./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 14:38:06,060 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 14:38:06,062 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 14:38:06,110 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 14:38:06,111 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 14:38:06,113 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 14:38:06,115 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 14:38:06,117 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 14:38:06,119 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 14:38:06,123 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 14:38:06,124 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 14:38:06,125 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 14:38:06,125 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 14:38:06,128 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 14:38:06,129 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 14:38:06,132 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 14:38:06,133 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 14:38:06,134 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 14:38:06,136 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 14:38:06,141 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 14:38:06,142 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 14:38:06,143 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 14:38:06,145 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 14:38:06,145 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 14:38:06,151 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 14:38:06,152 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 14:38:06,152 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 14:38:06,153 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 14:38:06,154 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 14:38:06,154 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 14:38:06,155 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 14:38:06,156 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 14:38:06,157 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 14:38:06,158 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 14:38:06,159 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 14:38:06,159 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 14:38:06,160 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 14:38:06,160 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 14:38:06,160 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 14:38:06,161 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 14:38:06,161 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 14:38:06,162 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-02-20 14:38:06,193 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 14:38:06,194 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 14:38:06,194 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 14:38:06,195 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 14:38:06,195 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 14:38:06,195 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 14:38:06,196 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 14:38:06,196 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 14:38:06,196 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 14:38:06,197 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 14:38:06,197 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 14:38:06,198 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 14:38:06,199 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 14:38:06,199 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 14:38:06,199 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 14:38:06,199 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 14:38:06,199 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 14:38:06,200 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 14:38:06,200 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 14:38:06,200 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 14:38:06,200 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 14:38:06,200 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 14:38:06,200 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 14:38:06,201 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 14:38:06,201 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 14:38:06,201 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 14:38:06,201 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 14:38:06,201 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 14:38:06,202 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde [2022-02-20 14:38:06,454 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 14:38:06,482 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 14:38:06,484 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 14:38:06,485 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 14:38:06,486 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 14:38:06,487 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:06,542 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b8df092f/3e45aaa9c38a4a8082251df15b48af4b/FLAGe31eb5960 [2022-02-20 14:38:07,016 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 14:38:07,017 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:07,041 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b8df092f/3e45aaa9c38a4a8082251df15b48af4b/FLAGe31eb5960 [2022-02-20 14:38:07,524 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b8df092f/3e45aaa9c38a4a8082251df15b48af4b [2022-02-20 14:38:07,526 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 14:38:07,527 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 14:38:07,531 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 14:38:07,532 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 14:38:07,534 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 14:38:07,536 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 02:38:07" (1/1) ... [2022-02-20 14:38:07,537 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5033e6a1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:07, skipping insertion in model container [2022-02-20 14:38:07,537 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 02:38:07" (1/1) ... [2022-02-20 14:38:07,544 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 14:38:07,573 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 14:38:07,903 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-20 14:38:07,906 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 14:38:07,919 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 14:38:07,989 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-20 14:38:07,989 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 14:38:08,001 INFO L208 MainTranslator]: Completed translation [2022-02-20 14:38:08,002 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08 WrapperNode [2022-02-20 14:38:08,002 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 14:38:08,003 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 14:38:08,003 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 14:38:08,003 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 14:38:08,014 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,034 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,093 INFO L137 Inliner]: procedures = 29, calls = 44, calls flagged for inlining = 10, calls inlined = 10, statements flattened = 663 [2022-02-20 14:38:08,094 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 14:38:08,094 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 14:38:08,094 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 14:38:08,094 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 14:38:08,111 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,112 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,118 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,120 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,132 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,137 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,139 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,143 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 14:38:08,144 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 14:38:08,144 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 14:38:08,144 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 14:38:08,145 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (1/1) ... [2022-02-20 14:38:08,154 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 14:38:08,162 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 14:38:08,176 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 14:38:08,178 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 14:38:08,204 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 14:38:08,204 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_Complete [2022-02-20 14:38:08,204 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_Complete [2022-02-20 14:38:08,204 INFO L130 BoogieDeclarations]: Found specification of procedure stubMoreProcessingRequired [2022-02-20 14:38:08,204 INFO L138 BoogieDeclarations]: Found implementation of procedure stubMoreProcessingRequired [2022-02-20 14:38:08,205 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_CreateClose [2022-02-20 14:38:08,205 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_CreateClose [2022-02-20 14:38:08,205 INFO L130 BoogieDeclarations]: Found specification of procedure IofCompleteRequest [2022-02-20 14:38:08,205 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCompleteRequest [2022-02-20 14:38:08,205 INFO L130 BoogieDeclarations]: Found specification of procedure errorFn [2022-02-20 14:38:08,205 INFO L138 BoogieDeclarations]: Found implementation of procedure errorFn [2022-02-20 14:38:08,205 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 14:38:08,205 INFO L130 BoogieDeclarations]: Found specification of procedure IofCallDriver [2022-02-20 14:38:08,206 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCallDriver [2022-02-20 14:38:08,206 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 14:38:08,206 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 14:38:08,206 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_DispatchPassThrough [2022-02-20 14:38:08,206 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_DispatchPassThrough [2022-02-20 14:38:08,315 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 14:38:08,323 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 14:38:08,533 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:08,537 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:08,540 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:08,544 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:08,546 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:09,188 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##87: assume !false; [2022-02-20 14:38:09,188 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##86: assume false; [2022-02-20 14:38:09,188 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##63: assume !false; [2022-02-20 14:38:09,188 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##62: assume false; [2022-02-20 14:38:09,188 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##129: assume false; [2022-02-20 14:38:09,189 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##130: assume !false; [2022-02-20 14:38:09,189 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##18: assume false; [2022-02-20 14:38:09,189 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##19: assume !false; [2022-02-20 14:38:09,189 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##113: assume !false; [2022-02-20 14:38:09,189 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##112: assume false; [2022-02-20 14:38:09,207 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:09,232 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##12: assume !false; [2022-02-20 14:38:09,232 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##11: assume false; [2022-02-20 14:38:09,237 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 14:38:09,246 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 14:38:09,247 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 14:38:09,248 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 02:38:09 BoogieIcfgContainer [2022-02-20 14:38:09,249 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 14:38:09,250 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 14:38:09,250 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 14:38:09,252 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 14:38:09,253 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 02:38:07" (1/3) ... [2022-02-20 14:38:09,253 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39b3ac47 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 02:38:09, skipping insertion in model container [2022-02-20 14:38:09,253 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:08" (2/3) ... [2022-02-20 14:38:09,254 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39b3ac47 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 02:38:09, skipping insertion in model container [2022-02-20 14:38:09,254 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 02:38:09" (3/3) ... [2022-02-20 14:38:09,255 INFO L111 eAbstractionObserver]: Analyzing ICFG kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:09,259 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 14:38:09,259 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 14:38:09,294 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 14:38:09,299 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 14:38:09,300 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 14:38:09,321 INFO L276 IsEmpty]: Start isEmpty. Operand has 209 states, 171 states have (on average 1.5964912280701755) internal successors, (273), 189 states have internal predecessors, (273), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 14:38:09,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 14:38:09,325 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:09,325 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:09,326 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:09,330 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:09,330 INFO L85 PathProgramCache]: Analyzing trace with hash -809123759, now seen corresponding path program 1 times [2022-02-20 14:38:09,337 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:09,337 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [975686700] [2022-02-20 14:38:09,338 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:09,338 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:09,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:09,551 INFO L290 TraceCheckUtils]: 0: Hoare triple {212#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {212#true} is VALID [2022-02-20 14:38:09,552 INFO L290 TraceCheckUtils]: 1: Hoare triple {212#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {214#(= |ULTIMATE.start_main_~status~1#1| 0)} is VALID [2022-02-20 14:38:09,553 INFO L290 TraceCheckUtils]: 2: Hoare triple {214#(= |ULTIMATE.start_main_~status~1#1| 0)} assume { :end_inline__BLAST_init } true; {214#(= |ULTIMATE.start_main_~status~1#1| 0)} is VALID [2022-02-20 14:38:09,553 INFO L290 TraceCheckUtils]: 3: Hoare triple {214#(= |ULTIMATE.start_main_~status~1#1| 0)} assume !(main_~status~1#1 >= 0); {213#false} is VALID [2022-02-20 14:38:09,554 INFO L290 TraceCheckUtils]: 4: Hoare triple {213#false} assume !(1 == ~pended~0); {213#false} is VALID [2022-02-20 14:38:09,554 INFO L290 TraceCheckUtils]: 5: Hoare triple {213#false} assume !(1 == ~pended~0); {213#false} is VALID [2022-02-20 14:38:09,554 INFO L290 TraceCheckUtils]: 6: Hoare triple {213#false} assume ~s~0 != ~UNLOADED~0; {213#false} is VALID [2022-02-20 14:38:09,554 INFO L290 TraceCheckUtils]: 7: Hoare triple {213#false} assume -1 != main_~status~1#1; {213#false} is VALID [2022-02-20 14:38:09,555 INFO L290 TraceCheckUtils]: 8: Hoare triple {213#false} assume !(~s~0 != ~SKIP2~0); {213#false} is VALID [2022-02-20 14:38:09,555 INFO L290 TraceCheckUtils]: 9: Hoare triple {213#false} assume 1 == ~pended~0; {213#false} is VALID [2022-02-20 14:38:09,555 INFO L290 TraceCheckUtils]: 10: Hoare triple {213#false} assume 259 != main_~status~1#1; {213#false} is VALID [2022-02-20 14:38:09,556 INFO L272 TraceCheckUtils]: 11: Hoare triple {213#false} call errorFn(); {213#false} is VALID [2022-02-20 14:38:09,556 INFO L290 TraceCheckUtils]: 12: Hoare triple {213#false} assume !false; {213#false} is VALID [2022-02-20 14:38:09,557 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:09,557 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:09,557 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [975686700] [2022-02-20 14:38:09,558 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [975686700] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:09,558 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:09,558 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:09,561 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1435808002] [2022-02-20 14:38:09,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:09,566 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-02-20 14:38:09,567 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:09,570 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:09,585 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:09,586 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:09,587 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:09,609 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:09,610 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:09,618 INFO L87 Difference]: Start difference. First operand has 209 states, 171 states have (on average 1.5964912280701755) internal successors, (273), 189 states have internal predecessors, (273), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) Second operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:10,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:10,043 INFO L93 Difference]: Finished difference Result 340 states and 533 transitions. [2022-02-20 14:38:10,043 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:10,044 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-02-20 14:38:10,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:10,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:10,071 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 533 transitions. [2022-02-20 14:38:10,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:10,090 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 533 transitions. [2022-02-20 14:38:10,090 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 533 transitions. [2022-02-20 14:38:10,598 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 533 edges. 533 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:10,615 INFO L225 Difference]: With dead ends: 340 [2022-02-20 14:38:10,615 INFO L226 Difference]: Without dead ends: 201 [2022-02-20 14:38:10,619 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:10,621 INFO L933 BasicCegarLoop]: 309 mSDtfsCounter, 178 mSDsluCounter, 108 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 189 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:10,622 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [189 Valid, 417 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:10,637 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 201 states. [2022-02-20 14:38:10,659 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 201 to 201. [2022-02-20 14:38:10,660 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:10,661 INFO L82 GeneralOperation]: Start isEquivalent. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:10,663 INFO L74 IsIncluded]: Start isIncluded. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:10,665 INFO L87 Difference]: Start difference. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:10,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:10,677 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-20 14:38:10,677 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:10,679 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:10,680 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:10,681 INFO L74 IsIncluded]: Start isIncluded. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-20 14:38:10,681 INFO L87 Difference]: Start difference. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-20 14:38:10,691 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:10,692 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-20 14:38:10,692 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:10,694 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:10,694 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:10,694 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:10,694 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:10,695 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:10,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 296 transitions. [2022-02-20 14:38:10,706 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 296 transitions. Word has length 13 [2022-02-20 14:38:10,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:10,707 INFO L470 AbstractCegarLoop]: Abstraction has 201 states and 296 transitions. [2022-02-20 14:38:10,707 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:10,707 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:10,708 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 14:38:10,708 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:10,708 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:10,709 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 14:38:10,709 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:10,710 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:10,710 INFO L85 PathProgramCache]: Analyzing trace with hash 705160648, now seen corresponding path program 1 times [2022-02-20 14:38:10,710 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:10,711 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [194029499] [2022-02-20 14:38:10,711 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:10,711 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:10,748 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:10,794 INFO L290 TraceCheckUtils]: 0: Hoare triple {1367#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {1367#true} is VALID [2022-02-20 14:38:10,795 INFO L290 TraceCheckUtils]: 1: Hoare triple {1367#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1367#true} is VALID [2022-02-20 14:38:10,795 INFO L290 TraceCheckUtils]: 2: Hoare triple {1367#true} assume { :end_inline__BLAST_init } true; {1367#true} is VALID [2022-02-20 14:38:10,795 INFO L290 TraceCheckUtils]: 3: Hoare triple {1367#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {1367#true} is VALID [2022-02-20 14:38:10,796 INFO L290 TraceCheckUtils]: 4: Hoare triple {1367#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {1367#true} is VALID [2022-02-20 14:38:10,796 INFO L290 TraceCheckUtils]: 5: Hoare triple {1367#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,797 INFO L290 TraceCheckUtils]: 6: Hoare triple {1369#(= ~s~0 ~NP~0)} assume { :end_inline_stub_driver_init } true; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,798 INFO L290 TraceCheckUtils]: 7: Hoare triple {1369#(= ~s~0 ~NP~0)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,798 INFO L290 TraceCheckUtils]: 8: Hoare triple {1369#(= ~s~0 ~NP~0)} assume 0 == main_~tmp_ndt_1~0#1; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,799 INFO L272 TraceCheckUtils]: 9: Hoare triple {1369#(= ~s~0 ~NP~0)} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,800 INFO L290 TraceCheckUtils]: 10: Hoare triple {1369#(= ~s~0 ~NP~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet41 && #t~nondet41 <= 2147483647;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;assume -2147483648 <= #t~nondet42 && #t~nondet42 <= 2147483647;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,800 INFO L290 TraceCheckUtils]: 11: Hoare triple {1369#(= ~s~0 ~NP~0)} assume 0 == ~irpStack__MajorFunction~0; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,801 INFO L290 TraceCheckUtils]: 12: Hoare triple {1369#(= ~s~0 ~NP~0)} assume 0 == ~devExt__UpperConnectData__ClassService~0;~status~2 := -1073741436; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,801 INFO L290 TraceCheckUtils]: 13: Hoare triple {1369#(= ~s~0 ~NP~0)} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,802 INFO L272 TraceCheckUtils]: 14: Hoare triple {1369#(= ~s~0 ~NP~0)} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,802 INFO L290 TraceCheckUtils]: 15: Hoare triple {1369#(= ~s~0 ~NP~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {1369#(= ~s~0 ~NP~0)} is VALID [2022-02-20 14:38:10,803 INFO L290 TraceCheckUtils]: 16: Hoare triple {1369#(= ~s~0 ~NP~0)} assume !(~s~0 == ~NP~0); {1368#false} is VALID [2022-02-20 14:38:10,803 INFO L272 TraceCheckUtils]: 17: Hoare triple {1368#false} call errorFn(); {1368#false} is VALID [2022-02-20 14:38:10,803 INFO L290 TraceCheckUtils]: 18: Hoare triple {1368#false} assume !false; {1368#false} is VALID [2022-02-20 14:38:10,804 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:10,804 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:10,804 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [194029499] [2022-02-20 14:38:10,804 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [194029499] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:10,805 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:10,805 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:10,805 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1714130957] [2022-02-20 14:38:10,805 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:10,806 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-20 14:38:10,807 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:10,807 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:10,820 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:10,821 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:10,821 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:10,821 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:10,822 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:10,822 INFO L87 Difference]: Start difference. First operand 201 states and 296 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:11,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:11,234 INFO L93 Difference]: Finished difference Result 323 states and 461 transitions. [2022-02-20 14:38:11,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:11,235 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-20 14:38:11,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:11,235 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:11,245 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 461 transitions. [2022-02-20 14:38:11,246 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:11,253 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 461 transitions. [2022-02-20 14:38:11,253 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 461 transitions. [2022-02-20 14:38:11,604 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 461 edges. 