6_~p~0.base (_ bv0 1)) |~#a6~0.base|)))))))} is VALID [2021-09-13 23:48:10,790 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {5490#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |ldv_malloc_#res.base| (_ bv0 1)) |~#a6~0.base|))))))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| |~#a6~0.base|)))) (_ bv1 1)))))} {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} #462#return; {5483#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |probe3_6_#t~ret40.base| (_ bv0 1)) |~#a6~0.base|)))))))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,791 INFO L281 TraceCheckUtils]: 11: Hoare triple {5490#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |ldv_malloc_#res.base| (_ bv0 1)) |~#a6~0.base|))))))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| |~#a6~0.base|)))) (_ bv1 1)))))} assume true; {5490#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |ldv_malloc_#res.base| (_ bv0 1)) |~#a6~0.base|))))))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| |~#a6~0.base|)))) (_ bv1 1)))))} is VALID [2021-09-13 23:48:10,792 INFO L281 TraceCheckUtils]: 10: Hoare triple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5490#(or (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select (store |#valid| |ldv_malloc_#res.base| (_ bv0 1)) |~#a6~0.base|))))))))) (not (= (_ bv0 1) (bvadd (bvneg (bvneg (bvneg (select |old(#valid)| |~#a6~0.base|)))) (_ bv1 1)))))} is VALID [2021-09-13 23:48:10,792 INFO L281 TraceCheckUtils]: 9: Hoare triple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~size := #in~size; {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,793 INFO L264 TraceCheckUtils]: 8: Hoare triple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,793 INFO L281 TraceCheckUtils]: 7: Hoare triple {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,793 INFO L264 TraceCheckUtils]: 6: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {5445#(or (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (not (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|))))))} is VALID [2021-09-13 23:48:10,794 INFO L264 TraceCheckUtils]: 5: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call entry_point(); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,794 INFO L264 TraceCheckUtils]: 4: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} call main(); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,794 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} {5336#true} #506#return; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,795 INFO L281 TraceCheckUtils]: 2: Hoare triple {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} assume true; {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,796 INFO L281 TraceCheckUtils]: 1: Hoare triple {5336#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {5344#(= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:10,796 INFO L264 TraceCheckUtils]: 0: Hoare triple {5336#true} call ULTIMATE.init(); {5336#true} is VALID [2021-09-13 23:48:10,796 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:10,797 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:10,797 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1753214937] [2021-09-13 23:48:10,797 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1753214937] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:48:10,797 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:10,797 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9, 6] imperfect sequences [] total 13 [2021-09-13 23:48:10,797 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1223675843] [2021-09-13 23:48:10,797 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) Word has length 29 [2021-09-13 23:48:10,798 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:48:10,798 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2021-09-13 23:48:10,837 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 52 edges. 52 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:10,838 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2021-09-13 23:48:10,838 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:48:10,838 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2021-09-13 23:48:10,838 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=137, Unknown=0, NotChecked=0, Total=182 [2021-09-13 23:48:10,838 INFO L87 Difference]: Start difference. First operand 62 states and 64 transitions. Second operand has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2021-09-13 23:48:25,521 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:25,521 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2021-09-13 23:48:25,521 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2021-09-13 23:48:25,521 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) Word has length 29 [2021-09-13 23:48:25,522 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:48:25,522 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2021-09-13 23:48:25,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 70 transitions. [2021-09-13 23:48:25,523 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2021-09-13 23:48:25,524 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 70 transitions. [2021-09-13 23:48:25,524 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states and 70 transitions. [2021-09-13 23:48:25,591 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 70 edges. 70 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:25,592 INFO L225 Difference]: With dead ends: 64 [2021-09-13 23:48:25,592 INFO L226 Difference]: Without dead ends: 64 [2021-09-13 23:48:25,593 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 67 GetRequests, 41 SyntacticMatches, 7 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 14353.78ms TimeCoverageRelationStatistics Valid=92, Invalid=321, Unknown=7, NotChecked=0, Total=420 [2021-09-13 23:48:25,593 INFO L928 BasicCegarLoop]: 11 mSDtfsCounter, 75 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 207 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 235.27ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 18 SdHoareTripleChecker+Invalid, 352 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 2.62ms SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 207 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 115 IncrementalHoareTripleChecker+Unchecked, 237.41ms IncrementalHoareTripleChecker+Time [2021-09-13 23:48:25,593 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [75 Valid, 18 Invalid, 352 Unknown, 0 Unchecked, 2.62ms Time], IncrementalHoareTripleChecker [30 Valid, 207 Invalid, 0 Unknown, 115 Unchecked, 237.41ms Time] [2021-09-13 23:48:25,593 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2021-09-13 23:48:25,594 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 63. [2021-09-13 23:48:25,594 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:48:25,595 INFO L82 GeneralOperation]: Start isEquivalent. First operand 64 states. Second operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:25,595 INFO L74 IsIncluded]: Start isIncluded. First operand 64 states. Second operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:25,595 INFO L87 Difference]: Start difference. First operand 64 states. Second operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:25,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:25,596 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2021-09-13 23:48:25,596 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 68 transitions. [2021-09-13 23:48:25,596 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:25,596 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:25,596 INFO L74 IsIncluded]: Start isIncluded. First operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 64 states. [2021-09-13 23:48:25,596 INFO L87 Difference]: Start difference. First operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) Second operand 64 states. [2021-09-13 23:48:25,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:25,597 INFO L93 Difference]: Finished difference Result 64 states and 68 transitions. [2021-09-13 23:48:25,597 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 68 transitions. [2021-09-13 23:48:25,597 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:25,598 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:25,598 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:48:25,598 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:48:25,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 39 states have (on average 1.2820512820512822) internal successors, (50), 46 states have internal predecessors, (50), 8 states have call successors, (8), 8 states have call predecessors, (8), 8 states have return successors, (8), 8 states have call predecessors, (8), 7 states have call successors, (8) [2021-09-13 23:48:25,598 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 66 transitions. [2021-09-13 23:48:25,599 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 66 transitions. Word has length 29 [2021-09-13 23:48:25,599 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:48:25,599 INFO L470 AbstractCegarLoop]: Abstraction