461 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:11,611 INFO L225 Difference]: With dead ends: 323 [2022-02-20 14:38:11,612 INFO L226 Difference]: Without dead ends: 268 [2022-02-20 14:38:11,612 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:11,613 INFO L933 BasicCegarLoop]: 327 mSDtfsCounter, 205 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 70 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 205 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 70 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:11,614 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [205 Valid, 436 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 70 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:11,615 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-20 14:38:11,638 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 252. [2022-02-20 14:38:11,644 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:11,645 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:11,647 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:11,647 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:11,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:11,658 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-20 14:38:11,658 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-20 14:38:11,660 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:11,660 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:11,661 INFO L74 IsIncluded]: Start isIncluded. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-20 14:38:11,664 INFO L87 Difference]: Start difference. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-20 14:38:11,673 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:11,673 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-20 14:38:11,674 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-20 14:38:11,674 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:11,675 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:11,675 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:11,675 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:11,676 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:11,686 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 361 transitions. [2022-02-20 14:38:11,686 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 361 transitions. Word has length 19 [2022-02-20 14:38:11,687 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:11,687 INFO L470 AbstractCegarLoop]: Abstraction has 252 states and 361 transitions. [2022-02-20 14:38:11,688 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:11,688 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 361 transitions. [2022-02-20 14:38:11,688 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 14:38:11,689 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:11,689 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:11,689 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 14:38:11,689 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:11,690 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:11,690 INFO L85 PathProgramCache]: Analyzing trace with hash -2016043499, now seen corresponding path program 1 times [2022-02-20 14:38:11,690 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:11,690 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [522497876] [2022-02-20 14:38:11,691 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:11,691 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:11,733 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:11,776 INFO L290 TraceCheckUtils]: 0: Hoare triple {2697#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {2697#true} is VALID [2022-02-20 14:38:11,777 INFO L290 TraceCheckUtils]: 1: Hoare triple {2697#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {2697#true} is VALID [2022-02-20 14:38:11,777 INFO L290 TraceCheckUtils]: 2: Hoare triple {2697#true} assume { :end_inline__BLAST_init } true; {2697#true} is VALID [2022-02-20 14:38:11,777 INFO L290 TraceCheckUtils]: 3: Hoare triple {2697#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {2697#true} is VALID [2022-02-20 14:38:11,778 INFO L290 TraceCheckUtils]: 4: Hoare triple {2697#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {2697#true} is VALID [2022-02-20 14:38:11,778 INFO L290 TraceCheckUtils]: 5: Hoare triple {2697#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,779 INFO L290 TraceCheckUtils]: 6: Hoare triple {2699#(= ~compRegistered~0 0)} assume { :end_inline_stub_driver_init } true; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,779 INFO L290 TraceCheckUtils]: 7: Hoare triple {2699#(= ~compRegistered~0 0)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,779 INFO L290 TraceCheckUtils]: 8: Hoare triple {2699#(= ~compRegistered~0 0)} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,780 INFO L290 TraceCheckUtils]: 9: Hoare triple {2699#(= ~compRegistered~0 0)} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,780 INFO L290 TraceCheckUtils]: 10: Hoare triple {2699#(= ~compRegistered~0 0)} assume 3 == main_~tmp_ndt_3~0#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,781 INFO L290 TraceCheckUtils]: 11: Hoare triple {2699#(= ~compRegistered~0 0)} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,781 INFO L290 TraceCheckUtils]: 12: Hoare triple {2699#(= ~compRegistered~0 0)} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,782 INFO L290 TraceCheckUtils]: 13: Hoare triple {2699#(= ~compRegistered~0 0)} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,782 INFO L290 TraceCheckUtils]: 14: Hoare triple {2699#(= ~compRegistered~0 0)} assume !(~s~0 != ~NP~0); {2699#(= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:11,783 INFO L290 TraceCheckUtils]: 15: Hoare triple {2699#(= ~compRegistered~0 0)} assume 0 != ~compRegistered~0; {2698#false} is VALID [2022-02-20 14:38:11,783 INFO L272 TraceCheckUtils]: 16: Hoare triple {2698#false} call errorFn(); {2698#false} is VALID [2022-02-20 14:38:11,783 INFO L290 TraceCheckUtils]: 17: Hoare triple {2698#false} assume !false; {2698#false} is VALID [2022-02-20 14:38:11,783 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:11,784 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:11,784 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [522497876] [2022-02-20 14:38:11,784 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [522497876] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:11,784 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:11,784 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:11,785 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1954550854] [2022-02-20 14:38:11,785 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:11,785 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 14:38:11,785 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:11,786 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:11,798 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:11,799 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:11,799 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:11,799 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:11,800 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:11,800 INFO L87 Difference]: Start difference. First operand 252 states and 361 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,066 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:12,067 INFO L93 Difference]: Finished difference Result 411 states and 569 transitions. [2022-02-20 14:38:12,067 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:12,067 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 14:38:12,067 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:12,067 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,073 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 453 transitions. [2022-02-20 14:38:12,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 453 transitions. [2022-02-20 14:38:12,080 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 453 transitions. [2022-02-20 14:38:12,417 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 453 edges. 453 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:12,426 INFO L225 Difference]: With dead ends: 411 [2022-02-20 14:38:12,426 INFO L226 Difference]: Without dead ends: 312 [2022-02-20 14:38:12,427 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:12,428 INFO L933 BasicCegarLoop]: 272 mSDtfsCounter, 242 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:12,429 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [242 Valid, 360 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:12,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2022-02-20 14:38:12,443 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 290. [2022-02-20 14:38:12,443 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:12,444 INFO L82 GeneralOperation]: Start isEquivalent. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:12,445 INFO L74 IsIncluded]: Start isIncluded. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:12,446 INFO L87 Difference]: Start difference. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:12,456 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:12,457 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-20 14:38:12,457 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-20 14:38:12,458 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:12,458 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:12,459 INFO L74 IsIncluded]: Start isIncluded. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-20 14:38:12,460 INFO L87 Difference]: Start difference. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-20 14:38:12,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:12,470 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-20 14:38:12,471 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-20 14:38:12,471 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:12,472 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:12,472 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:12,472 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:12,473 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:12,483 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 290 states to 290 states and 410 transitions. [2022-02-20 14:38:12,483 INFO L78 Accepts]: Start accepts. Automaton has 290 states and 410 transitions. Word has length 18 [2022-02-20 14:38:12,484 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:12,484 INFO L470 AbstractCegarLoop]: Abstraction has 290 states and 410 transitions. [2022-02-20 14:38:12,484 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,484 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 410 transitions. [2022-02-20 14:38:12,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 14:38:12,485 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:12,485 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:12,485 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 14:38:12,486 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:12,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:12,486 INFO L85 PathProgramCache]: Analyzing trace with hash 2075722554, now seen corresponding path program 1 times [2022-02-20 14:38:12,486 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:12,487 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [72530903] [2022-02-20 14:38:12,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:12,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:12,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:12,536 INFO L290 TraceCheckUtils]: 0: Hoare triple {4278#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {4278#true} is VALID [2022-02-20 14:38:12,537 INFO L290 TraceCheckUtils]: 1: Hoare triple {4278#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {4278#true} is VALID [2022-02-20 14:38:12,537 INFO L290 TraceCheckUtils]: 2: Hoare triple {4278#true} assume { :end_inline__BLAST_init } true; {4278#true} is VALID [2022-02-20 14:38:12,537 INFO L290 TraceCheckUtils]: 3: Hoare triple {4278#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {4278#true} is VALID [2022-02-20 14:38:12,538 INFO L290 TraceCheckUtils]: 4: Hoare triple {4278#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {4278#true} is VALID [2022-02-20 14:38:12,538 INFO L290 TraceCheckUtils]: 5: Hoare triple {4278#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {4278#true} is VALID [2022-02-20 14:38:12,538 INFO L290 TraceCheckUtils]: 6: Hoare triple {4278#true} assume { :end_inline_stub_driver_init } true; {4278#true} is VALID [2022-02-20 14:38:12,538 INFO L290 TraceCheckUtils]: 7: Hoare triple {4278#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {4278#true} is VALID [2022-02-20 14:38:12,538 INFO L290 TraceCheckUtils]: 8: Hoare triple {4278#true} assume 0 == main_~tmp_ndt_1~0#1; {4278#true} is VALID [2022-02-20 14:38:12,539 INFO L272 TraceCheckUtils]: 9: Hoare triple {4278#true} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {4278#true} is VALID [2022-02-20 14:38:12,539 INFO L290 TraceCheckUtils]: 10: Hoare triple {4278#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet41 && #t~nondet41 <= 2147483647;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;assume -2147483648 <= #t~nondet42 && #t~nondet42 <= 2147483647;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {4278#true} is VALID [2022-02-20 14:38:12,539 INFO L290 TraceCheckUtils]: 11: Hoare triple {4278#true} assume 0 == ~irpStack__MajorFunction~0; {4278#true} is VALID [2022-02-20 14:38:12,539 INFO L290 TraceCheckUtils]: 12: Hoare triple {4278#true} assume 0 == ~devExt__UpperConnectData__ClassService~0;~status~2 := -1073741436; {4278#true} is VALID [2022-02-20 14:38:12,540 INFO L290 TraceCheckUtils]: 13: Hoare triple {4278#true} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {4278#true} is VALID [2022-02-20 14:38:12,540 INFO L272 TraceCheckUtils]: 14: Hoare triple {4278#true} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {4278#true} is VALID [2022-02-20 14:38:12,540 INFO L290 TraceCheckUtils]: 15: Hoare triple {4278#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {4278#true} is VALID [2022-02-20 14:38:12,541 INFO L290 TraceCheckUtils]: 16: Hoare triple {4278#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,541 INFO L290 TraceCheckUtils]: 17: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,542 INFO L272 TraceCheckUtils]: 18: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,543 INFO L290 TraceCheckUtils]: 19: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,543 INFO L290 TraceCheckUtils]: 20: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} assume !(0 != ~compRegistered~0); {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,544 INFO L290 TraceCheckUtils]: 21: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,544 INFO L290 TraceCheckUtils]: 22: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} assume 0 == ~tmp_ndt_6~0; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,545 INFO L290 TraceCheckUtils]: 23: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} ~returnVal2~0 := 0; {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,545 INFO L290 TraceCheckUtils]: 24: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~NP~0); {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,546 INFO L290 TraceCheckUtils]: 25: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~MPR1~0); {4280#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-20 14:38:12,546 INFO L290 TraceCheckUtils]: 26: Hoare triple {4280#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~SKIP1~0); {4279#false} is VALID [2022-02-20 14:38:12,546 INFO L272 TraceCheckUtils]: 27: Hoare triple {4279#false} call errorFn(); {4279#false} is VALID [2022-02-20 14:38:12,546 INFO L290 TraceCheckUtils]: 28: Hoare triple {4279#false} assume !false; {4279#false} is VALID [2022-02-20 14:38:12,547 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:12,547 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:12,547 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [72530903] [2022-02-20 14:38:12,547 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [72530903] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:12,547 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:12,548 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:12,548 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [448653174] [2022-02-20 14:38:12,548 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:12,549 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-20 14:38:12,549 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:12,549 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,569 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:12,570 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:12,570 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:12,571 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:12,571 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:12,571 INFO L87 Difference]: Start difference. First operand 290 states and 410 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,867 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:12,867 INFO L93 Difference]: Finished difference Result 293 states and 412 transitions. [2022-02-20 14:38:12,868 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:12,868 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-20 14:38:12,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:12,868 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,872 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 292 transitions. [2022-02-20 14:38:12,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:12,874 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 292 transitions. [2022-02-20 14:38:12,875 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 292 transitions. [2022-02-20 14:38:13,075 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 292 edges. 292 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:13,085 INFO L225 Difference]: With dead ends: 293 [2022-02-20 14:38:13,085 INFO L226 Difference]: Without dead ends: 289 [2022-02-20 14:38:13,086 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:13,096 INFO L933 BasicCegarLoop]: 271 mSDtfsCounter, 25 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 476 SdHoareTripleChecker+Invalid, 55 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:13,098 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [25 Valid, 476 Invalid, 55 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:13,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2022-02-20 14:38:13,117 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 289. [2022-02-20 14:38:13,118 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:13,119 INFO L82 GeneralOperation]: Start isEquivalent. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:13,121 INFO L74 IsIncluded]: Start isIncluded. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:13,122 INFO L87 Difference]: Start difference. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:13,134 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:13,134 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-20 14:38:13,137 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:13,138 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:13,138 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:13,139 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-20 14:38:13,140 INFO L87 Difference]: Start difference. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-20 14:38:13,148 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:13,148 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-20 14:38:13,149 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:13,149 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:13,150 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:13,150 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:13,150 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:13,151 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:13,158 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 407 transitions. [2022-02-20 14:38:13,159 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 407 transitions. Word has length 29 [2022-02-20 14:38:13,159 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:13,159 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 407 transitions. [2022-02-20 14:38:13,159 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:13,160 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:13,161 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 14:38:13,161 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:13,161 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:13,161 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 14:38:13,161 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:13,164 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:13,164 INFO L85 PathProgramCache]: Analyzing trace with hash -889185583, now seen corresponding path program 1 times [2022-02-20 14:38:13,164 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:13,165 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1700828186] [2022-02-20 14:38:13,165 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:13,165 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:13,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:13,301 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:13,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:13,348 INFO L290 TraceCheckUtils]: 0: Hoare triple {5654#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5646#true} is VALID [2022-02-20 14:38:13,349 INFO L290 TraceCheckUtils]: 1: Hoare triple {5646#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:13,350 INFO L290 TraceCheckUtils]: 2: Hoare triple {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:13,353 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} #743#return; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,353 INFO L290 TraceCheckUtils]: 0: Hoare triple {5646#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {5646#true} is VALID [2022-02-20 14:38:13,354 INFO L290 TraceCheckUtils]: 1: Hoare triple {5646#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,354 INFO L290 TraceCheckUtils]: 2: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :end_inline__BLAST_init } true; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,355 INFO L290 TraceCheckUtils]: 3: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,356 INFO L290 TraceCheckUtils]: 4: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,356 INFO L290 TraceCheckUtils]: 5: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,357 INFO L290 TraceCheckUtils]: 6: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :end_inline_stub_driver_init } true; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,357 INFO L290 TraceCheckUtils]: 7: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,358 INFO L290 TraceCheckUtils]: 8: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,358 INFO L290 TraceCheckUtils]: 9: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,359 INFO L290 TraceCheckUtils]: 10: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,360 INFO L290 TraceCheckUtils]: 11: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,360 INFO L290 TraceCheckUtils]: 12: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 8 == main_~tmp_ndt_5~0#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,362 INFO L290 TraceCheckUtils]: 13: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,364 INFO L290 TraceCheckUtils]: 14: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,365 INFO L290 TraceCheckUtils]: 15: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,365 INFO L290 TraceCheckUtils]: 16: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-20 14:38:13,366 INFO L272 TraceCheckUtils]: 17: Hoare triple {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {5654#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:13,366 INFO L290 TraceCheckUtils]: 18: Hoare triple {5654#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5646#true} is VALID [2022-02-20 14:38:13,370 INFO L290 TraceCheckUtils]: 19: Hoare triple {5646#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:13,371 INFO L290 TraceCheckUtils]: 20: Hoare triple {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:13,372 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5655#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {5648#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} #743#return; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,374 INFO L290 TraceCheckUtils]: 22: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,375 INFO L290 TraceCheckUtils]: 23: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,375 INFO L290 TraceCheckUtils]: 24: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(1 == ~pended~0); {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,376 INFO L290 TraceCheckUtils]: 25: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(1 == ~pended~0); {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,376 INFO L290 TraceCheckUtils]: 26: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume ~s~0 != ~UNLOADED~0; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,377 INFO L290 TraceCheckUtils]: 27: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume -1 != main_~status~1#1; {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-20 14:38:13,377 INFO L290 TraceCheckUtils]: 28: Hoare triple {5653#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(~s~0 != ~SKIP2~0); {5647#false} is VALID [2022-02-20 14:38:13,377 INFO L290 TraceCheckUtils]: 29: Hoare triple {5647#false} assume 1 == ~pended~0; {5647#false} is VALID [2022-02-20 14:38:13,378 INFO L290 TraceCheckUtils]: 30: Hoare triple {5647#false} assume 259 != main_~status~1#1; {5647#false} is VALID [2022-02-20 14:38:13,378 INFO L272 TraceCheckUtils]: 31: Hoare triple {5647#false} call errorFn(); {5647#false} is VALID [2022-02-20 14:38:13,378 INFO L290 TraceCheckUtils]: 32: Hoare triple {5647#false} assume !false; {5647#false} is VALID [2022-02-20 14:38:13,378 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:13,378 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:13,379 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1700828186] [2022-02-20 14:38:13,379 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1700828186] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:13,379 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:13,379 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 14:38:13,379 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [287643562] [2022-02-20 14:38:13,379 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:13,380 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-20 14:38:13,380 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:13,380 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:13,406 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:13,406 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 14:38:13,406 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:13,407 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 14:38:13,407 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 14:38:13,407 INFO L87 Difference]: Start difference. First operand 289 states and 407 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:14,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:14,370 INFO L93 Difference]: Finished difference Result 315 states and 437 transitions. [2022-02-20 14:38:14,370 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:14,370 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-20 14:38:14,371 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:14,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:14,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 315 transitions. [2022-02-20 14:38:14,374 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:14,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 315 transitions. [2022-02-20 14:38:14,378 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 315 transitions. [2022-02-20 14:38:14,636 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 315 edges. 315 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:14,643 INFO L225 Difference]: With dead ends: 315 [2022-02-20 14:38:14,643 INFO L226 Difference]: Without dead ends: 306 [2022-02-20 14:38:14,644 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 14:38:14,644 INFO L933 BasicCegarLoop]: 255 mSDtfsCounter, 323 mSDsluCounter, 568 mSDsCounter, 0 mSdLazyCounter, 216 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 325 SdHoareTripleChecker+Valid, 823 SdHoareTripleChecker+Invalid, 251 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:14,645 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [325 Valid, 823 Invalid, 251 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 216 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:14,645 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-20 14:38:14,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-20 14:38:14,667 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:14,668 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:14,668 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:14,669 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:14,677 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:14,677 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-20 14:38:14,678 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-20 14:38:14,678 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:14,678 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:14,679 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:14,680 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:14,688 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:14,688 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-20 14:38:14,689 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-20 14:38:14,689 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:14,689 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:14,690 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:14,690 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:14,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:14,699 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 422 transitions. [2022-02-20 14:38:14,700 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 422 transitions. Word has length 33 [2022-02-20 14:38:14,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:14,700 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 422 transitions. [2022-02-20 14:38:14,700 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:14,700 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 422 transitions. [2022-02-20 14:38:14,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:14,702 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:14,702 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:14,702 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 14:38:14,702 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:14,703 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:14,703 INFO L85 PathProgramCache]: Analyzing trace with hash 2121154083, now seen corresponding path program 1 times [2022-02-20 14:38:14,703 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:14,703 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [882612865] [2022-02-20 14:38:14,703 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:14,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:14,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:14,783 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:14,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:14,828 INFO L290 TraceCheckUtils]: 0: Hoare triple {7121#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {7113#true} is VALID [2022-02-20 14:38:14,829 INFO L290 TraceCheckUtils]: 1: Hoare triple {7113#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:14,830 INFO L290 TraceCheckUtils]: 2: Hoare triple {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:14,831 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} #743#return; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,831 INFO L290 TraceCheckUtils]: 0: Hoare triple {7113#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {7113#true} is VALID [2022-02-20 14:38:14,832 INFO L290 TraceCheckUtils]: 1: Hoare triple {7113#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,832 INFO L290 TraceCheckUtils]: 2: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :end_inline__BLAST_init } true; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,833 INFO L290 TraceCheckUtils]: 3: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,834 INFO L290 TraceCheckUtils]: 4: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,834 INFO L290 TraceCheckUtils]: 5: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,835 INFO L290 TraceCheckUtils]: 6: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :end_inline_stub_driver_init } true; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,836 INFO L290 TraceCheckUtils]: 7: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,836 INFO L290 TraceCheckUtils]: 8: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,837 INFO L290 TraceCheckUtils]: 9: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,837 INFO L290 TraceCheckUtils]: 10: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,838 INFO L290 TraceCheckUtils]: 11: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,838 INFO L290 TraceCheckUtils]: 12: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 8 == main_~tmp_ndt_5~0#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,839 INFO L290 TraceCheckUtils]: 13: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,840 INFO L290 TraceCheckUtils]: 14: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,840 INFO L290 TraceCheckUtils]: 15: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,841 INFO L290 TraceCheckUtils]: 16: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,842 INFO L272 TraceCheckUtils]: 17: Hoare triple {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {7121#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:14,842 INFO L290 TraceCheckUtils]: 18: Hoare triple {7121#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {7113#true} is VALID [2022-02-20 14:38:14,842 INFO L290 TraceCheckUtils]: 19: Hoare triple {7113#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:14,843 INFO L290 TraceCheckUtils]: 20: Hoare triple {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-20 14:38:14,844 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {7122#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {7115#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} #743#return; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,844 INFO L290 TraceCheckUtils]: 22: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,845 INFO L290 TraceCheckUtils]: 23: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,845 INFO L290 TraceCheckUtils]: 24: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(1 == ~pended~0); {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,846 INFO L290 TraceCheckUtils]: 25: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(1 == ~pended~0); {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,846 INFO L290 TraceCheckUtils]: 26: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume ~s~0 != ~UNLOADED~0; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,846 INFO L290 TraceCheckUtils]: 27: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume -1 != main_~status~1#1; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,847 INFO L290 TraceCheckUtils]: 28: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume ~s~0 != ~SKIP2~0; {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-20 14:38:14,847 INFO L290 TraceCheckUtils]: 29: Hoare triple {7120#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(~s~0 != ~IPC~0); {7114#false} is VALID [2022-02-20 14:38:14,848 INFO L290 TraceCheckUtils]: 30: Hoare triple {7114#false} assume 1 == ~pended~0; {7114#false} is VALID [2022-02-20 14:38:14,848 INFO L290 TraceCheckUtils]: 31: Hoare triple {7114#false} assume 259 != main_~status~1#1; {7114#false} is VALID [2022-02-20 14:38:14,848 INFO L272 TraceCheckUtils]: 32: Hoare triple {7114#false} call errorFn(); {7114#false} is VALID [2022-02-20 14:38:14,848 INFO L290 TraceCheckUtils]: 33: Hoare triple {7114#false} assume !false; {7114#false} is VALID [2022-02-20 14:38:14,849 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:14,849 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:14,849 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [882612865] [2022-02-20 14:38:14,849 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [882612865] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:14,849 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:14,849 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 14:38:14,849 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [218214945] [2022-02-20 14:38:14,850 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:14,850 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:14,850 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:14,851 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:14,876 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:14,876 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 14:38:14,876 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:14,877 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 14:38:14,877 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 14:38:14,877 INFO L87 Difference]: Start difference. First operand 301 states and 422 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:15,772 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:15,772 INFO L93 Difference]: Finished difference Result 311 states and 430 transitions. [2022-02-20 14:38:15,773 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:15,773 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:15,773 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:15,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:15,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 308 transitions. [2022-02-20 14:38:15,776 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:15,779 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 308 transitions. [2022-02-20 14:38:15,779 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 308 transitions. [2022-02-20 14:38:16,005 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 308 edges. 308 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:16,013 INFO L225 Difference]: With dead ends: 311 [2022-02-20 14:38:16,013 INFO L226 Difference]: Without dead ends: 306 [2022-02-20 14:38:16,013 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 14:38:16,014 INFO L933 BasicCegarLoop]: 255 mSDtfsCounter, 320 mSDsluCounter, 567 mSDsCounter, 0 mSdLazyCounter, 215 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 322 SdHoareTripleChecker+Valid, 822 SdHoareTripleChecker+Invalid, 249 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 215 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:16,014 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [322 Valid, 822 Invalid, 249 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 215 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:16,015 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-20 14:38:16,026 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-20 14:38:16,027 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:16,028 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:16,028 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:16,029 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:16,037 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:16,038 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-20 14:38:16,038 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-20 14:38:16,039 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:16,039 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:16,040 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:16,041 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:16,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:16,049 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-20 14:38:16,049 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-20 14:38:16,050 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:16,050 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:16,050 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:16,050 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:16,051 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:16,060 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 421 transitions. [2022-02-20 14:38:16,060 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 421 transitions. Word has length 34 [2022-02-20 14:38:16,061 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:16,061 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 421 transitions. [2022-02-20 14:38:16,061 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:16,061 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 421 transitions. [2022-02-20 14:38:16,062 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:16,062 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:16,063 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:16,063 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 14:38:16,063 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:16,063 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:16,063 INFO L85 PathProgramCache]: Analyzing trace with hash -1780979361, now seen corresponding path program 1 times [2022-02-20 14:38:16,064 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:16,064 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1595605270] [2022-02-20 14:38:16,064 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:16,064 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:16,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:16,113 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:16,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:16,129 INFO L290 TraceCheckUtils]: 0: Hoare triple {8587#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {8575#true} is VALID [2022-02-20 14:38:16,129 INFO L290 TraceCheckUtils]: 1: Hoare triple {8575#true} assume !(0 != ~compRegistered~0); {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,129 INFO L290 TraceCheckUtils]: 2: Hoare triple {8588#(<= ~compRegistered~0 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,130 INFO L290 TraceCheckUtils]: 3: Hoare triple {8588#(<= ~compRegistered~0 0)} assume 0 == ~tmp_ndt_6~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,130 INFO L290 TraceCheckUtils]: 4: Hoare triple {8588#(<= ~compRegistered~0 0)} ~returnVal2~0 := 0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,130 INFO L290 TraceCheckUtils]: 5: Hoare triple {8588#(<= ~compRegistered~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,131 INFO L290 TraceCheckUtils]: 6: Hoare triple {8588#(<= ~compRegistered~0 0)} #res := ~returnVal2~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,131 INFO L290 TraceCheckUtils]: 7: Hoare triple {8588#(<= ~compRegistered~0 0)} assume true; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,132 INFO L284 TraceCheckUtils]: 8: Hoare quadruple {8588#(<= ~compRegistered~0 0)} {8577#(= ~compRegistered~0 1)} #717#return; {8576#false} is VALID [2022-02-20 14:38:16,132 INFO L290 TraceCheckUtils]: 0: Hoare triple {8575#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {8575#true} is VALID [2022-02-20 14:38:16,132 INFO L290 TraceCheckUtils]: 1: Hoare triple {8575#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {8575#true} is VALID [2022-02-20 14:38:16,132 INFO L290 TraceCheckUtils]: 2: Hoare triple {8575#true} assume { :end_inline__BLAST_init } true; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 3: Hoare triple {8575#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 4: Hoare triple {8575#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 5: Hoare triple {8575#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 6: Hoare triple {8575#true} assume { :end_inline_stub_driver_init } true; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 7: Hoare triple {8575#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 8: Hoare triple {8575#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 9: Hoare triple {8575#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {8575#true} is VALID [2022-02-20 14:38:16,133 INFO L290 TraceCheckUtils]: 10: Hoare triple {8575#true} assume 3 == main_~tmp_ndt_3~0#1; {8575#true} is VALID [2022-02-20 14:38:16,134 INFO L290 TraceCheckUtils]: 11: Hoare triple {8575#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {8575#true} is VALID [2022-02-20 14:38:16,134 INFO L290 TraceCheckUtils]: 12: Hoare triple {8575#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {8575#true} is VALID [2022-02-20 14:38:16,134 INFO L290 TraceCheckUtils]: 13: Hoare triple {8575#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {8575#true} is VALID [2022-02-20 14:38:16,134 INFO L290 TraceCheckUtils]: 14: Hoare triple {8575#true} assume !(~s~0 != ~NP~0); {8575#true} is VALID [2022-02-20 14:38:16,134 INFO L290 TraceCheckUtils]: 15: Hoare triple {8575#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {8577#(= ~compRegistered~0 1)} is VALID [2022-02-20 14:38:16,135 INFO L290 TraceCheckUtils]: 16: Hoare triple {8577#(= ~compRegistered~0 1)} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {8577#(= ~compRegistered~0 1)} is VALID [2022-02-20 14:38:16,135 INFO L272 TraceCheckUtils]: 17: Hoare triple {8577#(= ~compRegistered~0 1)} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {8587#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:16,135 INFO L290 TraceCheckUtils]: 18: Hoare triple {8587#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {8575#true} is VALID [2022-02-20 14:38:16,136 INFO L290 TraceCheckUtils]: 19: Hoare triple {8575#true} assume !(0 != ~compRegistered~0); {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,136 INFO L290 TraceCheckUtils]: 20: Hoare triple {8588#(<= ~compRegistered~0 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,136 INFO L290 TraceCheckUtils]: 21: Hoare triple {8588#(<= ~compRegistered~0 0)} assume 0 == ~tmp_ndt_6~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,137 INFO L290 TraceCheckUtils]: 22: Hoare triple {8588#(<= ~compRegistered~0 0)} ~returnVal2~0 := 0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,137 INFO L290 TraceCheckUtils]: 23: Hoare triple {8588#(<= ~compRegistered~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,137 INFO L290 TraceCheckUtils]: 24: Hoare triple {8588#(<= ~compRegistered~0 0)} #res := ~returnVal2~0; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,138 INFO L290 TraceCheckUtils]: 25: Hoare triple {8588#(<= ~compRegistered~0 0)} assume true; {8588#(<= ~compRegistered~0 0)} is VALID [2022-02-20 14:38:16,138 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {8588#(<= ~compRegistered~0 0)} {8577#(= ~compRegistered~0 1)} #717#return; {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L290 TraceCheckUtils]: 27: Hoare triple {8576#false} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L290 TraceCheckUtils]: 28: Hoare triple {8576#false} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L290 TraceCheckUtils]: 29: Hoare triple {8576#false} assume !(~s~0 == ~MPR3~0); {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L290 TraceCheckUtils]: 30: Hoare triple {8576#false} assume !(1 == ~customIrp~0); {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L290 TraceCheckUtils]: 31: Hoare triple {8576#false} assume ~s~0 == ~MPR3~0; {8576#false} is VALID [2022-02-20 14:38:16,139 INFO L272 TraceCheckUtils]: 32: Hoare triple {8576#false} call errorFn(); {8576#false} is VALID [2022-02-20 14:38:16,140 INFO L290 TraceCheckUtils]: 33: Hoare triple {8576#false} assume !false; {8576#false} is VALID [2022-02-20 14:38:16,140 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:16,140 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:16,140 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1595605270] [2022-02-20 14:38:16,140 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1595605270] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:16,140 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:16,140 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:16,140 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [94375507] [2022-02-20 14:38:16,141 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:16,141 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:16,144 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:16,144 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:16,169 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:16,169 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:16,169 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:16,170 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:16,170 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:16,170 INFO L87 Difference]: Start difference. First operand 301 states and 421 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:16,904 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:16,904 INFO L93 Difference]: Finished difference Result 340 states and 460 transitions. [2022-02-20 14:38:16,904 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 14:38:16,905 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:16,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:16,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:16,908 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 368 transitions. [2022-02-20 14:38:16,909 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:16,912 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 368 transitions. [2022-02-20 14:38:16,912 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 368 transitions. [2022-02-20 14:38:17,143 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 368 edges. 368 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:17,164 INFO L225 Difference]: With dead ends: 340 [2022-02-20 14:38:17,165 INFO L226 Difference]: Without dead ends: 282 [2022-02-20 14:38:17,165 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:17,166 INFO L933 BasicCegarLoop]: 292 mSDtfsCounter, 317 mSDsluCounter, 447 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 317 SdHoareTripleChecker+Valid, 739 SdHoareTripleChecker+Invalid, 167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:17,166 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [317 Valid, 739 Invalid, 167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:17,167 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-02-20 14:38:17,218 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 268. [2022-02-20 14:38:17,218 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:17,219 INFO L82 GeneralOperation]: Start isEquivalent. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:17,220 INFO L74 IsIncluded]: Start isIncluded. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:17,221 INFO L87 Difference]: Start difference. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:17,228 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:17,228 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-20 14:38:17,229 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-20 14:38:17,229 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:17,229 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:17,237 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-20 14:38:17,238 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-20 14:38:17,245 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:17,246 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-20 14:38:17,246 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-20 14:38:17,246 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:17,247 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:17,247 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:17,247 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:17,248 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:17,255 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 370 transitions. [2022-02-20 14:38:17,255 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 370 transitions. Word has length 34 [2022-02-20 14:38:17,255 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:17,255 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 370 transitions. [2022-02-20 14:38:17,256 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:17,256 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 370 transitions. [2022-02-20 14:38:17,257 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:17,257 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:17,257 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:17,257 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-02-20 14:38:17,257 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:17,258 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:17,258 INFO L85 PathProgramCache]: Analyzing trace with hash -2069817079, now seen corresponding path program 1 times [2022-02-20 14:38:17,258 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:17,258 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [714617810] [2022-02-20 14:38:17,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:17,258 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:17,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:17,299 INFO L290 TraceCheckUtils]: 0: Hoare triple {9986#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {9986#true} is VALID [2022-02-20 14:38:17,300 INFO L290 TraceCheckUtils]: 1: Hoare triple {9986#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,301 INFO L290 TraceCheckUtils]: 2: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume { :end_inline__BLAST_init } true; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,301 INFO L290 TraceCheckUtils]: 3: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,302 INFO L290 TraceCheckUtils]: 4: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,307 INFO L290 TraceCheckUtils]: 5: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,308 INFO L290 TraceCheckUtils]: 6: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume { :end_inline_stub_driver_init } true; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,308 INFO L290 TraceCheckUtils]: 7: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,308 INFO L290 TraceCheckUtils]: 8: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,309 INFO L290 TraceCheckUtils]: 9: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,309 INFO L290 TraceCheckUtils]: 10: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,310 INFO L290 TraceCheckUtils]: 11: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume 4 == main_~tmp_ndt_4~0#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,310 INFO L290 TraceCheckUtils]: 12: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;assume -2147483648 <= KbFilter_Power_#t~nondet50#1 && KbFilter_Power_#t~nondet50#1 <= 2147483647;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;assume -2147483648 <= KbFilter_Power_#t~nondet51#1 && KbFilter_Power_#t~nondet51#1 <= 2147483647;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;assume -2147483648 <= KbFilter_Power_#t~nondet52#1 && KbFilter_Power_#t~nondet52#1 <= 2147483647;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;assume -2147483648 <= KbFilter_Power_#t~nondet53#1 && KbFilter_Power_#t~nondet53#1 <= 2147483647;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;assume -2147483648 <= KbFilter_Power_#t~nondet54#1 && KbFilter_Power_#t~nondet54#1 <= 2147483647;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;assume -2147483648 <= KbFilter_Power_#t~nondet55#1 && KbFilter_Power_#t~nondet55#1 <= 2147483647;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,311 INFO L290 TraceCheckUtils]: 13: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume 2 == KbFilter_Power_~irpStack__MinorFunction~1#1; {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,311 INFO L290 TraceCheckUtils]: 14: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {9988#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-20 14:38:17,311 INFO L290 TraceCheckUtils]: 15: Hoare triple {9988#(not (= ~SKIP1~0 ~NP~0))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,312 INFO L290 TraceCheckUtils]: 16: Hoare triple {9989#(not (= ~s~0 ~NP~0))} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := 1 + KbFilter_Power_#t~post56#1;havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := 1 + KbFilter_Power_#t~post57#1;havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;assume -2147483648 <= PoCallDriver_#t~nondet59#1 && PoCallDriver_#t~nondet59#1 <= 2147483647;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,312 INFO L290 TraceCheckUtils]: 17: Hoare triple {9989#(not (= ~s~0 ~NP~0))} assume !