has 63 states and 66 transitions. [2021-09-13 23:48:25,599 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 2.769230769230769) internal successors, (36), 12 states have internal predecessors, (36), 6 states have call successors, (9), 5 states have call predecessors, (9), 7 states have return successors, (7), 6 states have call predecessors, (7), 6 states have call successors, (7) [2021-09-13 23:48:25,599 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 66 transitions. [2021-09-13 23:48:25,599 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2021-09-13 23:48:25,599 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:48:25,599 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:48:25,609 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:25,807 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:48:25,807 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting entry_pointErr1REQUIRES_VIOLATION === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:48:25,808 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:48:25,808 INFO L82 PathProgramCache]: Analyzing trace with hash -1727877461, now seen corresponding path program 1 times [2021-09-13 23:48:25,808 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:48:25,808 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [285475224] [2021-09-13 23:48:25,808 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:25,808 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:48:25,808 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:48:25,809 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:48:25,809 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2021-09-13 23:48:25,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:25,904 INFO L263 TraceCheckSpWp]: Trace formula consists of 117 conjuncts, 14 conjunts are in the unsatisfiable core [2021-09-13 23:48:25,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:25,914 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:25,933 INFO L354 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2021-09-13 23:48:25,934 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 1 case distinctions, treesize of input 9 treesize of output 15 [2021-09-13 23:48:26,002 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2021-09-13 23:48:30,191 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2021-09-13 23:48:30,362 INFO L354 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2021-09-13 23:48:30,362 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2021-09-13 23:48:30,400 INFO L264 TraceCheckUtils]: 0: Hoare triple {5795#true} call ULTIMATE.init(); {5795#true} is VALID [2021-09-13 23:48:30,402 INFO L281 TraceCheckUtils]: 1: Hoare triple {5795#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,402 INFO L281 TraceCheckUtils]: 2: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume true; {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,403 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} {5795#true} #506#return; {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,403 INFO L264 TraceCheckUtils]: 4: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call main(); {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,403 INFO L264 TraceCheckUtils]: 5: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call entry_point(); {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,404 INFO L264 TraceCheckUtils]: 6: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:48:30,404 INFO L281 TraceCheckUtils]: 7: Hoare triple {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:48:30,405 INFO L264 TraceCheckUtils]: 8: Hoare triple {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:48:30,405 INFO L281 TraceCheckUtils]: 9: Hoare triple {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} ~size := #in~size; {5829#(and (= |~#a6~0.offset| (_ bv0 32)) (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} is VALID [2021-09-13 23:48:30,406 INFO L281 TraceCheckUtils]: 10: Hoare triple {5829#(and (= |~#a6~0.offset| (_ bv0 32)) (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5833#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|)))} is VALID [2021-09-13 23:48:30,406 INFO L281 TraceCheckUtils]: 11: Hoare triple {5833#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|)))} assume true; {5833#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|)))} is VALID [2021-09-13 23:48:30,407 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {5833#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|)))} {5819#(and (= |~#a6~0.offset| (_ bv0 32)) (= |#length| |old(#length)|))} #462#return; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,407 INFO L281 TraceCheckUtils]: 13: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,408 INFO L281 TraceCheckUtils]: 14: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,409 INFO L264 TraceCheckUtils]: 15: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} call #t~ret41 := f6(); {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} is VALID [2021-09-13 23:48:30,409 INFO L281 TraceCheckUtils]: 16: Hoare triple {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} #res := #t~nondet38;havoc #t~nondet38; {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} is VALID [2021-09-13 23:48:30,410 INFO L281 TraceCheckUtils]: 17: Hoare triple {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} assume true; {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} is VALID [2021-09-13 23:48:30,410 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {5850#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (_ bv4 32) (select |#length| |ldv_malloc_#res.base|))))} {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} #464#return; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,411 INFO L281 TraceCheckUtils]: 19: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} ~ret~0 := #t~ret41;havoc #t~ret41; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,411 INFO L281 TraceCheckUtils]: 20: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume ~bvslt32(~ret~0, 0bv32); {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,411 INFO L281 TraceCheckUtils]: 21: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume 0bv32 == ~p~0.offset; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,412 INFO L281 TraceCheckUtils]: 22: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,412 INFO L281 TraceCheckUtils]: 23: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,413 INFO L281 TraceCheckUtils]: 24: Hoare triple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} assume true; {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} is VALID [2021-09-13 23:48:30,414 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {5840#(and (= |~#a6~0.offset| (_ bv0 32)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| (_ bv4 32)) |#length|)))} {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} #494#return; {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,414 INFO L281 TraceCheckUtils]: 26: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,414 INFO L281 TraceCheckUtils]: 27: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:30,415 INFO L281 TraceCheckUtils]: 28: Hoare triple {5803#(and (= |~#a6~0.offset| (_ bv0 32)) (= (_ bv4 32) (select |#length| |~#a6~0.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~#a6~0.offset), #length[~#a6~0.base]) && ~bvule32(~#a6~0.offset, ~bvadd32(4bv32, ~#a6~0.offset))) && ~bvule32(0bv32, ~#a6~0.offset)); {5796#false} is VALID [2021-09-13 23:48:30,415 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:30,415 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:31,903 INFO L281 TraceCheckUtils]: 28: Hoare triple {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~#a6~0.offset), #length[~#a6~0.base]) && ~bvule32(~#a6~0.offset, ~bvadd32(4bv32, ~#a6~0.offset))) && ~bvule32(0bv32, ~#a6~0.offset)); {5796#false} is VALID [2021-09-13 23:48:31,904 INFO L281 TraceCheckUtils]: 27: Hoare triple {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !(0bv32 == ~ret~1); {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,904 INFO L281 TraceCheckUtils]: 26: Hoare triple {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,906 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} #494#return; {5890#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,906 INFO L281 TraceCheckUtils]: 24: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume true; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,907 INFO L281 TraceCheckUtils]: 23: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,907 INFO L281 TraceCheckUtils]: 22: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,907 INFO L281 TraceCheckUtils]: 21: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume 0bv32 == ~p~0.offset; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,908 INFO L281 TraceCheckUtils]: 20: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume ~bvslt32(~ret~0, 0bv32); {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,908 INFO L281 TraceCheckUtils]: 19: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~ret~0 := #t~ret41;havoc #t~ret41; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,908 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {5795#true} {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} #464#return; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,908 INFO L281 TraceCheckUtils]: 17: Hoare triple {5795#true} assume true; {5795#true} is VALID [2021-09-13 23:48:31,909 INFO L281 TraceCheckUtils]: 16: Hoare triple {5795#true} #res := #t~nondet38;havoc #t~nondet38; {5795#true} is VALID [2021-09-13 23:48:31,909 INFO L264 TraceCheckUtils]: 15: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call #t~ret41 := f6(); {5795#true} is VALID [2021-09-13 23:48:31,909 INFO L281 TraceCheckUtils]: 14: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,909 INFO L281 TraceCheckUtils]: 13: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,927 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {5947#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} #462#return; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is UNKNOWN [2021-09-13 23:48:31,927 INFO L281 TraceCheckUtils]: 11: Hoare triple {5947#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} assume true; {5947#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,934 INFO L281 TraceCheckUtils]: 10: Hoare triple {5954#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (forall ((|v_ldv_malloc_#res.base_72| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_72| ldv_malloc_~size) |~#a6~0.base|))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5947#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:31,936 INFO L281 TraceCheckUtils]: 9: Hoare triple {5958#(or (forall ((|v_ldv_malloc_#res.base_72| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_72| |ldv_malloc_#in~size|) |~#a6~0.base|))) (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))))} ~size := #in~size; {5954#(or (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))) (forall ((|v_ldv_malloc_#res.base_72| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_72| ldv_malloc_~size) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:31,948 INFO L264 TraceCheckUtils]: 8: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {5958#(or (forall ((|v_ldv_malloc_#res.base_72| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_72| |ldv_malloc_#in~size|) |~#a6~0.base|))) (forall ((|v_old(#length)_BEFORE_CALL_6| (Array (_ BitVec 32) (_ BitVec 32)))) (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |v_old(#length)_BEFORE_CALL_6| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))) (not (= (_ bv4 32) |ldv_malloc_#in~size|)) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |old(#length)| |~#a6~0.base|))))} is VALID [2021-09-13 23:48:31,949 INFO L281 TraceCheckUtils]: 7: Hoare triple {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:32,001 INFO L264 TraceCheckUtils]: 6: Hoare triple {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {5904#(or (exists ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (not (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |old(#length)| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|)))) (not (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32)))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select |#length| |~#a6~0.base|)))} is VALID [2021-09-13 23:48:32,002 INFO L264 TraceCheckUtils]: 5: Hoare triple {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} call entry_point(); {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:32,002 INFO L264 TraceCheckUtils]: 4: Hoare triple {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} call main(); {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:32,002 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} {5795#true} #506#return; {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:32,003 INFO L281 TraceCheckUtils]: 2: Hoare triple {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} assume true; {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:32,005 INFO L281 TraceCheckUtils]: 1: Hoare triple {5795#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {5900#(and (bvule |~#a6~0.offset| (bvadd |~#a6~0.offset| (_ bv4 32))) (forall ((|v_ldv_malloc_#res.base_68| (_ BitVec 32))) (bvule (bvadd |~#a6~0.offset| (_ bv4 32)) (select (store |#length| |v_ldv_malloc_#res.base_68| (_ bv4 32)) |~#a6~0.base|))))} is VALID [2021-09-13 23:48:32,005 INFO L264 TraceCheckUtils]: 0: Hoare triple {5795#true} call ULTIMATE.init(); {5795#true} is VALID [2021-09-13 23:48:32,005 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:32,006 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:32,006 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [285475224] [2021-09-13 23:48:32,006 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleMathsat [285475224] provided 2 perfect and 0 imperfect interpolant sequences [2021-09-13 23:48:32,006 INFO L186 FreeRefinementEngine]: Constructing automaton from 2 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:32,006 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7, 7] imperfect sequences [] total 13 [2021-09-13 23:48:32,006 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [121831180] [2021-09-13 23:48:32,006 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) Word has length 29 [2021-09-13 23:48:32,007 INFO L84 Accepts]: Finished accepts. word is accepted. [2021-09-13 23:48:32,007 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) [2021-09-13 23:48:32,126 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 57 edges. 55 inductive. 0 not inductive. 2 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:32,126 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2021-09-13 23:48:32,126 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2021-09-13 23:48:32,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2021-09-13 23:48:32,127 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=55, Invalid=122, Unknown=5, NotChecked=0, Total=182 [2021-09-13 23:48:32,127 INFO L87 Difference]: Start difference. First operand 63 states and 66 transitions. Second operand has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) [2021-09-13 23:48:32,321 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:32,321 INFO L93 Difference]: Finished difference Result 73 states and 76 transitions. [2021-09-13 23:48:32,321 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2021-09-13 23:48:32,322 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) Word has length 29 [2021-09-13 23:48:32,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-09-13 23:48:32,322 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) [2021-09-13 23:48:32,323 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 71 transitions. [2021-09-13 23:48:32,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) [2021-09-13 23:48:32,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 71 transitions. [2021-09-13 23:48:32,324 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 71 transitions. [2021-09-13 23:48:32,383 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 71 edges. 71 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2021-09-13 23:48:32,384 INFO L225 Difference]: With dead ends: 73 [2021-09-13 23:48:32,384 INFO L226 Difference]: Without dead ends: 73 [2021-09-13 23:48:32,385 INFO L927 BasicCegarLoop]: 0 DeclaredPredicates, 57 GetRequests, 42 SyntacticMatches, 3 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 34 ImplicationChecksByTransitivity, 4848.36ms TimeCoverageRelationStatistics Valid=55, Invalid=122, Unknown=5, NotChecked=0, Total=182 [2021-09-13 23:48:32,385 INFO L928 BasicCegarLoop]: 12 mSDtfsCounter, 27 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 52 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 62.80ms Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 21 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 1.34ms SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 52 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 169 IncrementalHoareTripleChecker+Unchecked, 63.37ms IncrementalHoareTripleChecker+Time [2021-09-13 23:48:32,385 INFO L929 BasicCegarLoop]: SdHoareTripleChecker [27 Valid, 21 Invalid, 222 Unknown, 0 Unchecked, 1.34ms Time], IncrementalHoareTripleChecker [1 Valid, 52 Invalid, 0 Unknown, 169 Unchecked, 63.37ms Time] [2021-09-13 23:48:32,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2021-09-13 23:48:32,386 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 71. [2021-09-13 23:48:32,387 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2021-09-13 23:48:32,387 INFO L82 GeneralOperation]: Start isEquivalent. First operand 73 states. Second operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:48:32,387 INFO L74 IsIncluded]: Start isIncluded. First operand 73 states. Second operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:48:32,387 INFO L87 Difference]: Start difference. First operand 73 states. Second operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:48:32,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:32,388 INFO L93 Difference]: Finished difference Result 73 states and 76 transitions. [2021-09-13 