(0 != ~compRegistered~0); {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,313 INFO L290 TraceCheckUtils]: 18: Hoare triple {9989#(not (= ~s~0 ~NP~0))} havoc PoCallDriver_~tmp_ndt_9~0#1;assume -2147483648 <= PoCallDriver_#t~nondet61#1 && PoCallDriver_#t~nondet61#1 <= 2147483647;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,313 INFO L290 TraceCheckUtils]: 19: Hoare triple {9989#(not (= ~s~0 ~NP~0))} assume 0 == PoCallDriver_~tmp_ndt_9~0#1; {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,313 INFO L290 TraceCheckUtils]: 20: Hoare triple {9989#(not (= ~s~0 ~NP~0))} PoCallDriver_~returnVal~0#1 := 0; {9989#(not (= ~s~0 ~NP~0))} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 21: Hoare triple {9989#(not (= ~s~0 ~NP~0))} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {9987#false} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 22: Hoare triple {9987#false} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {9987#false} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 23: Hoare triple {9987#false} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;assume -2147483648 <= KbFilter_Power_#t~ret58#1 && KbFilter_Power_#t~ret58#1 <= 2147483647;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {9987#false} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 24: Hoare triple {9987#false} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;assume -2147483648 <= main_#t~ret32#1 && main_#t~ret32#1 <= 2147483647;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {9987#false} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 25: Hoare triple {9987#false} assume !(1 == ~pended~0); {9987#false} is VALID [2022-02-20 14:38:17,314 INFO L290 TraceCheckUtils]: 26: Hoare triple {9987#false} assume !(1 == ~pended~0); {9987#false} is VALID [2022-02-20 14:38:17,315 INFO L290 TraceCheckUtils]: 27: Hoare triple {9987#false} assume ~s~0 != ~UNLOADED~0; {9987#false} is VALID [2022-02-20 14:38:17,315 INFO L290 TraceCheckUtils]: 28: Hoare triple {9987#false} assume -1 != main_~status~1#1; {9987#false} is VALID [2022-02-20 14:38:17,315 INFO L290 TraceCheckUtils]: 29: Hoare triple {9987#false} assume !(~s~0 != ~SKIP2~0); {9987#false} is VALID [2022-02-20 14:38:17,315 INFO L290 TraceCheckUtils]: 30: Hoare triple {9987#false} assume 1 == ~pended~0; {9987#false} is VALID [2022-02-20 14:38:17,315 INFO L290 TraceCheckUtils]: 31: Hoare triple {9987#false} assume 259 != main_~status~1#1; {9987#false} is VALID [2022-02-20 14:38:17,316 INFO L272 TraceCheckUtils]: 32: Hoare triple {9987#false} call errorFn(); {9987#false} is VALID [2022-02-20 14:38:17,316 INFO L290 TraceCheckUtils]: 33: Hoare triple {9987#false} assume !false; {9987#false} is VALID [2022-02-20 14:38:17,317 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:17,317 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:17,317 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [714617810] [2022-02-20 14:38:17,317 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [714617810] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:17,317 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:17,317 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:17,317 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [320636287] [2022-02-20 14:38:17,317 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:17,318 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-20 14:38:17,318 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:17,318 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:17,341 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:17,342 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:17,342 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:17,342 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:17,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:17,343 INFO L87 Difference]: Start difference. First operand 268 states and 370 transitions. Second operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:17,817 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:17,817 INFO L93 Difference]: Finished difference Result 329 states and 444 transitions. [2022-02-20 14:38:17,818 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:17,818 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-20 14:38:17,818 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:17,818 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:17,821 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 346 transitions. [2022-02-20 14:38:17,821 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:17,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 346 transitions. [2022-02-20 14:38:17,824 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 346 transitions. [2022-02-20 14:38:18,059 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 346 edges. 346 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:18,066 INFO L225 Difference]: With dead ends: 329 [2022-02-20 14:38:18,067 INFO L226 Difference]: Without dead ends: 290 [2022-02-20 14:38:18,067 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:18,068 INFO L933 BasicCegarLoop]: 250 mSDtfsCounter, 296 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 91 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 296 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 118 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 91 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:18,068 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [296 Valid, 430 Invalid, 118 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 91 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:18,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 290 states. [2022-02-20 14:38:18,119 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 290 to 268. [2022-02-20 14:38:18,119 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:18,120 INFO L82 GeneralOperation]: Start isEquivalent. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:18,121 INFO L74 IsIncluded]: Start isIncluded. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:18,121 INFO L87 Difference]: Start difference. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:18,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:18,129 INFO L93 Difference]: Finished difference Result 290 states and 394 transitions. [2022-02-20 14:38:18,129 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 394 transitions. [2022-02-20 14:38:18,130 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:18,130 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:18,132 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 290 states. [2022-02-20 14:38:18,132 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 290 states. [2022-02-20 14:38:18,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:18,140 INFO L93 Difference]: Finished difference Result 290 states and 394 transitions. [2022-02-20 14:38:18,140 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 394 transitions. [2022-02-20 14:38:18,141 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:18,141 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:18,141 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:18,141 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:18,142 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:18,149 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 368 transitions. [2022-02-20 14:38:18,150 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 368 transitions. Word has length 34 [2022-02-20 14:38:18,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:18,150 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 368 transitions. [2022-02-20 14:38:18,150 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:18,150 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-20 14:38:18,151 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 14:38:18,151 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:18,151 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:18,151 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-02-20 14:38:18,152 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:18,152 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:18,152 INFO L85 PathProgramCache]: Analyzing trace with hash 1120484039, now seen corresponding path program 1 times [2022-02-20 14:38:18,152 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:18,152 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1095076841] [2022-02-20 14:38:18,153 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:18,153 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:18,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:18,195 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:18,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:18,201 INFO L290 TraceCheckUtils]: 0: Hoare triple {11386#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {11379#true} is VALID [2022-02-20 14:38:18,201 INFO L290 TraceCheckUtils]: 1: Hoare triple {11379#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {11379#true} is VALID [2022-02-20 14:38:18,202 INFO L290 TraceCheckUtils]: 2: Hoare triple {11379#true} assume true; {11379#true} is VALID [2022-02-20 14:38:18,202 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {11379#true} {11379#true} #743#return; {11379#true} is VALID [2022-02-20 14:38:18,202 INFO L290 TraceCheckUtils]: 0: Hoare triple {11379#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {11379#true} is VALID [2022-02-20 14:38:18,202 INFO L290 TraceCheckUtils]: 1: Hoare triple {11379#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11379#true} is VALID [2022-02-20 14:38:18,202 INFO L290 TraceCheckUtils]: 2: Hoare triple {11379#true} assume { :end_inline__BLAST_init } true; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 3: Hoare triple {11379#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 4: Hoare triple {11379#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 5: Hoare triple {11379#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 6: Hoare triple {11379#true} assume { :end_inline_stub_driver_init } true; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 7: Hoare triple {11379#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {11379#true} is VALID [2022-02-20 14:38:18,203 INFO L290 TraceCheckUtils]: 8: Hoare triple {11379#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {11379#true} is VALID [2022-02-20 14:38:18,204 INFO L290 TraceCheckUtils]: 9: Hoare triple {11379#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {11379#true} is VALID [2022-02-20 14:38:18,204 INFO L290 TraceCheckUtils]: 10: Hoare triple {11379#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {11379#true} is VALID [2022-02-20 14:38:18,204 INFO L290 TraceCheckUtils]: 11: Hoare triple {11379#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {11379#true} is VALID [2022-02-20 14:38:18,204 INFO L290 TraceCheckUtils]: 12: Hoare triple {11379#true} assume 8 == main_~tmp_ndt_5~0#1; {11379#true} is VALID [2022-02-20 14:38:18,204 INFO L290 TraceCheckUtils]: 13: Hoare triple {11379#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {11379#true} is VALID [2022-02-20 14:38:18,205 INFO L290 TraceCheckUtils]: 14: Hoare triple {11379#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {11379#true} is VALID [2022-02-20 14:38:18,205 INFO L290 TraceCheckUtils]: 15: Hoare triple {11379#true} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {11379#true} is VALID [2022-02-20 14:38:18,205 INFO L290 TraceCheckUtils]: 16: Hoare triple {11379#true} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {11379#true} is VALID [2022-02-20 14:38:18,206 INFO L272 TraceCheckUtils]: 17: Hoare triple {11379#true} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {11386#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:18,206 INFO L290 TraceCheckUtils]: 18: Hoare triple {11386#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {11379#true} is VALID [2022-02-20 14:38:18,206 INFO L290 TraceCheckUtils]: 19: Hoare triple {11379#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {11379#true} is VALID [2022-02-20 14:38:18,206 INFO L290 TraceCheckUtils]: 20: Hoare triple {11379#true} assume true; {11379#true} is VALID [2022-02-20 14:38:18,206 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {11379#true} {11379#true} #743#return; {11379#true} is VALID [2022-02-20 14:38:18,206 INFO L290 TraceCheckUtils]: 22: Hoare triple {11379#true} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {11379#true} is VALID [2022-02-20 14:38:18,207 INFO L290 TraceCheckUtils]: 23: Hoare triple {11379#true} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {11379#true} is VALID [2022-02-20 14:38:18,207 INFO L290 TraceCheckUtils]: 24: Hoare triple {11379#true} assume !(1 == ~pended~0); {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,207 INFO L290 TraceCheckUtils]: 25: Hoare triple {11385#(not (= ~pended~0 1))} assume !(1 == ~pended~0); {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,208 INFO L290 TraceCheckUtils]: 26: Hoare triple {11385#(not (= ~pended~0 1))} assume ~s~0 != ~UNLOADED~0; {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,208 INFO L290 TraceCheckUtils]: 27: Hoare triple {11385#(not (= ~pended~0 1))} assume -1 != main_~status~1#1; {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,208 INFO L290 TraceCheckUtils]: 28: Hoare triple {11385#(not (= ~pended~0 1))} assume ~s~0 != ~SKIP2~0; {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,209 INFO L290 TraceCheckUtils]: 29: Hoare triple {11385#(not (= ~pended~0 1))} assume ~s~0 != ~IPC~0; {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,209 INFO L290 TraceCheckUtils]: 30: Hoare triple {11385#(not (= ~pended~0 1))} assume ~s~0 == ~DC~0; {11385#(not (= ~pended~0 1))} is VALID [2022-02-20 14:38:18,210 INFO L290 TraceCheckUtils]: 31: Hoare triple {11385#(not (= ~pended~0 1))} assume 1 == ~pended~0; {11380#false} is VALID [2022-02-20 14:38:18,210 INFO L290 TraceCheckUtils]: 32: Hoare triple {11380#false} assume 259 != main_~status~1#1; {11380#false} is VALID [2022-02-20 14:38:18,210 INFO L272 TraceCheckUtils]: 33: Hoare triple {11380#false} call errorFn(); {11380#false} is VALID [2022-02-20 14:38:18,210 INFO L290 TraceCheckUtils]: 34: Hoare triple {11380#false} assume !false; {11380#false} is VALID [2022-02-20 14:38:18,210 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:18,211 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:18,211 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1095076841] [2022-02-20 14:38:18,211 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1095076841] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:18,211 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:18,211 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:18,211 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1240736771] [2022-02-20 14:38:18,211 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:18,212 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-20 14:38:18,212 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:18,212 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:18,235 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:18,236 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:18,236 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:18,236 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:18,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:18,237 INFO L87 Difference]: Start difference. First operand 268 states and 368 transitions. Second operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:18,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:18,651 INFO L93 Difference]: Finished difference Result 286 states and 390 transitions. [2022-02-20 14:38:18,651 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:18,651 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-20 14:38:18,651 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:18,652 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:18,654 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 299 transitions. [2022-02-20 14:38:18,655 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:18,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 299 transitions. [2022-02-20 14:38:18,657 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 299 transitions. [2022-02-20 14:38:18,883 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 299 edges. 299 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:18,888 INFO L225 Difference]: With dead ends: 286 [2022-02-20 14:38:18,888 INFO L226 Difference]: Without dead ends: 232 [2022-02-20 14:38:18,888 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:18,889 INFO L933 BasicCegarLoop]: 247 mSDtfsCounter, 289 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 59 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 289 SdHoareTripleChecker+Valid, 425 SdHoareTripleChecker+Invalid, 92 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 59 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:18,889 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [289 Valid, 425 Invalid, 92 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 59 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:18,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2022-02-20 14:38:18,951 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 210. [2022-02-20 14:38:18,951 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:18,951 INFO L82 GeneralOperation]: Start isEquivalent. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:18,952 INFO L74 IsIncluded]: Start isIncluded. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:18,952 INFO L87 Difference]: Start difference. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:18,957 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:18,957 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-20 14:38:18,957 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-20 14:38:18,958 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:18,958 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:18,958 INFO L74 IsIncluded]: Start isIncluded. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-20 14:38:18,961 INFO L87 Difference]: Start difference. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-20 14:38:18,966 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:18,967 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-20 14:38:18,967 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-20 14:38:18,967 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:18,967 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:18,968 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:18,968 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:18,968 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:18,975 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 287 transitions. [2022-02-20 14:38:18,975 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 287 transitions. Word has length 35 [2022-02-20 14:38:18,976 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:18,976 INFO L470 AbstractCegarLoop]: Abstraction has 210 states and 287 transitions. [2022-02-20 14:38:18,976 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:18,976 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 287 transitions. [2022-02-20 14:38:18,977 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 14:38:18,978 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:18,978 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:18,978 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-02-20 14:38:18,978 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:18,979 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:18,979 INFO L85 PathProgramCache]: Analyzing trace with hash -152990302, now seen corresponding path program 1 times [2022-02-20 14:38:18,979 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:18,979 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [909634424] [2022-02-20 14:38:18,979 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:18,979 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:19,004 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:19,033 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-20 14:38:19,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:19,039 INFO L290 TraceCheckUtils]: 0: Hoare triple {12535#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {12525#true} is VALID [2022-02-20 14:38:19,039 INFO L290 TraceCheckUtils]: 1: Hoare triple {12525#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {12525#true} is VALID [2022-02-20 14:38:19,039 INFO L290 TraceCheckUtils]: 2: Hoare triple {12525#true} assume true; {12525#true} is VALID [2022-02-20 14:38:19,040 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {12525#true} {12525#true} #755#return; {12525#true} is VALID [2022-02-20 14:38:19,043 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-02-20 14:38:19,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:19,055 INFO L290 TraceCheckUtils]: 0: Hoare triple {12536#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,056 INFO L290 TraceCheckUtils]: 1: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume true; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,057 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} {12525#true} #757#return; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,057 INFO L290 TraceCheckUtils]: 0: Hoare triple {12525#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {12525#true} is VALID [2022-02-20 14:38:19,057 INFO L290 TraceCheckUtils]: 1: Hoare triple {12525#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {12525#true} is VALID [2022-02-20 14:38:19,057 INFO L290 TraceCheckUtils]: 2: Hoare triple {12525#true} assume { :end_inline__BLAST_init } true; {12525#true} is VALID [2022-02-20 14:38:19,057 INFO L290 TraceCheckUtils]: 3: Hoare triple {12525#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {12525#true} is VALID [2022-02-20 14:38:19,057 INFO L290 TraceCheckUtils]: 4: Hoare triple {12525#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 5: Hoare triple {12525#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 6: Hoare triple {12525#true} assume { :end_inline_stub_driver_init } true; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 7: Hoare triple {12525#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 8: Hoare triple {12525#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 9: Hoare triple {12525#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {12525#true} is VALID [2022-02-20 14:38:19,058 INFO L290 TraceCheckUtils]: 10: Hoare triple {12525#true} assume 3 == main_~tmp_ndt_3~0#1; {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 11: Hoare triple {12525#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 12: Hoare triple {12525#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 13: Hoare triple {12525#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 14: Hoare triple {12525#true} assume !(~s~0 != ~NP~0); {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 15: Hoare triple {12525#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {12525#true} is VALID [2022-02-20 14:38:19,059 INFO L290 TraceCheckUtils]: 16: Hoare triple {12525#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {12525#true} is VALID [2022-02-20 14:38:19,060 INFO L272 TraceCheckUtils]: 17: Hoare triple {12525#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {12525#true} is VALID [2022-02-20 14:38:19,060 INFO L290 TraceCheckUtils]: 18: Hoare triple {12525#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {12525#true} is VALID [2022-02-20 14:38:19,060 INFO L290 TraceCheckUtils]: 19: Hoare triple {12525#true} assume 0 != ~compRegistered~0; {12525#true} is VALID [2022-02-20 14:38:19,061 INFO L272 TraceCheckUtils]: 20: Hoare triple {12525#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {12535#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:19,061 INFO L290 TraceCheckUtils]: 21: Hoare triple {12535#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {12525#true} is VALID [2022-02-20 14:38:19,061 INFO L290 TraceCheckUtils]: 22: Hoare triple {12525#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {12525#true} is VALID [2022-02-20 14:38:19,061 INFO L290 TraceCheckUtils]: 23: Hoare triple {12525#true} assume true; {12525#true} is VALID [2022-02-20 14:38:19,061 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {12525#true} {12525#true} #755#return; {12525#true} is VALID [2022-02-20 14:38:19,062 INFO L290 TraceCheckUtils]: 25: Hoare triple {12525#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {12525#true} is VALID [2022-02-20 14:38:19,062 INFO L290 TraceCheckUtils]: 26: Hoare triple {12525#true} assume -1073741802 == ~__cil_tmp7~0; {12525#true} is VALID [2022-02-20 14:38:19,062 INFO L272 TraceCheckUtils]: 27: Hoare triple {12525#true} call stubMoreProcessingRequired(); {12536#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:19,063 INFO L290 TraceCheckUtils]: 28: Hoare triple {12536#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,063 INFO L290 TraceCheckUtils]: 29: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume true; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,064 INFO L284 TraceCheckUtils]: 30: Hoare quadruple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} {12525#true} #757#return; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,064 INFO L290 TraceCheckUtils]: 31: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,064 INFO L290 TraceCheckUtils]: 32: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume 0 == ~tmp_ndt_6~0; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,065 INFO L290 TraceCheckUtils]: 33: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} ~returnVal2~0 := 0; {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,065 INFO L290 TraceCheckUtils]: 34: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume !(~s~0 == ~NP~0); {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-20 14:38:19,066 INFO L290 TraceCheckUtils]: 35: Hoare triple {12534#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume !(~s~0 == ~MPR1~0); {12526#false} is VALID [2022-02-20 14:38:19,066 INFO L290 TraceCheckUtils]: 36: Hoare triple {12526#false} assume !(~s~0 == ~SKIP1~0); {12526#false} is VALID [2022-02-20 14:38:19,066 INFO L272 TraceCheckUtils]: 37: Hoare triple {12526#false} call errorFn(); {12526#false} is VALID [2022-02-20 14:38:19,066 INFO L290 TraceCheckUtils]: 38: Hoare triple {12526#false} assume !false; {12526#false} is VALID [2022-02-20 14:38:19,067 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:19,067 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:19,067 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [909634424] [2022-02-20 14:38:19,067 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [909634424] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:19,067 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:19,067 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:19,067 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1247954735] [2022-02-20 14:38:19,068 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:19,069 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-20 14:38:19,069 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:19,069 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:19,095 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:19,095 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:19,095 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:19,096 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:19,096 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:19,097 INFO L87 Difference]: Start difference. First operand 210 states and 287 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:19,706 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:19,707 INFO L93 Difference]: Finished difference Result 234 states and 316 transitions. [2022-02-20 14:38:19,707 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 14:38:19,707 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-20 14:38:19,707 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:19,707 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:19,710 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 305 transitions. [2022-02-20 14:38:19,710 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:19,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 305 transitions. [2022-02-20 14:38:19,713 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 305 transitions. [2022-02-20 14:38:19,946 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 305 edges. 305 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:19,950 INFO L225 Difference]: With dead ends: 234 [2022-02-20 14:38:19,950 INFO L226 Difference]: Without dead ends: 208 [2022-02-20 14:38:19,951 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 14:38:19,951 INFO L933 BasicCegarLoop]: 246 mSDtfsCounter, 84 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 816 SdHoareTripleChecker+Invalid, 151 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:19,952 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [84 Valid, 816 Invalid, 151 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:19,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-20 14:38:19,992 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 208. [2022-02-20 14:38:19,992 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:19,992 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:19,993 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:19,994 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:19,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:19,998 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-20 14:38:19,998 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:19,999 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:19,999 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:20,000 INFO L74 IsIncluded]: Start isIncluded. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-20 14:38:20,000 INFO L87 Difference]: Start difference. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-20 14:38:20,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:20,005 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-20 14:38:20,005 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:20,006 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:20,006 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:20,006 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:20,006 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:20,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:20,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 283 transitions. [2022-02-20 14:38:20,012 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 283 transitions. Word has length 39 [2022-02-20 14:38:20,012 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:20,012 INFO L470 AbstractCegarLoop]: Abstraction has 208 states and 283 transitions. [2022-02-20 14:38:20,013 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:20,013 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:20,014 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 14:38:20,014 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:20,014 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:20,015 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-02-20 14:38:20,015 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:20,015 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:20,015 INFO L85 PathProgramCache]: Analyzing trace with hash 143802695, now seen corresponding path program 1 times [2022-02-20 14:38:20,015 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:20,016 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [628737705] [2022-02-20 14:38:20,016 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:20,016 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:20,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:20,084 INFO L290 TraceCheckUtils]: 0: Hoare triple {13556#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {13556#true} is VALID [2022-02-20 14:38:20,085 INFO L290 TraceCheckUtils]: 1: Hoare triple {13556#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {13556#true} is VALID [2022-02-20 14:38:20,085 INFO L290 TraceCheckUtils]: 2: Hoare triple {13556#true} assume { :end_inline__BLAST_init } true; {13556#true} is VALID [2022-02-20 14:38:20,085 INFO L290 TraceCheckUtils]: 3: Hoare triple {13556#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {13556#true} is VALID [2022-02-20 14:38:20,085 INFO L290 TraceCheckUtils]: 4: Hoare triple {13556#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {13556#true} is VALID [2022-02-20 14:38:20,085 INFO L290 TraceCheckUtils]: 5: Hoare triple {13556#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 6: Hoare triple {13556#true} assume { :end_inline_stub_driver_init } true; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 7: Hoare triple {13556#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 8: Hoare triple {13556#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 9: Hoare triple {13556#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 10: Hoare triple {13556#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {13556#true} is VALID [2022-02-20 14:38:20,086 INFO L290 TraceCheckUtils]: 11: Hoare triple {13556#true} assume 4 == main_~tmp_ndt_4~0#1; {13556#true} is VALID [2022-02-20 14:38:20,087 INFO L290 TraceCheckUtils]: 12: Hoare triple {13556#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;assume -2147483648 <= KbFilter_Power_#t~nondet50#1 && KbFilter_Power_#t~nondet50#1 <= 2147483647;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;assume -2147483648 <= KbFilter_Power_#t~nondet51#1 && KbFilter_Power_#t~nondet51#1 <= 2147483647;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;assume -2147483648 <= KbFilter_Power_#t~nondet52#1 && KbFilter_Power_#t~nondet52#1 <= 2147483647;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;assume -2147483648 <= KbFilter_Power_#t~nondet53#1 && KbFilter_Power_#t~nondet53#1 <= 2147483647;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;assume -2147483648 <= KbFilter_Power_#t~nondet54#1 && KbFilter_Power_#t~nondet54#1 <= 2147483647;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;assume -2147483648 <= KbFilter_Power_#t~nondet55#1 && KbFilter_Power_#t~nondet55#1 <= 2147483647;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {13556#true} is VALID [2022-02-20 14:38:20,087 INFO L290 TraceCheckUtils]: 13: Hoare triple {13556#true} assume 2 == KbFilter_Power_~irpStack__MinorFunction~1#1; {13556#true} is VALID [2022-02-20 14:38:20,087 INFO L290 TraceCheckUtils]: 14: Hoare triple {13556#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {13556#true} is VALID [2022-02-20 14:38:20,087 INFO L290 TraceCheckUtils]: 15: Hoare triple {13556#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {13556#true} is VALID [2022-02-20 14:38:20,087 INFO L290 TraceCheckUtils]: 16: Hoare triple {13556#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := 1 + KbFilter_Power_#t~post56#1;havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := 1 + KbFilter_Power_#t~post57#1;havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;assume -2147483648 <= PoCallDriver_#t~nondet59#1 && PoCallDriver_#t~nondet59#1 <= 2147483647;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 17: Hoare triple {13556#true} assume !(0 != ~compRegistered~0); {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 18: Hoare triple {13556#true} havoc PoCallDriver_~tmp_ndt_9~0#1;assume -2147483648 <= PoCallDriver_#t~nondet61#1 && PoCallDriver_#t~nondet61#1 <= 2147483647;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 19: Hoare triple {13556#true} assume 0 == PoCallDriver_~tmp_ndt_9~0#1; {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 20: Hoare triple {13556#true} PoCallDriver_~returnVal~0#1 := 0; {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 21: Hoare triple {13556#true} assume !(~s~0 == ~NP~0); {13556#true} is VALID [2022-02-20 14:38:20,088 INFO L290 TraceCheckUtils]: 22: Hoare triple {13556#true} assume !(~s~0 == ~MPR1~0); {13556#true} is VALID [2022-02-20 14:38:20,094 INFO L290 TraceCheckUtils]: 23: Hoare triple {13556#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {13558#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-20 14:38:20,095 INFO L290 TraceCheckUtils]: 24: Hoare triple {13558#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {13559#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_#res#1|)} is VALID [2022-02-20 14:38:20,096 INFO L290 TraceCheckUtils]: 25: Hoare triple {13559#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_#res#1|)} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;assume -2147483648 <= KbFilter_Power_#t~ret58#1 && KbFilter_Power_#t~ret58#1 <= 2147483647;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {13560#(= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,096 INFO L290 TraceCheckUtils]: 26: Hoare triple {13560#(= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0)} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;assume -2147483648 <= main_#t~ret32#1 && main_#t~ret32#1 <= 2147483647;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,096 INFO L290 TraceCheckUtils]: 27: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,097 INFO L290 TraceCheckUtils]: 28: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,097 INFO L290 TraceCheckUtils]: 29: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,098 INFO L290 TraceCheckUtils]: 30: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,098 INFO L290 TraceCheckUtils]: 31: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,098 INFO L290 TraceCheckUtils]: 32: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,099 INFO L290 TraceCheckUtils]: 33: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:20,099 INFO L290 TraceCheckUtils]: 34: Hoare triple {13561#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {13557#false} is VALID [2022-02-20 14:38:20,099 INFO L272 TraceCheckUtils]: 35: Hoare triple {13557#false} call errorFn(); {13557#false} is VALID [2022-02-20 14:38:20,100 INFO L290 TraceCheckUtils]: 36: Hoare triple {13557#false} assume !false; {13557#false} is VALID [2022-02-20 14:38:20,100 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:20,100 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:20,100 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [628737705] [2022-02-20 14:38:20,100 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [628737705] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:20,100 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:20,101 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 14:38:20,101 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [236981990] [2022-02-20 14:38:20,101 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:20,101 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-20 14:38:20,101 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:20,102 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:20,126 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:20,127 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 14:38:20,127 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:20,127 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 14:38:20,127 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 14:38:20,128 INFO L87 Difference]: Start difference. First operand 208 states and 283 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:20,729 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:20,729 INFO L93 Difference]: Finished difference Result 220 states and 295 transitions. [2022-02-20 14:38:20,729 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:20,730 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-20 14:38:20,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:20,731 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:20,733 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 261 transitions. [2022-02-20 14:38:20,733 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:20,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 261 transitions. [2022-02-20 14:38:20,736 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 261 transitions. [2022-02-20 14:38:20,924 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 261 edges. 261 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:20,927 INFO L225 Difference]: With dead ends: 220 [2022-02-20 14:38:20,927 INFO L226 Difference]: Without dead ends: 186 [2022-02-20 14:38:20,928 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 14:38:20,928 INFO L933 BasicCegarLoop]: 244 mSDtfsCounter, 36 mSDsluCounter, 922 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 1166 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:20,928 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [36 Valid, 1166 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:20,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2022-02-20 14:38:20,975 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 186. [2022-02-20 14:38:20,976 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:20,976 INFO L82 GeneralOperation]: Start isEquivalent. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:20,977 INFO L74 IsIncluded]: Start isIncluded. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:20,977 INFO L87 Difference]: Start difference. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:20,981 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:20,981 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-20 14:38:20,981 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-20 14:38:20,982 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:20,982 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:20,982 INFO L74 IsIncluded]: Start isIncluded. First operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-20 14:38:20,982 INFO L87 Difference]: Start difference. First operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-20 14:38:20,986 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:20,986 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-20 14:38:20,986 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-20 14:38:20,987 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:20,987 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:20,987 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:20,987 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:20,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:20,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 186 states to 186 states and 251 transitions. [2022-02-20 14:38:20,992 INFO L78 Accepts]: Start accepts. Automaton has 186 states and 251 transitions. Word has length 37 [2022-02-20 14:38:20,992 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:20,992 INFO L470 AbstractCegarLoop]: Abstraction has 186 states and 251 transitions. [2022-02-20 14:38:20,992 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:20,992 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-20 14:38:20,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-02-20 14:38:20,993 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:20,993 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:20,993 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-02-20 14:38:20,993 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:20,994 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:20,994 INFO L85 PathProgramCache]: Analyzing trace with hash 793066956, now seen corresponding path program 1 times [2022-02-20 14:38:20,994 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:20,994 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [391185873] [2022-02-20 14:38:20,994 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:20,994 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:21,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:21,070 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:21,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:21,100 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 14:38:21,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:21,112 INFO L290 TraceCheckUtils]: 0: Hoare triple {14514#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14487#true} is VALID [2022-02-20 14:38:21,112 INFO L290 TraceCheckUtils]: 1: Hoare triple {14487#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14487#true} is VALID [2022-02-20 14:38:21,112 INFO L290 TraceCheckUtils]: 2: Hoare triple {14487#true} assume true; {14487#true} is VALID [2022-02-20 14:38:21,112 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {14487#true} {14487#true} #755#return; {14487#true} is VALID [2022-02-20 14:38:21,113 INFO L290 TraceCheckUtils]: 0: Hoare triple {14507#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {14487#true} is VALID [2022-02-20 14:38:21,113 INFO L290 TraceCheckUtils]: 1: Hoare triple {14487#true} assume 0 != ~compRegistered~0; {14487#true} is VALID [2022-02-20 14:38:21,114 INFO L272 TraceCheckUtils]: 2: Hoare triple {14487#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {14514#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:21,114 INFO L290 TraceCheckUtils]: 3: Hoare triple {14514#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14487#true} is VALID [2022-02-20 14:38:21,114 INFO L290 TraceCheckUtils]: 4: Hoare triple {14487#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14487#true} is VALID [2022-02-20 14:38:21,114 INFO L290 TraceCheckUtils]: 5: Hoare triple {14487#true} assume true; {14487#true} is VALID [2022-02-20 14:38:21,114 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {14487#true} {14487#true} #755#return; {14487#true} is VALID [2022-02-20 14:38:21,114 INFO L290 TraceCheckUtils]: 7: Hoare triple {14487#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {14487#true} is VALID [2022-02-20 14:38:21,115 INFO L290 TraceCheckUtils]: 8: Hoare triple {14487#true} assume !(-1073741802 == ~__cil_tmp7~0); {14487#true} is VALID [2022-02-20 14:38:21,115 INFO L290 TraceCheckUtils]: 9: Hoare triple {14487#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {14487#true} is VALID [2022-02-20 14:38:21,116 INFO L290 TraceCheckUtils]: 10: Hoare triple {14487#true} assume 0 == ~tmp_ndt_6~0; {14487#true} is VALID [2022-02-20 14:38:21,119 INFO L290 TraceCheckUtils]: 11: Hoare triple {14487#true} ~returnVal2~0 := 0; {14512#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:21,120 INFO L290 TraceCheckUtils]: 12: Hoare triple {14512#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {14512#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:21,121 INFO L290 TraceCheckUtils]: 13: Hoare triple {14512#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {14513#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:21,122 INFO L290 TraceCheckUtils]: 14: Hoare triple {14513#(= |IofCallDriver_#res| 0)} assume true; {14513#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:21,123 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {14513#(= |IofCallDriver_#res| 0)} {14487#true} #717#return; {14505#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-20 14:38:21,124 INFO L290 TraceCheckUtils]: 0: Hoare triple {14487#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {14487#true} is VALID [2022-02-20 14:38:21,125 INFO L290 TraceCheckUtils]: 1: Hoare triple {14487#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {14487#true} is VALID [2022-02-20 14:38:21,125 INFO L290 TraceCheckUtils]: 2: Hoare triple {14487#true} assume { :end_inline__BLAST_init } true; {14487#true} is VALID [2022-02-20 14:38:21,125 INFO L290 TraceCheckUtils]: 3: Hoare triple {14487#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {14487#true} is VALID [2022-02-20 14:38:21,125 INFO L290 TraceCheckUtils]: 4: Hoare triple {14487#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {14487#true} is VALID [2022-02-20 14:38:21,125 INFO L290 TraceCheckUtils]: 5: Hoare triple {14487#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {14487#true} is VALID [2022-02-20 14:38:21,126 INFO L290 TraceCheckUtils]: 6: Hoare triple {14487#true} assume { :end_inline_stub_driver_init } true; {14487#true} is VALID [2022-02-20 14:38:21,126 INFO L290 TraceCheckUtils]: 7: Hoare triple {14487#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {14487#true} is VALID [2022-02-20 14:38:21,126 INFO L290 TraceCheckUtils]: 8: Hoare triple {14487#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {14487#true} is VALID [2022-02-20 14:38:21,126 INFO L290 TraceCheckUtils]: 9: Hoare triple {14487#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {14487#true} is VALID [2022-02-20 14:38:21,128 INFO L290 TraceCheckUtils]: 10: Hoare triple {14487#true} assume 3 == main_~tmp_ndt_3~0#1; {14487#true} is VALID [2022-02-20 14:38:21,129 INFO L290 TraceCheckUtils]: 11: Hoare triple {14487#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {14487#true} is VALID [2022-02-20 14:38:21,129 INFO L290 TraceCheckUtils]: 12: Hoare triple {14487#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {14487#true} is VALID [2022-02-20 14:38:21,129 INFO L290 TraceCheckUtils]: 13: Hoare triple {14487#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {14487#true} is VALID [2022-02-20 14:38:21,129 INFO L290 TraceCheckUtils]: 14: Hoare triple {14487#true} assume !(~s~0 != ~NP~0); {14487#true} is VALID [2022-02-20 14:38:21,129 INFO L290 TraceCheckUtils]: 15: Hoare triple {14487#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {14487#true} is VALID [2022-02-20 14:38:21,130 INFO L290 TraceCheckUtils]: 16: Hoare triple {14487#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {14487#true} is VALID [2022-02-20 14:38:21,131 INFO L272 TraceCheckUtils]: 17: Hoare triple {14487#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {14507#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:21,131 INFO L290 TraceCheckUtils]: 18: Hoare triple {14507#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {14487#true} is VALID [2022-02-20 14:38:21,131 INFO L290 TraceCheckUtils]: 19: Hoare triple {14487#true} assume 0 != ~compRegistered~0; {14487#true} is VALID [2022-02-20 14:38:21,132 INFO L272 TraceCheckUtils]: 20: Hoare triple {14487#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {14514#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:21,132 INFO L290 TraceCheckUtils]: 21: Hoare triple {14514#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14487#true} is VALID [2022-02-20 14:38:21,132 INFO L290 TraceCheckUtils]: 22: Hoare triple {14487#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14487#true} is VALID [2022-02-20 14:38:21,132 INFO L290 TraceCheckUtils]: 23: Hoare triple {14487#true} assume true; {14487#true} is VALID [2022-02-20 14:38:21,132 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {14487#true} {14487#true} #755#return; {14487#true} is VALID [2022-02-20 14:38:21,132 INFO L290 TraceCheckUtils]: 25: Hoare triple {14487#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {14487#true} is VALID [2022-02-20 14:38:21,133 INFO L290 TraceCheckUtils]: 26: Hoare triple {14487#true} assume !(-1073741802 == ~__cil_tmp7~0); {14487#true} is VALID [2022-02-20 14:38:21,133 INFO L290 TraceCheckUtils]: 27: Hoare triple {14487#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {14487#true} is VALID [2022-02-20 14:38:21,133 INFO L290 TraceCheckUtils]: 28: Hoare triple {14487#true} assume 0 == ~tmp_ndt_6~0; {14487#true} is VALID [2022-02-20 14:38:21,133 INFO L290 TraceCheckUtils]: 29: Hoare triple {14487#true} ~returnVal2~0 := 0; {14512#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:21,134 INFO L290 TraceCheckUtils]: 30: Hoare triple {14512#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {14512#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:21,134 INFO L290 TraceCheckUtils]: 31: Hoare triple {14512#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {14513#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:21,134 INFO L290 TraceCheckUtils]: 32: Hoare triple {14513#(= |IofCallDriver_#res| 0)} assume true; {14513#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:21,135 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {14513#(= |IofCallDriver_#res| 0)} {14487#true} #717#return; {14505#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-20 14:38:21,136 INFO L290 TraceCheckUtils]: 34: Hoare triple {14505#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {14506#(= |ULTIMATE.start_KbFilter_PnP_~__cil_tmp23~0#1| 0)} is VALID [2022-02-20 14:38:21,136 INFO L290 TraceCheckUtils]: 35: Hoare triple {14506#(= |ULTIMATE.start_KbFilter_PnP_~__cil_tmp23~0#1| 0)} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {14488#false} is VALID [2022-02-20 14:38:21,136 INFO L290 TraceCheckUtils]: 36: Hoare triple {14488#false} assume !(~s~0 == ~MPR3~0); {14488#false} is VALID [2022-02-20 14:38:21,136 INFO L290 TraceCheckUtils]: 37: Hoare triple {14488#false} assume !(1 == ~customIrp~0); {14488#false} is VALID [2022-02-20 14:38:21,137 INFO L290 TraceCheckUtils]: 38: Hoare triple {14488#false} assume ~s~0 == ~MPR3~0; {14488#false} is VALID [2022-02-20 14:38:21,137 INFO L272 TraceCheckUtils]: 39: Hoare triple {14488#false} call errorFn(); {14488#false} is VALID [2022-02-20 14:38:21,137 INFO L290 TraceCheckUtils]: 40: Hoare triple {14488#false} assume !false; {14488#false} is VALID [2022-02-20 14:38:21,138 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:21,139 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:21,139 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [391185873] [2022-02-20 14:38:21,139 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [391185873] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:21,139 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:21,139 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 14:38:21,139 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1978188278] [2022-02-20 14:38:21,139 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:21,140 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-02-20 14:38:21,140 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:21,140 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:21,171 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 41 edges. 