23:48:32,388 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 76 transitions. [2021-09-13 23:48:32,388 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:32,388 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:32,389 INFO L74 IsIncluded]: Start isIncluded. First operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) Second operand 73 states. [2021-09-13 23:48:32,389 INFO L87 Difference]: Start difference. First operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) Second operand 73 states. [2021-09-13 23:48:32,390 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-09-13 23:48:32,390 INFO L93 Difference]: Finished difference Result 73 states and 76 transitions. [2021-09-13 23:48:32,390 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 76 transitions. [2021-09-13 23:48:32,390 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-09-13 23:48:32,390 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2021-09-13 23:48:32,390 INFO L88 GeneralOperation]: Finished isEquivalent. [2021-09-13 23:48:32,390 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2021-09-13 23:48:32,390 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 46 states have (on average 1.2391304347826086) internal successors, (57), 53 states have internal predecessors, (57), 8 states have call successors, (8), 8 states have call predecessors, (8), 9 states have return successors, (9), 9 states have call predecessors, (9), 7 states have call successors, (9) [2021-09-13 23:48:32,391 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 74 transitions. [2021-09-13 23:48:32,391 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 74 transitions. Word has length 29 [2021-09-13 23:48:32,391 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-09-13 23:48:32,391 INFO L470 AbstractCegarLoop]: Abstraction has 71 states and 74 transitions. [2021-09-13 23:48:32,391 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 2.923076923076923) internal successors, (38), 13 states have internal predecessors, (38), 6 states have call successors, (11), 7 states have call predecessors, (11), 8 states have return successors, (8), 5 states have call predecessors, (8), 6 states have call successors, (8) [2021-09-13 23:48:32,391 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 74 transitions. [2021-09-13 23:48:32,392 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2021-09-13 23:48:32,392 INFO L505 BasicCegarLoop]: Found error trace [2021-09-13 23:48:32,392 INFO L513 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-09-13 23:48:32,398 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Ended with exit code 0 [2021-09-13 23:48:32,598 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2021-09-13 23:48:32,598 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting mainErr0ENSURES_VIOLATIONMEMORY_LEAK === [ldv_msg_allocErr0REQUIRES_VIOLATION, ldv_msg_allocErr1REQUIRES_VIOLATION, ldv_kref_initErr0REQUIRES_VIOLATION, ldv_kref_initErr1REQUIRES_VIOLATION (and 82 more)] === [2021-09-13 23:48:32,599 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-09-13 23:48:32,599 INFO L82 PathProgramCache]: Analyzing trace with hash -14051751, now seen corresponding path program 1 times [2021-09-13 23:48:32,599 INFO L121 FreeRefinementEngine]: Executing refinement strategy WOLF [2021-09-13 23:48:32,599 INFO L332 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [197957380] [2021-09-13 23:48:32,599 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:32,600 INFO L170 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2021-09-13 23:48:32,600 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2021-09-13 23:48:32,600 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2021-09-13 23:48:32,637 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2021-09-13 23:48:32,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:32,711 INFO L263 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 15 conjunts are in the unsatisfiable core [2021-09-13 23:48:32,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:32,722 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:32,756 INFO L354 Elim1Store]: treesize reduction 34, result has 38.2 percent of original size [2021-09-13 23:48:32,757 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 2 case distinctions, treesize of input 12 treesize of output 26 [2021-09-13 23:48:33,337 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 18 [2021-09-13 23:48:40,020 INFO L264 TraceCheckUtils]: 0: Hoare triple {6272#true} call ULTIMATE.init(); {6272#true} is VALID [2021-09-13 23:48:40,022 INFO L281 TraceCheckUtils]: 1: Hoare triple {6272#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,022 INFO L281 TraceCheckUtils]: 2: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} assume true; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,023 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} {6272#true} #506#return; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,023 INFO L264 TraceCheckUtils]: 4: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} call main(); {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} is VALID [2021-09-13 23:48:40,024 INFO L264 TraceCheckUtils]: 5: Hoare triple {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} call entry_point(); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:40,024 INFO L264 TraceCheckUtils]: 6: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:40,024 INFO L281 TraceCheckUtils]: 7: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:40,025 INFO L264 TraceCheckUtils]: 8: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:40,025 INFO L281 TraceCheckUtils]: 9: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~size := #in~size; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:40,026 INFO L281 TraceCheckUtils]: 10: Hoare triple {6294#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:40,026 INFO L281 TraceCheckUtils]: 11: Hoare triple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} assume true; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:40,027 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} {6294#(= |old(#valid)| |#valid|)} #462#return; {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} is VALID [2021-09-13 23:48:40,027 INFO L281 TraceCheckUtils]: 13: Hoare triple {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,027 INFO L281 TraceCheckUtils]: 14: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,028 INFO L264 TraceCheckUtils]: 15: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} call #t~ret41 := f6(); {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,028 INFO L281 TraceCheckUtils]: 16: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} #res := #t~nondet38;havoc #t~nondet38; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,029 INFO L281 TraceCheckUtils]: 17: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} assume true; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:40,029 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} #464#return; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,029 INFO L281 TraceCheckUtils]: 19: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} ~ret~0 := #t~ret41;havoc #t~ret41; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,030 INFO L281 TraceCheckUtils]: 20: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvslt32(~ret~0, 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,030 INFO L281 TraceCheckUtils]: 21: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,030 INFO L281 TraceCheckUtils]: 22: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:40,031 INFO L281 TraceCheckUtils]: 23: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,032 INFO L281 TraceCheckUtils]: 24: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,032 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6294#(= |old(#valid)| |#valid|)} #494#return; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,033 INFO L281 TraceCheckUtils]: 26: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,033 INFO L281 TraceCheckUtils]: 27: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume !(0bv32 == ~ret~1); {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,033 INFO L281 TraceCheckUtils]: 28: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} SUMMARY for call write~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); srcloc: L787-1 {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,034 INFO L281 TraceCheckUtils]: 29: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:40,034 INFO L276 TraceCheckUtils]: 30: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} #468#return; {6374#(and (exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|))) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} is VALID [2021-09-13 23:48:40,035 INFO L281 TraceCheckUtils]: 31: Hoare triple {6374#(and (exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|))) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} assume !(#valid == old(#valid)); {6273#false} is VALID [2021-09-13 23:48:40,035 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:40,035 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:44,266 INFO L139 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2021-09-13 23:48:44,266 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [197957380] [2021-09-13 23:48:44,266 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_DEPENDING: Alternating quantifiers not yet supported [2021-09-13 23:48:44,266 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1151401184] [2021-09-13 23:48:44,266 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:44,266 INFO L170 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2021-09-13 23:48:44,267 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2021-09-13 23:48:44,268 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2021-09-13 23:48:44,268 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (15)] Waiting until timeout for monitored process [2021-09-13 23:48:44,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:44,392 INFO L263 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 16 conjunts are in the unsatisfiable core [2021-09-13 23:48:44,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:44,402 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:44,445 INFO L354 Elim1Store]: treesize reduction 34, result has 38.2 percent of original size [2021-09-13 23:48:44,445 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 3 case distinctions, treesize of input 28 treesize of output 39 [2021-09-13 23:48:45,048 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 18 [2021-09-13 23:48:47,713 INFO L264 TraceCheckUtils]: 0: Hoare triple {6272#true} call ULTIMATE.init(); {6272#true} is VALID [2021-09-13 23:48:47,715 INFO L281 TraceCheckUtils]: 1: Hoare triple {6272#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,715 INFO L281 TraceCheckUtils]: 2: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} assume true; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,715 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} {6272#true} #506#return; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,716 INFO L264 TraceCheckUtils]: 4: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} call main(); {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} is VALID [2021-09-13 23:48:47,717 INFO L264 TraceCheckUtils]: 5: Hoare triple {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} call entry_point(); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:47,717 INFO L264 TraceCheckUtils]: 6: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:47,717 INFO L281 TraceCheckUtils]: 7: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:47,719 INFO L264 TraceCheckUtils]: 8: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:47,719 INFO L281 TraceCheckUtils]: 9: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~size := #in~size; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:47,719 INFO L281 TraceCheckUtils]: 10: Hoare triple {6294#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:47,720 INFO L281 TraceCheckUtils]: 11: Hoare triple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} assume true; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:47,720 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} {6294#(= |old(#valid)| |#valid|)} #462#return; {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} is VALID [2021-09-13 23:48:47,721 INFO L281 TraceCheckUtils]: 13: Hoare triple {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,721 INFO L281 TraceCheckUtils]: 14: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,722 INFO L264 TraceCheckUtils]: 15: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} call #t~ret41 := f6(); {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,723 INFO L281 TraceCheckUtils]: 16: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} #res := #t~nondet38;havoc #t~nondet38; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,723 INFO L281 TraceCheckUtils]: 17: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} assume true; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:47,723 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} #464#return; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,724 INFO L281 TraceCheckUtils]: 19: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} ~ret~0 := #t~ret41;havoc #t~ret41; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,724 INFO L281 TraceCheckUtils]: 20: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvslt32(~ret~0, 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,724 INFO L281 TraceCheckUtils]: 21: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,725 INFO L281 TraceCheckUtils]: 22: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:47,726 INFO L281 TraceCheckUtils]: 23: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,726 INFO L281 TraceCheckUtils]: 24: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,727 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6294#(= |old(#valid)| |#valid|)} #494#return; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,727 INFO L281 TraceCheckUtils]: 26: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,727 INFO L281 TraceCheckUtils]: 27: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume !(0bv32 == ~ret~1); {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,727 INFO L281 TraceCheckUtils]: 28: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} SUMMARY for call write~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); srcloc: L787-1 {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,728 INFO L281 TraceCheckUtils]: 29: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:47,729 INFO L276 TraceCheckUtils]: 30: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6290#(and (= |old(#valid)| |#valid|) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} #468#return; {6374#(and (exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|))) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} is VALID [2021-09-13 23:48:47,729 INFO L281 TraceCheckUtils]: 31: Hoare triple {6374#(and (exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|))) (exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (bvneg (bvneg (select |old(#valid)| |~#ldv_global_msg_list~0.base|))) (_ bv1 1))) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |old(#valid)| |~#a6~0.base|)))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |old(#valid)| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)))))} assume !(#valid == old(#valid)); {6273#false} is VALID [2021-09-13 23:48:47,729 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:47,730 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:51,970 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_DEPENDING: Alternating quantifiers not yet supported [2021-09-13 23:48:51,970 INFO L332 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1944349970] [2021-09-13 23:48:51,970 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-09-13 23:48:51,970 INFO L170 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-09-13 23:48:51,970 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-09-13 23:48:51,972 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-09-13 23:48:51,972 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Waiting until timeout for monitored process [2021-09-13 23:48:52,065 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:52,066 INFO L263 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 13 conjunts are in the unsatisfiable core [2021-09-13 23:48:52,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-09-13 23:48:52,076 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-09-13 23:48:52,185 INFO L388 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 18 [2021-09-13 23:48:52,622 INFO L264 TraceCheckUtils]: 0: Hoare triple {6272#true} call ULTIMATE.init(); {6272#true} is VALID [2021-09-13 23:48:52,622 INFO L281 TraceCheckUtils]: 1: Hoare triple {6272#true} #NULL.base, #NULL.offset := 0bv32, 0bv32;#valid := #valid[0bv32 := 0bv1];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;call ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := #Ultimate.allocOnStack(8bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);call ~#a6~0.base, ~#a6~0.offset := #Ultimate.allocOnStack(4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); {6272#true} is VALID [2021-09-13 23:48:52,622 INFO L281 TraceCheckUtils]: 2: Hoare triple {6272#true} assume true; {6272#true} is VALID [2021-09-13 23:48:52,622 INFO L276 TraceCheckUtils]: 3: Hoare quadruple {6272#true} {6272#true} #506#return; {6272#true} is VALID [2021-09-13 23:48:52,623 INFO L264 TraceCheckUtils]: 4: Hoare triple {6272#true} call main(); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,623 INFO L264 TraceCheckUtils]: 5: Hoare triple {6294#(= |old(#valid)| |#valid|)} call entry_point(); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,623 INFO L264 TraceCheckUtils]: 6: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret44 := probe3_6(~#a6~0.base, ~#a6~0.offset); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,624 INFO L281 TraceCheckUtils]: 7: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~a.base, ~a.offset := #in~a.base, #in~a.offset;~ret~0 := 3bv32; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,624 INFO L264 TraceCheckUtils]: 8: Hoare triple {6294#(= |old(#valid)| |#valid|)} call #t~ret40.base, #t~ret40.offset := ldv_malloc(4bv32); {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,624 INFO L281 TraceCheckUtils]: 9: Hoare triple {6294#(= |old(#valid)| |#valid|)} ~size := #in~size; {6294#(= |old(#valid)| |#valid|)} is VALID [2021-09-13 23:48:52,625 INFO L281 TraceCheckUtils]: 10: Hoare triple {6294#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:52,625 INFO L281 TraceCheckUtils]: 11: Hoare triple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} assume true; {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} is VALID [2021-09-13 23:48:52,626 INFO L276 TraceCheckUtils]: 12: Hoare quadruple {6310#(and (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|) (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)))))))} {6294#(= |old(#valid)| |#valid|)} #462#return; {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} is VALID [2021-09-13 23:48:52,626 INFO L281 TraceCheckUtils]: 13: Hoare triple {6317#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| |probe3_6_#t~ret40.base|))))))))) (= |#valid| (store |old(#valid)| |probe3_6_#t~ret40.base| (_ bv1 1))))} ~p~0.base, ~p~0.offset := #t~ret40.base, #t~ret40.offset;havoc #t~ret40.base, #t~ret40.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,627 INFO L281 TraceCheckUtils]: 14: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume !(~p~0.base == 0bv32 && ~p~0.offset == 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,627 INFO L264 TraceCheckUtils]: 15: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} call #t~ret41 := f6(); {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:52,628 INFO L281 TraceCheckUtils]: 16: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} #res := #t~nondet38;havoc #t~nondet38; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:52,628 INFO L281 TraceCheckUtils]: 17: Hoare triple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} assume true; {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} is VALID [2021-09-13 23:48:52,629 INFO L276 TraceCheckUtils]: 18: Hoare quadruple {6280#(exists ((|~#a6~0.base| (_ BitVec 32)) (|~#ldv_global_msg_list~0.base| (_ BitVec 32))) (and (= (_ bv0 1) (bvadd (_ bv1 1) (select |#valid| |~#a6~0.base|))) (or (= |~#a6~0.base| (_ bv0 32)) (= (_ bv0 1) (select |#valid| (_ bv0 32))) (= (_ bv0 32) |~#ldv_global_msg_list~0.base|)) (= (_ bv0 1) (bvadd (_ bv1 1) (bvneg (select |#valid| |~#ldv_global_msg_list~0.base|))))))} {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} #464#return; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,629 INFO L281 TraceCheckUtils]: 19: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} ~ret~0 := #t~ret41;havoc #t~ret41; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,629 INFO L281 TraceCheckUtils]: 20: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvslt32(~ret~0, 0bv32); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,630 INFO L281 TraceCheckUtils]: 21: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.offset; {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,630 INFO L281 TraceCheckUtils]: 22: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume ~bvult32(~p~0.base, #StackHeapBarrier); {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} is VALID [2021-09-13 23:48:52,631 INFO L281 TraceCheckUtils]: 23: Hoare triple {6321#(and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv1 1)) |#valid|))} assume 0bv32 == ~p~0.base || 1bv1 == #valid[~p~0.base];call ULTIMATE.dealloc(~p~0.base, ~p~0.offset);#res := ~ret~0; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,631 INFO L281 TraceCheckUtils]: 24: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,632 INFO L276 TraceCheckUtils]: 25: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6294#(= |old(#valid)| |#valid|)} #494#return; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,632 INFO L281 TraceCheckUtils]: 26: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} ~ret~1 := #t~ret44;havoc #t~ret44; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,632 INFO L281 TraceCheckUtils]: 27: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume !(0bv32 == ~ret~1); {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,633 INFO L281 TraceCheckUtils]: 28: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} SUMMARY for call write~$Pointer$(0bv32, 0bv32, ~#a6~0.base, ~#a6~0.offset, 4bv32); srcloc: L787-1 {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,633 INFO L281 TraceCheckUtils]: 29: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume true; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,633 INFO L276 TraceCheckUtils]: 30: Hoare quadruple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} {6294#(= |old(#valid)| |#valid|)} #468#return; {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} is VALID [2021-09-13 23:48:52,634 INFO L281 TraceCheckUtils]: 31: Hoare triple {6352#(exists ((probe3_6_~p~0.base (_ BitVec 32))) (and (= (_ bv0 1) (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (bvneg (select |old(#valid)| probe3_6_~p~0.base)))))))))) (= (store |old(#valid)| probe3_6_~p~0.base (_ bv0 1)) |#valid|)))} assume !(#valid == old(#valid)); {6273#false} is VALID [2021-09-13 23:48:52,634 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-09-13 23:48:52,634 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2021-09-13 23:48:56,870 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_DEPENDING: Alternating quantifiers not yet supported [2021-09-13 23:48:56,871 INFO L186 FreeRefinementEngine]: Constructing automaton from 0 perfect and 0 imperfect interpolant sequences. [2021-09-13 23:48:56,871 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [] total 0 [2021-09-13 23:48:56,871 ERROR L172 FreeRefinementEngine]: Strategy WOLF failed to provide any proof altough trace is infeasible [2021-09-13 23:48:56,871 INFO L627 BasicCegarLoop]: Counterexample might be feasible [2021-09-13 23:48:56,874 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location mainErr0ENSURES_VIOLATIONMEMORY_LEAK (85 of 86 remaining) [2021-09-13 23:48:56,875 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_allocErr0REQUIRES_VIOLATION (84 of 86 remaining) [2021-09-13 23:48:56,875 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_allocErr1REQUIRES_VIOLATION (83 of 86 remaining) [2021-09-13 23:48:56,875 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kref_initErr0REQUIRES_VIOLATION (82 of 86 remaining) [2021-09-13 23:48:56,875 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kref_initErr1REQUIRES_VIOLATION (81 of 86 remaining) [2021-09-13 23:48:56,875 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_add_returnErr0REQUIRES_VIOLATION (80 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_add_returnErr1REQUIRES_VIOLATION (79 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_add_returnErr2REQUIRES_VIOLATION (78 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_add_returnErr3REQUIRES_VIOLATION (77 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION (76 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION (75 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location LDV_INIT_LIST_HEADErr2REQUIRES_VIOLATION (74 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location LDV_INIT_LIST_HEADErr3REQUIRES_VIOLATION (73 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr0REQUIRES_VIOLATION (72 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr1REQUIRES_VIOLATION (71 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr2REQUIRES_VIOLATION (70 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr3REQUIRES_VIOLATION (69 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr4REQUIRES_VIOLATION (68 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr5REQUIRES_VIOLATION (67 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr6REQUIRES_VIOLATION (66 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_addErr7REQUIRES_VIOLATION (65 of 86 remaining) [2021-09-13 23:48:56,876 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_dev_set_drvdataErr0REQUIRES_VIOLATION (64 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_dev_set_drvdataErr1REQUIRES_VIOLATION (63 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_delErr0REQUIRES_VIOLATION (62 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_delErr1REQUIRES_VIOLATION (61 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_delErr2REQUIRES_VIOLATION (60 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location __ldv_list_delErr3REQUIRES_VIOLATION (59 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_sub_returnErr0REQUIRES_VIOLATION (58 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_sub_returnErr1REQUIRES_VIOLATION (57 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_sub_returnErr2REQUIRES_VIOLATION (56 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_atomic_sub_returnErr3REQUIRES_VIOLATION (55 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_addErr0REQUIRES_VIOLATION (54 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_addErr1REQUIRES_VIOLATION (53 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr0REQUIRES_VIOLATION (52 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr1REQUIRES_VIOLATION (51 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr2REQUIRES_VIOLATION (50 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr3REQUIRES_VIOLATION (49 of 86 remaining) [2021-09-13 23:48:56,877 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr4REQUIRES_VIOLATION (48 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_destroy_msgsErr5REQUIRES_VIOLATION (47 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_dev_get_drvdataErr0REQUIRES_VIOLATION (46 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_dev_get_drvdataErr1REQUIRES_VIOLATION (45 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err0REQUIRES_VIOLATION (44 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err1REQUIRES_VIOLATION (43 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err2ASSERT_VIOLATIONMEMORY_FREE (42 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err3ASSERT_VIOLATIONMEMORY_FREE (41 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err4ASSERT_VIOLATIONMEMORY_FREE (40 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err5ASSERT_VIOLATIONMEMORY_FREE (39 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err6ASSERT_VIOLATIONMEMORY_FREE (38 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location probe3_6Err7ASSERT_VIOLATIONMEMORY_FREE (37 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr0REQUIRES_VIOLATION (36 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr1REQUIRES_VIOLATION (35 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr2ASSERT_VIOLATIONMEMORY_FREE (34 of 86 remaining) [2021-09-13 23:48:56,878 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr3ASSERT_VIOLATIONMEMORY_FREE (33 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr4ASSERT_VIOLATIONMEMORY_FREE (32 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr5ASSERT_VIOLATIONMEMORY_FREE (31 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr6ASSERT_VIOLATIONMEMORY_FREE (30 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_freeErr7ASSERT_VIOLATIONMEMORY_FREE (29 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr0REQUIRES_VIOLATION (28 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr1REQUIRES_VIOLATION (27 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr2REQUIRES_VIOLATION (26 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr3REQUIRES_VIOLATION (25 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr4REQUIRES_VIOLATION (24 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_msg_fillErr5REQUIRES_VIOLATION (23 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr0REQUIRES_VIOLATION (22 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr1REQUIRES_VIOLATION (21 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr2ASSERT_VIOLATIONMEMORY_FREE (20 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr3ASSERT_VIOLATIONMEMORY_FREE (19 of 86 remaining) [2021-09-13 23:48:56,879 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr4ASSERT_VIOLATIONMEMORY_FREE (18 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr5ASSERT_VIOLATIONMEMORY_FREE (17 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr6ASSERT_VIOLATIONMEMORY_FREE (16 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_cleanupErr7ASSERT_VIOLATIONMEMORY_FREE (15 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_createErr0REQUIRES_VIOLATION (14 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_kobject_createErr1REQUIRES_VIOLATION (13 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_delErr0REQUIRES_VIOLATION (12 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_delErr1REQUIRES_VIOLATION (11 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_delErr2REQUIRES_VIOLATION (10 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_delErr3REQUIRES_VIOLATION (9 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_add_tailErr0REQUIRES_VIOLATION (8 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ldv_list_add_tailErr1REQUIRES_VIOLATION (7 of 86 remaining) [2021-09-13 23:48:56,880 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location entry_pointErr0REQUIRES_VIOLATION (6 of 86 remaining) [2021-09-13 23:48:56,881 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location entry_pointErr1REQUIRES_VIOLATION (5 of 86 remaining) [2021-09-13 23:48:56,881 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location disconnect_6Err0REQUIRES_VIOLATION (4 of 86 remaining) [2021-09-13 23:48:56,881 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location disconnect_6Err1REQUIRES_VIOLATION (3 of 86 remaining) [2021-09-13 23:48:56,882 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location disconnect_6Err2ASSERT_VIOLATIONMEMORY_FREE (2 of 86 remaining) [2021-09-13 23:48:56,882 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location disconnect_6Err3ASSERT_VIOLATIONMEMORY_FREE (1 of 86 remaining) [2021-09-13 23:48:56,882 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location disconnect_6Err4ASSERT_VIOLATIONMEMORY_FREE (0 of 86 remaining) [2021-09-13 23:48:56,887 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (15)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:57,095 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Ended with exit code 0 [2021-09-13 23:48:57,305 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Forceful destruction successful, exit code 0 [2021-09-13 23:48:57,487 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3,16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-09-13 23:48:57,491 INFO L179 ceAbstractionStarter]: Computing trace abstraction results [2021-09-13 23:48:57,494 WARN L418 cessorBacktranslator]: Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) [2021-09-13 23:48:57,499 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.09 11:48:57 BoogieIcfgContainer [2021-09-13 23:48:57,499 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2021-09-13 23:48:57,499 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2021-09-13 23:48:57,499 INFO L271 PluginConnector]: Initializing Witness Printer... [2021-09-13 23:48:57,500 INFO L275 PluginConnector]: Witness Printer initialized [2021-09-13 23:48:57,500 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.09 11:47:49" (3/4) ... [2021-09-13 23:48:57,502 INFO L140 WitnessPrinter]: No result that supports witness generation found [2021-09-13 23:48:57,502 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2021-09-13 23:48:57,502 INFO L158 Benchmark]: Toolchain (without parser) took 69651.46ms. Allocated memory was 56.6MB in the beginning and 113.2MB in the end (delta: 56.6MB). Free memory was 34.0MB in the beginning and 59.9MB in the end (delta: -25.9MB). Peak memory consumption was 31.7MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,502 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 56.6MB. Free memory was 38.9MB in the beginning and 38.8MB in the end (delta: 47.3kB). There was no memory consumed. Max. memory is 16.1GB. [2021-09-13 23:48:57,503 INFO L158 Benchmark]: CACSL2BoogieTranslator took 613.31ms. Allocated memory was 56.6MB in the beginning and 71.3MB in the end (delta: 14.7MB). Free memory was 33.7MB in the beginning and 43.9MB in the end (delta: -10.2MB). Peak memory consumption was 11.2MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,503 INFO L158 Benchmark]: Boogie Preprocessor took 97.44ms. Allocated memory is still 71.3MB. Free memory was 43.9MB in the beginning and 37.2MB in the end (delta: 6.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,503 INFO L158 Benchmark]: RCFGBuilder took 902.74ms. Allocated memory is still 71.3MB. Free memory was 36.9MB in the beginning and 36.1MB in the end (delta: 840.9kB). Peak memory consumption was 12.7MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,503 INFO L158 Benchmark]: TraceAbstraction took 68024.30ms. Allocated memory was 71.3MB in the beginning and 113.2MB in the end (delta: 41.9MB). Free memory was 35.3MB in the beginning and 60.9MB in the end (delta: -25.7MB). Peak memory consumption was 16.2MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,503 INFO L158 Benchmark]: Witness Printer took 2.45ms. Allocated memory is still 113.2MB. Free memory was 60.9MB in the beginning and 59.9MB in the end (delta: 1.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-09-13 23:48:57,504 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 56.6MB. Free memory was 38.9MB in the beginning and 38.8MB in the end (delta: 47.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 613.31ms. Allocated memory was 56.6MB in the beginning and 71.3MB in the end (delta: 14.7MB). Free memory was 33.7MB in the beginning and 43.9MB in the end (delta: -10.2MB). Peak memory consumption was 11.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 97.44ms. Allocated memory is still 71.3MB. Free memory was 43.9MB in the beginning and 37.2MB in the end (delta: 6.