41 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:21,172 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 14:38:21,172 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:21,172 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 14:38:21,172 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 14:38:21,173 INFO L87 Difference]: Start difference. First operand 186 states and 251 transitions. Second operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:22,023 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:22,023 INFO L93 Difference]: Finished difference Result 267 states and 354 transitions. [2022-02-20 14:38:22,023 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 14:38:22,023 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-02-20 14:38:22,024 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:22,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:22,027 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 321 transitions. [2022-02-20 14:38:22,027 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:22,030 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 321 transitions. [2022-02-20 14:38:22,030 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 321 transitions. [2022-02-20 14:38:22,280 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 321 edges. 321 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:22,284 INFO L225 Difference]: With dead ends: 267 [2022-02-20 14:38:22,284 INFO L226 Difference]: Without dead ends: 204 [2022-02-20 14:38:22,284 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=97, Unknown=0, NotChecked=0, Total=132 [2022-02-20 14:38:22,285 INFO L933 BasicCegarLoop]: 203 mSDtfsCounter, 58 mSDsluCounter, 1076 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 1279 SdHoareTripleChecker+Invalid, 192 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:22,285 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [58 Valid, 1279 Invalid, 192 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:22,285 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2022-02-20 14:38:22,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 194. [2022-02-20 14:38:22,314 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:22,315 INFO L82 GeneralOperation]: Start isEquivalent. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:22,315 INFO L74 IsIncluded]: Start isIncluded. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:22,316 INFO L87 Difference]: Start difference. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:22,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:22,320 INFO L93 Difference]: Finished difference Result 204 states and 275 transitions. [2022-02-20 14:38:22,320 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 275 transitions. [2022-02-20 14:38:22,321 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:22,321 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:22,321 INFO L74 IsIncluded]: Start isIncluded. First operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 204 states. [2022-02-20 14:38:22,322 INFO L87 Difference]: Start difference. First operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 204 states. [2022-02-20 14:38:22,326 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:22,326 INFO L93 Difference]: Finished difference Result 204 states and 275 transitions. [2022-02-20 14:38:22,326 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 275 transitions. [2022-02-20 14:38:22,327 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:22,327 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:22,327 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:22,327 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:22,328 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:22,332 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 260 transitions. [2022-02-20 14:38:22,332 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 260 transitions. Word has length 41 [2022-02-20 14:38:22,332 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:22,332 INFO L470 AbstractCegarLoop]: Abstraction has 194 states and 260 transitions. [2022-02-20 14:38:22,332 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:22,332 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 260 transitions. [2022-02-20 14:38:22,333 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-20 14:38:22,333 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:22,333 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:22,333 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2022-02-20 14:38:22,334 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:22,334 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:22,334 INFO L85 PathProgramCache]: Analyzing trace with hash 493706385, now seen corresponding path program 1 times [2022-02-20 14:38:22,334 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:22,334 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [832108650] [2022-02-20 14:38:22,335 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:22,335 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:22,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:22,382 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:22,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:22,410 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 14:38:22,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:22,416 INFO L290 TraceCheckUtils]: 0: Hoare triple {15568#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15541#true} is VALID [2022-02-20 14:38:22,416 INFO L290 TraceCheckUtils]: 1: Hoare triple {15541#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15541#true} is VALID [2022-02-20 14:38:22,416 INFO L290 TraceCheckUtils]: 2: Hoare triple {15541#true} assume true; {15541#true} is VALID [2022-02-20 14:38:22,416 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {15541#true} {15541#true} #755#return; {15541#true} is VALID [2022-02-20 14:38:22,417 INFO L290 TraceCheckUtils]: 0: Hoare triple {15561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {15541#true} is VALID [2022-02-20 14:38:22,417 INFO L290 TraceCheckUtils]: 1: Hoare triple {15541#true} assume 0 != ~compRegistered~0; {15541#true} is VALID [2022-02-20 14:38:22,417 INFO L272 TraceCheckUtils]: 2: Hoare triple {15541#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {15568#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:22,418 INFO L290 TraceCheckUtils]: 3: Hoare triple {15568#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15541#true} is VALID [2022-02-20 14:38:22,418 INFO L290 TraceCheckUtils]: 4: Hoare triple {15541#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15541#true} is VALID [2022-02-20 14:38:22,418 INFO L290 TraceCheckUtils]: 5: Hoare triple {15541#true} assume true; {15541#true} is VALID [2022-02-20 14:38:22,418 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {15541#true} {15541#true} #755#return; {15541#true} is VALID [2022-02-20 14:38:22,418 INFO L290 TraceCheckUtils]: 7: Hoare triple {15541#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {15541#true} is VALID [2022-02-20 14:38:22,418 INFO L290 TraceCheckUtils]: 8: Hoare triple {15541#true} assume !(-1073741802 == ~__cil_tmp7~0); {15541#true} is VALID [2022-02-20 14:38:22,419 INFO L290 TraceCheckUtils]: 9: Hoare triple {15541#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {15541#true} is VALID [2022-02-20 14:38:22,419 INFO L290 TraceCheckUtils]: 10: Hoare triple {15541#true} assume 0 == ~tmp_ndt_6~0; {15541#true} is VALID [2022-02-20 14:38:22,419 INFO L290 TraceCheckUtils]: 11: Hoare triple {15541#true} ~returnVal2~0 := 0; {15566#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:22,419 INFO L290 TraceCheckUtils]: 12: Hoare triple {15566#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {15566#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:22,420 INFO L290 TraceCheckUtils]: 13: Hoare triple {15566#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {15567#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:22,420 INFO L290 TraceCheckUtils]: 14: Hoare triple {15567#(= |IofCallDriver_#res| 0)} assume true; {15567#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:22,421 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {15567#(= |IofCallDriver_#res| 0)} {15541#true} #717#return; {15559#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-20 14:38:22,421 INFO L290 TraceCheckUtils]: 0: Hoare triple {15541#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {15541#true} is VALID [2022-02-20 14:38:22,421 INFO L290 TraceCheckUtils]: 1: Hoare triple {15541#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 2: Hoare triple {15541#true} assume { :end_inline__BLAST_init } true; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 3: Hoare triple {15541#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 4: Hoare triple {15541#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 5: Hoare triple {15541#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 6: Hoare triple {15541#true} assume { :end_inline_stub_driver_init } true; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 7: Hoare triple {15541#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {15541#true} is VALID [2022-02-20 14:38:22,422 INFO L290 TraceCheckUtils]: 8: Hoare triple {15541#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 9: Hoare triple {15541#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 10: Hoare triple {15541#true} assume 3 == main_~tmp_ndt_3~0#1; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 11: Hoare triple {15541#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 12: Hoare triple {15541#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 13: Hoare triple {15541#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 14: Hoare triple {15541#true} assume !(~s~0 != ~NP~0); {15541#true} is VALID [2022-02-20 14:38:22,423 INFO L290 TraceCheckUtils]: 15: Hoare triple {15541#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {15541#true} is VALID [2022-02-20 14:38:22,424 INFO L290 TraceCheckUtils]: 16: Hoare triple {15541#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {15541#true} is VALID [2022-02-20 14:38:22,424 INFO L272 TraceCheckUtils]: 17: Hoare triple {15541#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {15561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:22,424 INFO L290 TraceCheckUtils]: 18: Hoare triple {15561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {15541#true} is VALID [2022-02-20 14:38:22,425 INFO L290 TraceCheckUtils]: 19: Hoare triple {15541#true} assume 0 != ~compRegistered~0; {15541#true} is VALID [2022-02-20 14:38:22,425 INFO L272 TraceCheckUtils]: 20: Hoare triple {15541#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {15568#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 21: Hoare triple {15568#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 22: Hoare triple {15541#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 23: Hoare triple {15541#true} assume true; {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {15541#true} {15541#true} #755#return; {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 25: Hoare triple {15541#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 26: Hoare triple {15541#true} assume !(-1073741802 == ~__cil_tmp7~0); {15541#true} is VALID [2022-02-20 14:38:22,426 INFO L290 TraceCheckUtils]: 27: Hoare triple {15541#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {15541#true} is VALID [2022-02-20 14:38:22,427 INFO L290 TraceCheckUtils]: 28: Hoare triple {15541#true} assume 0 == ~tmp_ndt_6~0; {15541#true} is VALID [2022-02-20 14:38:22,427 INFO L290 TraceCheckUtils]: 29: Hoare triple {15541#true} ~returnVal2~0 := 0; {15566#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:22,427 INFO L290 TraceCheckUtils]: 30: Hoare triple {15566#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {15566#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-20 14:38:22,428 INFO L290 TraceCheckUtils]: 31: Hoare triple {15566#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {15567#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:22,428 INFO L290 TraceCheckUtils]: 32: Hoare triple {15567#(= |IofCallDriver_#res| 0)} assume true; {15567#(= |IofCallDriver_#res| 0)} is VALID [2022-02-20 14:38:22,429 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {15567#(= |IofCallDriver_#res| 0)} {15541#true} #717#return; {15559#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-20 14:38:22,429 INFO L290 TraceCheckUtils]: 34: Hoare triple {15559#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {15560#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} is VALID [2022-02-20 14:38:22,430 INFO L290 TraceCheckUtils]: 35: Hoare triple {15560#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} assume !(259 == KbFilter_PnP_~__cil_tmp23~0#1); {15560#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} is VALID [2022-02-20 14:38:22,430 INFO L290 TraceCheckUtils]: 36: Hoare triple {15560#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} assume !(KbFilter_PnP_~status~0#1 >= 0); {15542#false} is VALID [2022-02-20 14:38:22,430 INFO L290 TraceCheckUtils]: 37: Hoare triple {15542#false} KbFilter_PnP_~Irp__IoStatus__Status~0#1 := KbFilter_PnP_~status~0#1;~myStatus~0 := KbFilter_PnP_~status~0#1;KbFilter_PnP_~Irp__IoStatus__Information~0#1 := 0; {15542#false} is VALID [2022-02-20 14:38:22,430 INFO L272 TraceCheckUtils]: 38: Hoare triple {15542#false} call IofCompleteRequest(KbFilter_PnP_~Irp#1, 0); {15542#false} is VALID [2022-02-20 14:38:22,431 INFO L290 TraceCheckUtils]: 39: Hoare triple {15542#false} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {15542#false} is VALID [2022-02-20 14:38:22,431 INFO L290 TraceCheckUtils]: 40: Hoare triple {15542#false} assume !(~s~0 == ~NP~0); {15542#false} is VALID [2022-02-20 14:38:22,431 INFO L272 TraceCheckUtils]: 41: Hoare triple {15542#false} call errorFn(); {15542#false} is VALID [2022-02-20 14:38:22,431 INFO L290 TraceCheckUtils]: 42: Hoare triple {15542#false} assume !false; {15542#false} is VALID [2022-02-20 14:38:22,431 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:22,431 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:22,432 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [832108650] [2022-02-20 14:38:22,432 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [832108650] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:22,432 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:22,432 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 14:38:22,432 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [40944668] [2022-02-20 14:38:22,432 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:22,433 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-20 14:38:22,433 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:22,433 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:22,466 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:22,466 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 14:38:22,466 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:22,467 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 14:38:22,467 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 14:38:22,467 INFO L87 Difference]: Start difference. First operand 194 states and 260 transitions. Second operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:23,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:23,258 INFO L93 Difference]: Finished difference Result 221 states and 292 transitions. [2022-02-20 14:38:23,258 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 14:38:23,258 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-20 14:38:23,258 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:23,258 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:23,260 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 273 transitions. [2022-02-20 14:38:23,260 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:23,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 273 transitions. [2022-02-20 14:38:23,263 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 273 transitions. [2022-02-20 14:38:23,475 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 273 edges. 273 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:23,478 INFO L225 Difference]: With dead ends: 221 [2022-02-20 14:38:23,478 INFO L226 Difference]: Without dead ends: 214 [2022-02-20 14:38:23,479 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2022-02-20 14:38:23,479 INFO L933 BasicCegarLoop]: 214 mSDtfsCounter, 149 mSDsluCounter, 923 mSDsCounter, 0 mSdLazyCounter, 141 mSolverCounterSat, 42 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 157 SdHoareTripleChecker+Valid, 1137 SdHoareTripleChecker+Invalid, 183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 42 IncrementalHoareTripleChecker+Valid, 141 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:23,479 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [157 Valid, 1137 Invalid, 183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [42 Valid, 141 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:23,481 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 214 states. [2022-02-20 14:38:23,510 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 214 to 195. [2022-02-20 14:38:23,510 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:23,511 INFO L82 GeneralOperation]: Start isEquivalent. First operand 214 states. Second operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:23,511 INFO L74 IsIncluded]: Start isIncluded. First operand 214 states. Second operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:23,512 INFO L87 Difference]: Start difference. First operand 214 states. Second operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:23,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:23,516 INFO L93 Difference]: Finished difference Result 214 states and 285 transitions. [2022-02-20 14:38:23,517 INFO L276 IsEmpty]: Start isEmpty. Operand 214 states and 285 transitions. [2022-02-20 14:38:23,518 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:23,518 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:23,519 INFO L74 IsIncluded]: Start isIncluded. First operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 214 states. [2022-02-20 14:38:23,519 INFO L87 Difference]: Start difference. First operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 214 states. [2022-02-20 14:38:23,524 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:23,524 INFO L93 Difference]: Finished difference Result 214 states and 285 transitions. [2022-02-20 14:38:23,524 INFO L276 IsEmpty]: Start isEmpty. Operand 214 states and 285 transitions. [2022-02-20 14:38:23,525 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:23,525 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:23,525 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:23,525 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:23,525 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 195 states, 171 states have (on average 1.3625730994152048) internal successors, (233), 173 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:23,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 195 states to 195 states and 261 transitions. [2022-02-20 14:38:23,529 INFO L78 Accepts]: Start accepts. Automaton has 195 states and 261 transitions. Word has length 43 [2022-02-20 14:38:23,530 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:23,530 INFO L470 AbstractCegarLoop]: Abstraction has 195 states and 261 transitions. [2022-02-20 14:38:23,530 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:23,531 INFO L276 IsEmpty]: Start isEmpty. Operand 195 states and 261 transitions. [2022-02-20 14:38:23,531 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 14:38:23,531 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:23,531 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:23,532 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2022-02-20 14:38:23,532 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:23,532 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:23,532 INFO L85 PathProgramCache]: Analyzing trace with hash 149096210, now seen corresponding path program 1 times [2022-02-20 14:38:23,532 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:23,533 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1844249046] [2022-02-20 14:38:23,533 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:23,533 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:23,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:23,579 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:23,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:23,591 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 14:38:23,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:23,596 INFO L290 TraceCheckUtils]: 0: Hoare triple {16588#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16563#true} is VALID [2022-02-20 14:38:23,596 INFO L290 TraceCheckUtils]: 1: Hoare triple {16563#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16563#true} is VALID [2022-02-20 14:38:23,597 INFO L290 TraceCheckUtils]: 2: Hoare triple {16563#true} assume true; {16563#true} is VALID [2022-02-20 14:38:23,597 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {16563#true} {16563#true} #755#return; {16563#true} is VALID [2022-02-20 14:38:23,597 INFO L290 TraceCheckUtils]: 0: Hoare triple {16583#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16563#true} is VALID [2022-02-20 14:38:23,598 INFO L290 TraceCheckUtils]: 1: Hoare triple {16563#true} assume 0 != ~compRegistered~0; {16563#true} is VALID [2022-02-20 14:38:23,598 INFO L272 TraceCheckUtils]: 2: Hoare triple {16563#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {16588#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:23,599 INFO L290 TraceCheckUtils]: 3: Hoare triple {16588#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16563#true} is VALID [2022-02-20 14:38:23,599 INFO L290 TraceCheckUtils]: 4: Hoare triple {16563#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16563#true} is VALID [2022-02-20 14:38:23,599 INFO L290 TraceCheckUtils]: 5: Hoare triple {16563#true} assume true; {16563#true} is VALID [2022-02-20 14:38:23,599 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {16563#true} {16563#true} #755#return; {16563#true} is VALID [2022-02-20 14:38:23,599 INFO L290 TraceCheckUtils]: 7: Hoare triple {16563#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {16563#true} is VALID [2022-02-20 14:38:23,599 INFO L290 TraceCheckUtils]: 8: Hoare triple {16563#true} assume !(-1073741802 == ~__cil_tmp7~0); {16563#true} is VALID [2022-02-20 14:38:23,600 INFO L290 TraceCheckUtils]: 9: Hoare triple {16563#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16563#true} is VALID [2022-02-20 14:38:23,600 INFO L290 TraceCheckUtils]: 10: Hoare triple {16563#true} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {16563#true} is VALID [2022-02-20 14:38:23,600 INFO L290 TraceCheckUtils]: 11: Hoare triple {16563#true} assume 1 == ~tmp_ndt_7~0; {16563#true} is VALID [2022-02-20 14:38:23,601 INFO L290 TraceCheckUtils]: 12: Hoare triple {16563#true} ~returnVal2~0 := -1073741823; {16563#true} is VALID [2022-02-20 14:38:23,601 INFO L290 TraceCheckUtils]: 13: Hoare triple {16563#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {16563#true} is VALID [2022-02-20 14:38:23,601 INFO L290 TraceCheckUtils]: 14: Hoare triple {16563#true} #res := ~returnVal2~0; {16563#true} is VALID [2022-02-20 14:38:23,601 INFO L290 TraceCheckUtils]: 15: Hoare triple {16563#true} assume true; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {16563#true} {16563#true} #717#return; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L290 TraceCheckUtils]: 0: Hoare triple {16563#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L290 TraceCheckUtils]: 1: Hoare triple {16563#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L290 TraceCheckUtils]: 2: Hoare triple {16563#true} assume { :end_inline__BLAST_init } true; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L290 TraceCheckUtils]: 3: Hoare triple {16563#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {16563#true} is VALID [2022-02-20 14:38:23,602 INFO L290 TraceCheckUtils]: 4: Hoare triple {16563#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {16563#true} is VALID [2022-02-20 14:38:23,603 INFO L290 TraceCheckUtils]: 5: Hoare triple {16563#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16563#true} is VALID [2022-02-20 14:38:23,607 INFO L290 TraceCheckUtils]: 6: Hoare triple {16563#true} assume { :end_inline_stub_driver_init } true; {16563#true} is VALID [2022-02-20 14:38:23,607 INFO L290 TraceCheckUtils]: 7: Hoare triple {16563#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {16563#true} is VALID [2022-02-20 14:38:23,607 INFO L290 TraceCheckUtils]: 8: Hoare triple {16563#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 9: Hoare triple {16563#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 10: Hoare triple {16563#true} assume 3 == main_~tmp_ndt_3~0#1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 11: Hoare triple {16563#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 12: Hoare triple {16563#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 13: Hoare triple {16563#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 14: Hoare triple {16563#true} assume !(~s~0 != ~NP~0); {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 15: Hoare triple {16563#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {16563#true} is VALID [2022-02-20 14:38:23,608 INFO L290 TraceCheckUtils]: 16: Hoare triple {16563#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {16563#true} is VALID [2022-02-20 14:38:23,609 INFO L272 TraceCheckUtils]: 17: Hoare triple {16563#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {16583#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:23,609 INFO L290 TraceCheckUtils]: 18: Hoare triple {16583#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16563#true} is VALID [2022-02-20 14:38:23,609 INFO L290 TraceCheckUtils]: 19: Hoare triple {16563#true} assume 0 != ~compRegistered~0; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L272 TraceCheckUtils]: 20: Hoare triple {16563#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {16588#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 21: Hoare triple {16588#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 22: Hoare triple {16563#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 23: Hoare triple {16563#true} assume true; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {16563#true} {16563#true} #755#return; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 25: Hoare triple {16563#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 26: Hoare triple {16563#true} assume !(-1073741802 == ~__cil_tmp7~0); {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 27: Hoare triple {16563#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16563#true} is VALID [2022-02-20 14:38:23,610 INFO L290 TraceCheckUtils]: 28: Hoare triple {16563#true} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 29: Hoare triple {16563#true} assume 1 == ~tmp_ndt_7~0; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 30: Hoare triple {16563#true} ~returnVal2~0 := -1073741823; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 31: Hoare triple {16563#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 32: Hoare triple {16563#true} #res := ~returnVal2~0; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 33: Hoare triple {16563#true} assume true; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {16563#true} {16563#true} #717#return; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 35: Hoare triple {16563#true} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 36: Hoare triple {16563#true} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {16563#true} is VALID [2022-02-20 14:38:23,611 INFO L290 TraceCheckUtils]: 37: Hoare triple {16563#true} assume !