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 902.74ms. Allocated memory is still 71.3MB. Free memory was 36.9MB in the beginning and 36.1MB in the end (delta: 840.9kB). Peak memory consumption was 12.7MB. Max. memory is 16.1GB. * TraceAbstraction took 68024.30ms. Allocated memory was 71.3MB in the beginning and 113.2MB in the end (delta: 41.9MB). Free memory was 35.3MB in the beginning and 60.9MB in the end (delta: -25.7MB). Peak memory consumption was 16.2MB. Max. memory is 16.1GB. * Witness Printer took 2.45ms. Allocated memory is still 113.2MB. Free memory was 60.9MB in the beginning and 59.9MB in the end (delta: 1.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.boogie.preprocessor: - GenericResult: Unfinished Backtranslation Generated EnsuresSpecification ensures #valid == old(#valid); is not ensure(true) * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.00ms ErrorAutomatonConstructionTimeTotal, 0.00ms FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.00ms ErrorAutomatonConstructionTimeAvg, 0.00ms ErrorAutomatonDifferenceTimeAvg, 0.00ms ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - UnprovableResult [Line: 792]: Unable to prove that all allocated memory was freed Unable to prove that all allocated memory was freed Reason: unable to decide satisfiability of path constraint, overapproximation of memtrack at line 792. Possible FailurePath: [L569] struct ldv_list_head ldv_global_msg_list = { &(ldv_global_msg_list), &(ldv_global_msg_list) }; [L784] struct A a6; [L793] CALL entry_point() [L786] CALL, EXPR probe3_6(&a6) [L764] int ret = - -3; [L765] CALL, EXPR ldv_malloc(sizeof(int)) [L526] COND TRUE __VERIFIER_nondet_int() [L527] return malloc(size); [L765] RET, EXPR ldv_malloc(sizeof(int)) [L765] int *p = (int *)ldv_malloc(sizeof(int)); [L766] COND FALSE !(p==0) [L768] CALL, EXPR f6() [L758] return __VERIFIER_nondet_int(); [L768] RET, EXPR f6() [L768] ret = f6() [L769] COND TRUE ret<0 [L778] free(p) [L778] free(p) [L778] free(p) [L779] return ret; [L786] RET, EXPR probe3_6(&a6) [L786] int ret = probe3_6(&a6); [L787] COND FALSE !(ret==0) [L790] a6.p = 0 [L793] RET entry_point() - UnprovableResult [Line: 578]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 578]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 682]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 682]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 658]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 658]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 660]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 660]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 540]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 540]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 541]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 541]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 547]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 547]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 548]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 548]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 549]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 549]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 550]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 550]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 623]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 623]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 554]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 554]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 555]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 555]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 666]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 666]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 668]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 668]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 559]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 559]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 607]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 619]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 619]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 774]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 774]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 775]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 775]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 775]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 778]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 778]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 778]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 593]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 593]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 593]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 593]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 593]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 594]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 594]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 594]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 587]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 587]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 587]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 587]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 588]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 588]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 699]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 699]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 700]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 700]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 700]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 702]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 702]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 702]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 744]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 744]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 567]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 567]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 567]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 567]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 563]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 563]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 790]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 790]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 782]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 782]: Unable to prove that pointer dereference always succeeds Unable to prove that pointer dereference always succeeds Reason: Not analyzed. - UnprovableResult [Line: 782]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 782]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - UnprovableResult [Line: 782]: Unable to prove that free always succeeds Unable to prove that free always succeeds Reason: Not analyzed. - StatisticsResult: Ultimate Automizer benchmark data CFG has 51 procedures, 379 locations, 86 error locations. Started 1 CEGAR loops. OverallTime: 67979.43ms, OverallIterations: 13, TraceHistogramMax: 1, EmptinessCheckTime: 15.62ms, AutomataDifference: 20792.09ms, DeadEndRemovalTime: 0.00ms, HoareAnnotationTime: 0.00ms, InitialAbstractionConstructionTime: 6.92ms, PartialOrderReductionTime: 0.00ms, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 623 SdHoareTripleChecker+Valid, 2366.63ms IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 610 mSDsluCounter, 532 SdHoareTripleChecker+Invalid, 2345.66ms Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 725 IncrementalHoareTripleChecker+Unchecked, 2450 mSDsCounter, 139 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2537 IncrementalHoareTripleChecker+Invalid, 3401 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 139 mSolverCounterUnsat, 170 mSDtfsCounter, 2537 mSolverCounterSat, 27.64ms SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 589 GetRequests, 455 SyntacticMatches, 35 SemanticMatches, 99 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 201 ImplicationChecksByTransitivity, 24683.11ms Time, 0.00ms BasicInterpolantAutomatonTime, BiggestAbstraction: size=139occurred in iteration=0, InterpolantAutomatonStates: 97, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.00ms DumpTime, AutomataMinimizationStatistics: 184.17ms AutomataMinimizationTime, 12 MinimizatonAttempts, 85 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 89.90ms SsaConstructionTime, 209.16ms SatisfiabilityAnalysisTime, 17543.24ms InterpolantComputationTime, 289 NumberOfCodeBlocks, 289 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 554 ConstructedInterpolants, 81 QuantifiedInterpolants, 4276 SizeOfPredicates, 35 NumberOfNonLiveVariables, 1319 ConjunctsInSsa, 111 ConjunctsInUnsatCore, 24 InterpolantComputations, 24 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available RESULT: Ultimate could not prove your program: unable to determine feasibility of some traces [2021-09-13 23:48:57,532 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request...