(~s~0 == ~MPR3~0); {16582#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} is VALID [2022-02-20 14:38:23,612 INFO L290 TraceCheckUtils]: 38: Hoare triple {16582#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} assume !(1 == ~customIrp~0); {16582#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} is VALID [2022-02-20 14:38:23,612 INFO L290 TraceCheckUtils]: 39: Hoare triple {16582#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} assume ~s~0 == ~MPR3~0; {16564#false} is VALID [2022-02-20 14:38:23,612 INFO L272 TraceCheckUtils]: 40: Hoare triple {16564#false} call errorFn(); {16564#false} is VALID [2022-02-20 14:38:23,612 INFO L290 TraceCheckUtils]: 41: Hoare triple {16564#false} assume !false; {16564#false} is VALID [2022-02-20 14:38:23,612 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:23,613 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:23,613 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1844249046] [2022-02-20 14:38:23,613 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1844249046] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:23,613 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:23,613 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:23,613 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [703711727] [2022-02-20 14:38:23,613 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:23,614 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2022-02-20 14:38:23,614 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:23,614 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:23,641 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:23,642 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:23,642 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:23,642 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:23,642 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:23,642 INFO L87 Difference]: Start difference. First operand 195 states and 261 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:24,134 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:24,134 INFO L93 Difference]: Finished difference Result 211 states and 278 transitions. [2022-02-20 14:38:24,134 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 14:38:24,135 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2022-02-20 14:38:24,135 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:24,135 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:24,137 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 246 transitions. [2022-02-20 14:38:24,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:24,139 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 246 transitions. [2022-02-20 14:38:24,139 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 246 transitions. [2022-02-20 14:38:24,319 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 246 edges. 246 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:24,323 INFO L225 Difference]: With dead ends: 211 [2022-02-20 14:38:24,323 INFO L226 Difference]: Without dead ends: 206 [2022-02-20 14:38:24,323 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2022-02-20 14:38:24,324 INFO L933 BasicCegarLoop]: 216 mSDtfsCounter, 54 mSDsluCounter, 485 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 701 SdHoareTripleChecker+Invalid, 125 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:24,324 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [54 Valid, 701 Invalid, 125 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:24,325 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 206 states. [2022-02-20 14:38:24,357 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 206 to 197. [2022-02-20 14:38:24,358 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:24,358 INFO L82 GeneralOperation]: Start isEquivalent. First operand 206 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:24,359 INFO L74 IsIncluded]: Start isIncluded. First operand 206 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:24,359 INFO L87 Difference]: Start difference. First operand 206 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:24,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:24,364 INFO L93 Difference]: Finished difference Result 206 states and 272 transitions. [2022-02-20 14:38:24,364 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 272 transitions. [2022-02-20 14:38:24,364 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:24,364 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:24,365 INFO L74 IsIncluded]: Start isIncluded. First operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 206 states. [2022-02-20 14:38:24,365 INFO L87 Difference]: Start difference. First operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 206 states. [2022-02-20 14:38:24,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:24,369 INFO L93 Difference]: Finished difference Result 206 states and 272 transitions. [2022-02-20 14:38:24,369 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 272 transitions. [2022-02-20 14:38:24,370 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:24,370 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:24,370 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:24,370 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:24,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-20 14:38:24,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 197 states to 197 states and 262 transitions. [2022-02-20 14:38:24,375 INFO L78 Accepts]: Start accepts. Automaton has 197 states and 262 transitions. Word has length 42 [2022-02-20 14:38:24,375 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:24,375 INFO L470 AbstractCegarLoop]: Abstraction has 197 states and 262 transitions. [2022-02-20 14:38:24,375 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:24,375 INFO L276 IsEmpty]: Start isEmpty. Operand 197 states and 262 transitions. [2022-02-20 14:38:24,376 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 14:38:24,376 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:24,376 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:24,376 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2022-02-20 14:38:24,377 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:24,377 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:24,377 INFO L85 PathProgramCache]: Analyzing trace with hash 423879184, now seen corresponding path program 1 times [2022-02-20 14:38:24,377 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:24,378 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1627526168] [2022-02-20 14:38:24,378 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:24,378 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:24,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:24,421 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:24,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:24,447 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 14:38:24,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:24,453 INFO L290 TraceCheckUtils]: 0: Hoare triple {17572#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {17548#true} is VALID [2022-02-20 14:38:24,453 INFO L290 TraceCheckUtils]: 1: Hoare triple {17548#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {17548#true} is VALID [2022-02-20 14:38:24,453 INFO L290 TraceCheckUtils]: 2: Hoare triple {17548#true} assume true; {17548#true} is VALID [2022-02-20 14:38:24,453 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {17548#true} {17548#true} #755#return; {17548#true} is VALID [2022-02-20 14:38:24,454 INFO L290 TraceCheckUtils]: 0: Hoare triple {17567#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {17548#true} is VALID [2022-02-20 14:38:24,454 INFO L290 TraceCheckUtils]: 1: Hoare triple {17548#true} assume 0 != ~compRegistered~0; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L272 TraceCheckUtils]: 2: Hoare triple {17548#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {17572#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:24,455 INFO L290 TraceCheckUtils]: 3: Hoare triple {17572#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L290 TraceCheckUtils]: 4: Hoare triple {17548#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L290 TraceCheckUtils]: 5: Hoare triple {17548#true} assume true; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {17548#true} {17548#true} #755#return; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L290 TraceCheckUtils]: 7: Hoare triple {17548#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {17548#true} is VALID [2022-02-20 14:38:24,455 INFO L290 TraceCheckUtils]: 8: Hoare triple {17548#true} assume !(-1073741802 == ~__cil_tmp7~0); {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 9: Hoare triple {17548#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 10: Hoare triple {17548#true} assume 0 == ~tmp_ndt_6~0; {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 11: Hoare triple {17548#true} ~returnVal2~0 := 0; {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 12: Hoare triple {17548#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 13: Hoare triple {17548#true} #res := ~returnVal2~0; {17548#true} is VALID [2022-02-20 14:38:24,456 INFO L290 TraceCheckUtils]: 14: Hoare triple {17548#true} assume true; {17548#true} is VALID [2022-02-20 14:38:24,457 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {17548#true} {17550#(<= (+ ~myStatus~0 1073741637) 0)} #717#return; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,457 INFO L290 TraceCheckUtils]: 0: Hoare triple {17548#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {17548#true} is VALID [2022-02-20 14:38:24,457 INFO L290 TraceCheckUtils]: 1: Hoare triple {17548#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {17548#true} is VALID [2022-02-20 14:38:24,457 INFO L290 TraceCheckUtils]: 2: Hoare triple {17548#true} assume { :end_inline__BLAST_init } true; {17548#true} is VALID [2022-02-20 14:38:24,458 INFO L290 TraceCheckUtils]: 3: Hoare triple {17548#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {17548#true} is VALID [2022-02-20 14:38:24,458 INFO L290 TraceCheckUtils]: 4: Hoare triple {17548#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,458 INFO L290 TraceCheckUtils]: 5: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,459 INFO L290 TraceCheckUtils]: 6: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume { :end_inline_stub_driver_init } true; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,459 INFO L290 TraceCheckUtils]: 7: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,460 INFO L290 TraceCheckUtils]: 8: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,460 INFO L290 TraceCheckUtils]: 9: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,461 INFO L290 TraceCheckUtils]: 10: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume 3 == main_~tmp_ndt_3~0#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,461 INFO L290 TraceCheckUtils]: 11: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,462 INFO L290 TraceCheckUtils]: 12: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,462 INFO L290 TraceCheckUtils]: 13: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,462 INFO L290 TraceCheckUtils]: 14: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(~s~0 != ~NP~0); {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,463 INFO L290 TraceCheckUtils]: 15: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,463 INFO L290 TraceCheckUtils]: 16: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,464 INFO L272 TraceCheckUtils]: 17: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {17567#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:24,464 INFO L290 TraceCheckUtils]: 18: Hoare triple {17567#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {17548#true} is VALID [2022-02-20 14:38:24,464 INFO L290 TraceCheckUtils]: 19: Hoare triple {17548#true} assume 0 != ~compRegistered~0; {17548#true} is VALID [2022-02-20 14:38:24,465 INFO L272 TraceCheckUtils]: 20: Hoare triple {17548#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {17572#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:24,465 INFO L290 TraceCheckUtils]: 21: Hoare triple {17572#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {17548#true} is VALID [2022-02-20 14:38:24,465 INFO L290 TraceCheckUtils]: 22: Hoare triple {17548#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {17548#true} is VALID [2022-02-20 14:38:24,465 INFO L290 TraceCheckUtils]: 23: Hoare triple {17548#true} assume true; {17548#true} is VALID [2022-02-20 14:38:24,465 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {17548#true} {17548#true} #755#return; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 25: Hoare triple {17548#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 26: Hoare triple {17548#true} assume !(-1073741802 == ~__cil_tmp7~0); {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 27: Hoare triple {17548#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 28: Hoare triple {17548#true} assume 0 == ~tmp_ndt_6~0; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 29: Hoare triple {17548#true} ~returnVal2~0 := 0; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 30: Hoare triple {17548#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {17548#true} is VALID [2022-02-20 14:38:24,466 INFO L290 TraceCheckUtils]: 31: Hoare triple {17548#true} #res := ~returnVal2~0; {17548#true} is VALID [2022-02-20 14:38:24,467 INFO L290 TraceCheckUtils]: 32: Hoare triple {17548#true} assume true; {17548#true} is VALID [2022-02-20 14:38:24,467 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {17548#true} {17550#(<= (+ ~myStatus~0 1073741637) 0)} #717#return; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,468 INFO L290 TraceCheckUtils]: 34: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,468 INFO L290 TraceCheckUtils]: 35: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume !(259 == KbFilter_PnP_~__cil_tmp23~0#1); {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,468 INFO L290 TraceCheckUtils]: 36: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume KbFilter_PnP_~status~0#1 >= 0; {17550#(<= (+ ~myStatus~0 1073741637) 0)} is VALID [2022-02-20 14:38:24,469 INFO L290 TraceCheckUtils]: 37: Hoare triple {17550#(<= (+ ~myStatus~0 1073741637) 0)} assume ~myStatus~0 >= 0;KbFilter_PnP_~devExt__Started~0#1 := 1;KbFilter_PnP_~devExt__Removed~0#1 := 0;KbFilter_PnP_~devExt__SurpriseRemoved~0#1 := 0; {17549#false} is VALID [2022-02-20 14:38:24,469 INFO L290 TraceCheckUtils]: 38: Hoare triple {17549#false} KbFilter_PnP_~Irp__IoStatus__Status~0#1 := KbFilter_PnP_~status~0#1;~myStatus~0 := KbFilter_PnP_~status~0#1;KbFilter_PnP_~Irp__IoStatus__Information~0#1 := 0; {17549#false} is VALID [2022-02-20 14:38:24,469 INFO L272 TraceCheckUtils]: 39: Hoare triple {17549#false} call IofCompleteRequest(KbFilter_PnP_~Irp#1, 0); {17549#false} is VALID [2022-02-20 14:38:24,469 INFO L290 TraceCheckUtils]: 40: Hoare triple {17549#false} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {17549#false} is VALID [2022-02-20 14:38:24,469 INFO L290 TraceCheckUtils]: 41: Hoare triple {17549#false} assume !(~s~0 == ~NP~0); {17549#false} is VALID [2022-02-20 14:38:24,470 INFO L272 TraceCheckUtils]: 42: Hoare triple {17549#false} call errorFn(); {17549#false} is VALID [2022-02-20 14:38:24,470 INFO L290 TraceCheckUtils]: 43: Hoare triple {17549#false} assume !false; {17549#false} is VALID [2022-02-20 14:38:24,470 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:24,470 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:24,470 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1627526168] [2022-02-20 14:38:24,471 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1627526168] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:24,471 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:24,471 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:24,471 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1472083229] [2022-02-20 14:38:24,471 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:24,472 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 44 [2022-02-20 14:38:24,472 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:24,472 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:24,500 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 44 edges. 44 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:24,501 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:24,501 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:24,501 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:24,501 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:24,502 INFO L87 Difference]: Start difference. First operand 197 states and 262 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:25,217 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:25,217 INFO L93 Difference]: Finished difference Result 386 states and 514 transitions. [2022-02-20 14:38:25,217 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:25,217 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 44 [2022-02-20 14:38:25,217 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:25,218 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:25,221 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 452 transitions. [2022-02-20 14:38:25,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:25,224 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 452 transitions. [2022-02-20 14:38:25,224 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 452 transitions. [2022-02-20 14:38:25,566 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 452 edges. 452 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:25,575 INFO L225 Difference]: With dead ends: 386 [2022-02-20 14:38:25,576 INFO L226 Difference]: Without dead ends: 379 [2022-02-20 14:38:25,577 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:25,579 INFO L933 BasicCegarLoop]: 223 mSDtfsCounter, 249 mSDsluCounter, 510 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 40 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 254 SdHoareTripleChecker+Valid, 733 SdHoareTripleChecker+Invalid, 152 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 40 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:25,579 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [254 Valid, 733 Invalid, 152 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [40 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:25,580 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 379 states. [2022-02-20 14:38:25,667 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 379 to 344. [2022-02-20 14:38:25,667 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:25,668 INFO L82 GeneralOperation]: Start isEquivalent. First operand 379 states. Second operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:25,669 INFO L74 IsIncluded]: Start isIncluded. First operand 379 states. Second operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:25,669 INFO L87 Difference]: Start difference. First operand 379 states. Second operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:25,678 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:25,678 INFO L93 Difference]: Finished difference Result 379 states and 507 transitions. [2022-02-20 14:38:25,678 INFO L276 IsEmpty]: Start isEmpty. Operand 379 states and 507 transitions. [2022-02-20 14:38:25,679 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:25,679 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:25,679 INFO L74 IsIncluded]: Start isIncluded. First operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 379 states. [2022-02-20 14:38:25,680 INFO L87 Difference]: Start difference. First operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 379 states. [2022-02-20 14:38:25,689 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:25,689 INFO L93 Difference]: Finished difference Result 379 states and 507 transitions. [2022-02-20 14:38:25,689 INFO L276 IsEmpty]: Start isEmpty. Operand 379 states and 507 transitions. [2022-02-20 14:38:25,690 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:25,690 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:25,690 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:25,691 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:25,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 305 states have (on average 1.380327868852459) internal successors, (421), 312 states have internal predecessors, (421), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:25,699 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 467 transitions. [2022-02-20 14:38:25,700 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 467 transitions. Word has length 44 [2022-02-20 14:38:25,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:25,700 INFO L470 AbstractCegarLoop]: Abstraction has 344 states and 467 transitions. [2022-02-20 14:38:25,700 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:25,701 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 467 transitions. [2022-02-20 14:38:25,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 14:38:25,702 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:25,703 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:25,703 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2022-02-20 14:38:25,703 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:25,703 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:25,703 INFO L85 PathProgramCache]: Analyzing trace with hash -2096080750, now seen corresponding path program 1 times [2022-02-20 14:38:25,704 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:25,704 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [141598850] [2022-02-20 14:38:25,704 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:25,704 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:25,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:25,750 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:25,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:25,792 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-20 14:38:25,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:25,810 INFO L290 TraceCheckUtils]: 0: Hoare triple {19328#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {19303#true} is VALID [2022-02-20 14:38:25,810 INFO L290 TraceCheckUtils]: 1: Hoare triple {19303#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,811 INFO L290 TraceCheckUtils]: 2: Hoare triple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,812 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {19303#true} #755#return; {19326#(= (+ |IofCallDriver_#t~ret35| 1073741802) 0)} is VALID [2022-02-20 14:38:25,812 INFO L290 TraceCheckUtils]: 0: Hoare triple {19321#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {19303#true} is VALID [2022-02-20 14:38:25,812 INFO L290 TraceCheckUtils]: 1: Hoare triple {19303#true} assume 0 != ~compRegistered~0; {19303#true} is VALID [2022-02-20 14:38:25,813 INFO L272 TraceCheckUtils]: 2: Hoare triple {19303#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {19328#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:25,813 INFO L290 TraceCheckUtils]: 3: Hoare triple {19328#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {19303#true} is VALID [2022-02-20 14:38:25,813 INFO L290 TraceCheckUtils]: 4: Hoare triple {19303#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,814 INFO L290 TraceCheckUtils]: 5: Hoare triple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,815 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {19303#true} #755#return; {19326#(= (+ |IofCallDriver_#t~ret35| 1073741802) 0)} is VALID [2022-02-20 14:38:25,815 INFO L290 TraceCheckUtils]: 7: Hoare triple {19326#(= (+ |IofCallDriver_#t~ret35| 1073741802) 0)} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {19327#(= IofCallDriver_~__cil_tmp7~0 (- 1073741802))} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 8: Hoare triple {19327#(= IofCallDriver_~__cil_tmp7~0 (- 1073741802))} assume !(-1073741802 == ~__cil_tmp7~0); {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 9: Hoare triple {19304#false} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 10: Hoare triple {19304#false} assume 0 == ~tmp_ndt_6~0; {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 11: Hoare triple {19304#false} ~returnVal2~0 := 0; {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 12: Hoare triple {19304#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 13: Hoare triple {19304#false} #res := ~returnVal2~0; {19304#false} is VALID [2022-02-20 14:38:25,816 INFO L290 TraceCheckUtils]: 14: Hoare triple {19304#false} assume true; {19304#false} is VALID [2022-02-20 14:38:25,817 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {19304#false} {19303#true} #717#return; {19304#false} is VALID [2022-02-20 14:38:25,817 INFO L290 TraceCheckUtils]: 0: Hoare triple {19303#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {19303#true} is VALID [2022-02-20 14:38:25,817 INFO L290 TraceCheckUtils]: 1: Hoare triple {19303#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {19303#true} is VALID [2022-02-20 14:38:25,817 INFO L290 TraceCheckUtils]: 2: Hoare triple {19303#true} assume { :end_inline__BLAST_init } true; {19303#true} is VALID [2022-02-20 14:38:25,817 INFO L290 TraceCheckUtils]: 3: Hoare triple {19303#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 4: Hoare triple {19303#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 5: Hoare triple {19303#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 6: Hoare triple {19303#true} assume { :end_inline_stub_driver_init } true; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 7: Hoare triple {19303#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 8: Hoare triple {19303#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 9: Hoare triple {19303#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 10: Hoare triple {19303#true} assume 3 == main_~tmp_ndt_3~0#1; {19303#true} is VALID [2022-02-20 14:38:25,818 INFO L290 TraceCheckUtils]: 11: Hoare triple {19303#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {19303#true} is VALID [2022-02-20 14:38:25,819 INFO L290 TraceCheckUtils]: 12: Hoare triple {19303#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {19303#true} is VALID [2022-02-20 14:38:25,819 INFO L290 TraceCheckUtils]: 13: Hoare triple {19303#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {19303#true} is VALID [2022-02-20 14:38:25,819 INFO L290 TraceCheckUtils]: 14: Hoare triple {19303#true} assume !(~s~0 != ~NP~0); {19303#true} is VALID [2022-02-20 14:38:25,819 INFO L290 TraceCheckUtils]: 15: Hoare triple {19303#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {19303#true} is VALID [2022-02-20 14:38:25,819 INFO L290 TraceCheckUtils]: 16: Hoare triple {19303#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {19303#true} is VALID [2022-02-20 14:38:25,820 INFO L272 TraceCheckUtils]: 17: Hoare triple {19303#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {19321#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:25,820 INFO L290 TraceCheckUtils]: 18: Hoare triple {19321#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {19303#true} is VALID [2022-02-20 14:38:25,820 INFO L290 TraceCheckUtils]: 19: Hoare triple {19303#true} assume 0 != ~compRegistered~0; {19303#true} is VALID [2022-02-20 14:38:25,821 INFO L272 TraceCheckUtils]: 20: Hoare triple {19303#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {19328#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-20 14:38:25,821 INFO L290 TraceCheckUtils]: 21: Hoare triple {19328#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {19303#true} is VALID [2022-02-20 14:38:25,821 INFO L290 TraceCheckUtils]: 22: Hoare triple {19303#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,822 INFO L290 TraceCheckUtils]: 23: Hoare triple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-20 14:38:25,823 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {19329#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {19303#true} #755#return; {19326#(= (+ |IofCallDriver_#t~ret35| 1073741802) 0)} is VALID [2022-02-20 14:38:25,823 INFO L290 TraceCheckUtils]: 25: Hoare triple {19326#(= (+ |IofCallDriver_#t~ret35| 1073741802) 0)} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {19327#(= IofCallDriver_~__cil_tmp7~0 (- 1073741802))} is VALID [2022-02-20 14:38:25,823 INFO L290 TraceCheckUtils]: 26: Hoare triple {19327#(= IofCallDriver_~__cil_tmp7~0 (- 1073741802))} assume !(-1073741802 == ~__cil_tmp7~0); {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 27: Hoare triple {19304#false} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 28: Hoare triple {19304#false} assume 0 == ~tmp_ndt_6~0; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 29: Hoare triple {19304#false} ~returnVal2~0 := 0; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 30: Hoare triple {19304#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 31: Hoare triple {19304#false} #res := ~returnVal2~0; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 32: Hoare triple {19304#false} assume true; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {19304#false} {19303#true} #717#return; {19304#false} is VALID [2022-02-20 14:38:25,824 INFO L290 TraceCheckUtils]: 34: Hoare triple {19304#false} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 35: Hoare triple {19304#false} assume !(259 == KbFilter_PnP_~__cil_tmp23~0#1); {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 36: Hoare triple {19304#false} assume KbFilter_PnP_~status~0#1 >= 0; {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 37: Hoare triple {19304#false} assume !(~myStatus~0 >= 0); {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 38: Hoare triple {19304#false} KbFilter_PnP_~Irp__IoStatus__Status~0#1 := KbFilter_PnP_~status~0#1;~myStatus~0 := KbFilter_PnP_~status~0#1;KbFilter_PnP_~Irp__IoStatus__Information~0#1 := 0; {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L272 TraceCheckUtils]: 39: Hoare triple {19304#false} call IofCompleteRequest(KbFilter_PnP_~Irp#1, 0); {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 40: Hoare triple {19304#false} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {19304#false} is VALID [2022-02-20 14:38:25,825 INFO L290 TraceCheckUtils]: 41: Hoare triple {19304#false} assume !(~s~0 == ~NP~0); {19304#false} is VALID [2022-02-20 14:38:25,826 INFO L272 TraceCheckUtils]: 42: Hoare triple {19304#false} call errorFn(); {19304#false} is VALID [2022-02-20 14:38:25,826 INFO L290 TraceCheckUtils]: 43: Hoare triple {19304#false} assume !false; {19304#false} is VALID [2022-02-20 14:38:25,826 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:25,826 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:25,826 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [141598850] [2022-02-20 14:38:25,828 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [141598850] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:25,828 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:25,828 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 14:38:25,828 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2130156712] [2022-02-20 14:38:25,828 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:25,829 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2022-02-20 14:38:25,830 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:25,830 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:25,859 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 44 edges. 44 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:25,859 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 14:38:25,860 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:25,860 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 14:38:25,860 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:25,860 INFO L87 Difference]: Start difference. First operand 344 states and 467 transitions. Second operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:26,517 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:26,518 INFO L93 Difference]: Finished difference Result 404 states and 537 transitions. [2022-02-20 14:38:26,518 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:26,518 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2022-02-20 14:38:26,518 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:26,518 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:26,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 269 transitions. [2022-02-20 14:38:26,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:26,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 269 transitions. [2022-02-20 14:38:26,523 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 269 transitions. [2022-02-20 14:38:26,682 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 269 edges. 269 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:26,690 INFO L225 Difference]: With dead ends: 404 [2022-02-20 14:38:26,690 INFO L226 Difference]: Without dead ends: 332 [2022-02-20 14:38:26,690 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:26,691 INFO L933 BasicCegarLoop]: 219 mSDtfsCounter, 80 mSDsluCounter, 784 mSDsCounter, 0 mSdLazyCounter, 84 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 1003 SdHoareTripleChecker+Invalid, 117 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 84 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:26,691 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [81 Valid, 1003 Invalid, 117 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 84 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:26,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 332 states. [2022-02-20 14:38:26,767 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 332 to 332. [2022-02-20 14:38:26,767 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:26,768 INFO L82 GeneralOperation]: Start isEquivalent. First operand 332 states. Second operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:26,769 INFO L74 IsIncluded]: Start isIncluded. First operand 332 states. Second operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:26,769 INFO L87 Difference]: Start difference. First operand 332 states. Second operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:26,776 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:26,777 INFO L93 Difference]: Finished difference Result 332 states and 449 transitions. [2022-02-20 14:38:26,777 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 449 transitions. [2022-02-20 14:38:26,778 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:26,778 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:26,778 INFO L74 IsIncluded]: Start isIncluded. First operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 332 states. [2022-02-20 14:38:26,779 INFO L87 Difference]: Start difference. First operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 332 states. [2022-02-20 14:38:26,786 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:26,786 INFO L93 Difference]: Finished difference Result 332 states and 449 transitions. [2022-02-20 14:38:26,786 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 449 transitions. [2022-02-20 14:38:26,787 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:26,787 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:26,787 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:26,787 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:26,788 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 332 states, 293 states have (on average 1.3754266211604096) internal successors, (403), 300 states have internal predecessors, (403), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:26,796 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 332 states to 332 states and 449 transitions. [2022-02-20 14:38:26,797 INFO L78 Accepts]: Start accepts. Automaton has 332 states and 449 transitions. Word has length 44 [2022-02-20 14:38:26,797 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:26,797 INFO L470 AbstractCegarLoop]: Abstraction has 332 states and 449 transitions. [2022-02-20 14:38:26,797 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:26,797 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 449 transitions. [2022-02-20 14:38:26,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 14:38:26,798 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:26,799 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:26,799 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2022-02-20 14:38:26,799 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:26,799 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:26,799 INFO L85 PathProgramCache]: Analyzing trace with hash 1891894546, now seen corresponding path program 1 times [2022-02-20 14:38:26,800 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:26,800 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [800499131] [2022-02-20 14:38:26,800 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:26,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:26,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:26,855 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:26,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:26,872 INFO L290 TraceCheckUtils]: 0: Hoare triple {20974#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,872 INFO L290 TraceCheckUtils]: 1: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume !(0 != ~compRegistered~0); {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,872 INFO L290 TraceCheckUtils]: 2: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,873 INFO L290 TraceCheckUtils]: 3: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume 0 == ~tmp_ndt_6~0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,873 INFO L290 TraceCheckUtils]: 4: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} ~returnVal2~0 := 0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,873 INFO L290 TraceCheckUtils]: 5: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume !(~s~0 == ~NP~0); {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,874 INFO L290 TraceCheckUtils]: 6: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~MPR1~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,874 INFO L290 TraceCheckUtils]: 7: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} assume !(259 == ~returnVal2~0);~s~0 := ~NP~0;~lowerDriverReturn~0 := ~returnVal2~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,875 INFO L290 TraceCheckUtils]: 8: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} #res := ~returnVal2~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,875 INFO L290 TraceCheckUtils]: 9: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} assume true; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,876 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {20976#(= ~MPR1~0 |old(~s~0)|)} {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} #725#return; {20960#false} is VALID [2022-02-20 14:38:26,876 INFO L290 TraceCheckUtils]: 0: Hoare triple {20959#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {20959#true} is VALID [2022-02-20 14:38:26,877 INFO L290 TraceCheckUtils]: 1: Hoare triple {20959#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,877 INFO L290 TraceCheckUtils]: 2: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :end_inline__BLAST_init } true; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,878 INFO L290 TraceCheckUtils]: 3: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,878 INFO L290 TraceCheckUtils]: 4: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,879 INFO L290 TraceCheckUtils]: 5: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,879 INFO L290 TraceCheckUtils]: 6: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :end_inline_stub_driver_init } true; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,880 INFO L290 TraceCheckUtils]: 7: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,880 INFO L290 TraceCheckUtils]: 8: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,881 INFO L290 TraceCheckUtils]: 9: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,881 INFO L290 TraceCheckUtils]: 10: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 3 == main_~tmp_ndt_3~0#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,882 INFO L290 TraceCheckUtils]: 11: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,882 INFO L290 TraceCheckUtils]: 12: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,883 INFO L290 TraceCheckUtils]: 13: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 23 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,883 INFO L290 TraceCheckUtils]: 14: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} KbFilter_PnP_~devExt__SurpriseRemoved~0#1 := 1; {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-20 14:38:26,883 INFO L290 TraceCheckUtils]: 15: Hoare triple {20961#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} is VALID [2022-02-20 14:38:26,884 INFO L290 TraceCheckUtils]: 16: Hoare triple {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} KbFilter_PnP_#t~post12#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post12#1;havoc KbFilter_PnP_#t~post12#1;KbFilter_PnP_#t~post13#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post13#1;havoc KbFilter_PnP_#t~post13#1; {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} is VALID [2022-02-20 14:38:26,885 INFO L272 TraceCheckUtils]: 17: Hoare triple {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} call KbFilter_PnP_#t~ret14#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {20974#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:26,885 INFO L290 TraceCheckUtils]: 18: Hoare triple {20974#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,886 INFO L290 TraceCheckUtils]: 19: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume !(0 != ~compRegistered~0); {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,886 INFO L290 TraceCheckUtils]: 20: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,886 INFO L290 TraceCheckUtils]: 21: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume 0 == ~tmp_ndt_6~0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,887 INFO L290 TraceCheckUtils]: 22: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} ~returnVal2~0 := 0; {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,887 INFO L290 TraceCheckUtils]: 23: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume !(~s~0 == ~NP~0); {20975#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,887 INFO L290 TraceCheckUtils]: 24: Hoare triple {20975#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~MPR1~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,888 INFO L290 TraceCheckUtils]: 25: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} assume !(259 == ~returnVal2~0);~s~0 := ~NP~0;~lowerDriverReturn~0 := ~returnVal2~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,888 INFO L290 TraceCheckUtils]: 26: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} #res := ~returnVal2~0; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,888 INFO L290 TraceCheckUtils]: 27: Hoare triple {20976#(= ~MPR1~0 |old(~s~0)|)} assume true; {20976#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-20 14:38:26,889 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {20976#(= ~MPR1~0 |old(~s~0)|)} {20962#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} #725#return; {20960#false} is VALID [2022-02-20 14:38:26,889 INFO L290 TraceCheckUtils]: 29: Hoare triple {20960#false} assume -2147483648 <= KbFilter_PnP_#t~ret14#1 && KbFilter_PnP_#t~ret14#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret14#1;havoc KbFilter_PnP_#t~ret14#1; {20960#false} is VALID [2022-02-20 14:38:26,889 INFO L290 TraceCheckUtils]: 30: Hoare triple {20960#false} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {20960#false} is VALID [2022-02-20 14:38:26,889 INFO L290 TraceCheckUtils]: 31: Hoare triple {20960#false} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 32: Hoare triple {20960#false} assume !(1 == ~pended~0); {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 33: Hoare triple {20960#false} assume !(1 == ~pended~0); {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 34: Hoare triple {20960#false} assume ~s~0 != ~UNLOADED~0; {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 35: Hoare triple {20960#false} assume -1 != main_~status~1#1; {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 36: Hoare triple {20960#false} assume !(~s~0 != ~SKIP2~0); {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 37: Hoare triple {20960#false} assume !(1 == ~pended~0); {20960#false} is VALID [2022-02-20 14:38:26,890 INFO L290 TraceCheckUtils]: 38: Hoare triple {20960#false} assume !(~s~0 == ~DC~0); {20960#false} is VALID [2022-02-20 14:38:26,891 INFO L290 TraceCheckUtils]: 39: Hoare triple {20960#false} assume main_~status~1#1 != ~lowerDriverReturn~0; {20960#false} is VALID [2022-02-20 14:38:26,891 INFO L272 TraceCheckUtils]: 40: Hoare triple {20960#false} call errorFn(); {20960#false} is VALID [2022-02-20 14:38:26,891 INFO L290 TraceCheckUtils]: 41: Hoare triple {20960#false} assume !false; {20960#false} is VALID [2022-02-20 14:38:26,891 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:26,891 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:26,891 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [800499131] [2022-02-20 14:38:26,892 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [800499131] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:26,892 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:26,892 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 14:38:26,892 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1882987246] [2022-02-20 14:38:26,892 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:26,893 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-20 14:38:26,893 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:26,893 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:26,924 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:26,924 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 14:38:26,924 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:26,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 14:38:26,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:26,925 INFO L87 Difference]: Start difference. First operand 332 states and 449 transitions. Second operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:27,695 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:27,695 INFO L93 Difference]: Finished difference Result 368 states and 493 transitions. [2022-02-20 14:38:27,696 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:27,696 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-20 14:38:27,696 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:27,696 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:27,698 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 264 transitions. [2022-02-20 14:38:27,699 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:27,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 264 transitions. [2022-02-20 14:38:27,701 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 264 transitions. [2022-02-20 14:38:27,907 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 264 edges. 264 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:27,915 INFO L225 Difference]: With dead ends: 368 [2022-02-20 14:38:27,915 INFO L226 Difference]: Without dead ends: 328 [2022-02-20 14:38:27,916 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 14:38:27,916 INFO L933 BasicCegarLoop]: 200 mSDtfsCounter, 264 mSDsluCounter, 476 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 264 SdHoareTripleChecker+Valid, 676 SdHoareTripleChecker+Invalid, 195 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:27,917 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [264 Valid, 676 Invalid, 195 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:27,917 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2022-02-20 14:38:28,004 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 324. [2022-02-20 14:38:28,004 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:28,005 INFO L82 GeneralOperation]: Start isEquivalent. First operand 328 states. Second operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:28,005 INFO L74 IsIncluded]: Start isIncluded. First operand 328 states. Second operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:28,006 INFO L87 Difference]: Start difference. First operand 328 states. Second operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:28,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:28,016 INFO L93 Difference]: Finished difference Result 328 states and 439 transitions. [2022-02-20 14:38:28,016 INFO L276 IsEmpty]: Start isEmpty. Operand 328 states and 439 transitions. [2022-02-20 14:38:28,017 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:28,017 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:28,018 INFO L74 IsIncluded]: Start isIncluded. First operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 328 states. [2022-02-20 14:38:28,018 INFO L87 Difference]: Start difference. First operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) Second operand 328 states. [2022-02-20 14:38:28,027 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:28,027 INFO L93 Difference]: Finished difference Result 328 states and 439 transitions. [2022-02-20 14:38:28,027 INFO L276 IsEmpty]: Start isEmpty. Operand 328 states and 439 transitions. [2022-02-20 14:38:28,028 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:28,028 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:28,028 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:28,028 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:28,029 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 324 states, 285 states have (on average 1.3649122807017544) internal successors, (389), 292 states have internal predecessors, (389), 23 states have call successors, (23), 13 states have call predecessors, (23), 15 states have return successors, (23), 18 states have call predecessors, (23), 19 states have call successors, (23) [2022-02-20 14:38:28,037 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 324 states to 324 states and 435 transitions. [2022-02-20 14:38:28,037 INFO L78 Accepts]: Start accepts. Automaton has 324 states and 435 transitions. Word has length 42 [2022-02-20 14:38:28,037 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:28,037 INFO L470 AbstractCegarLoop]: Abstraction has 324 states and 435 transitions. [2022-02-20 14:38:28,038 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:28,038 INFO L276 IsEmpty]: Start isEmpty. Operand 324 states and 435 transitions. [2022-02-20 14:38:28,039 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 14:38:28,039 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:28,039 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:28,039 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2022-02-20 14:38:28,039 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:28,040 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:28,040 INFO L85 PathProgramCache]: Analyzing trace with hash 2035173904, now seen corresponding path program 1 times [2022-02-20 14:38:28,040 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:28,040 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [775044185] [2022-02-20 14:38:28,040 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:28,040 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:28,060 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:28,108 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:28,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:28,133 INFO L290 TraceCheckUtils]: 0: Hoare triple {22561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 1: Hoare triple {22544#true} assume !(0 != ~compRegistered~0); {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 2: Hoare triple {22544#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 3: Hoare triple {22544#true} assume 0 == ~tmp_ndt_6~0; {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 4: Hoare triple {22544#true} ~returnVal2~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 5: Hoare triple {22544#true} assume !(~s~0 == ~NP~0); {22544#true} is VALID [2022-02-20 14:38:28,134 INFO L290 TraceCheckUtils]: 6: Hoare triple {22544#true} assume !(~s~0 == ~MPR1~0); {22544#true} is VALID [2022-02-20 14:38:28,135 INFO L290 TraceCheckUtils]: 7: Hoare triple {22544#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {22562#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:28,135 INFO L290 TraceCheckUtils]: 8: Hoare triple {22562#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,135 INFO L290 TraceCheckUtils]: 9: Hoare triple {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,136 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {22544#true} #725#return; {22557#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} is VALID [2022-02-20 14:38:28,136 INFO L290 TraceCheckUtils]: 0: Hoare triple {22544#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,136 INFO L290 TraceCheckUtils]: 1: Hoare triple {22544#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 2: Hoare triple {22544#true} assume { :end_inline__BLAST_init } true; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 3: Hoare triple {22544#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 4: Hoare triple {22544#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 5: Hoare triple {22544#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 6: Hoare triple {22544#true} assume { :end_inline_stub_driver_init } true; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 7: Hoare triple {22544#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 8: Hoare triple {22544#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {22544#true} is VALID [2022-02-20 14:38:28,137 INFO L290 TraceCheckUtils]: 9: Hoare triple {22544#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 10: Hoare triple {22544#true} assume 3 == main_~tmp_ndt_3~0#1; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 11: Hoare triple {22544#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 12: Hoare triple {22544#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 13: Hoare triple {22544#true} assume 23 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 14: Hoare triple {22544#true} KbFilter_PnP_~devExt__SurpriseRemoved~0#1 := 1; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 15: Hoare triple {22544#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {22544#true} is VALID [2022-02-20 14:38:28,138 INFO L290 TraceCheckUtils]: 16: Hoare triple {22544#true} KbFilter_PnP_#t~post12#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post12#1;havoc KbFilter_PnP_#t~post12#1;KbFilter_PnP_#t~post13#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post13#1;havoc KbFilter_PnP_#t~post13#1; {22544#true} is VALID [2022-02-20 14:38:28,139 INFO L272 TraceCheckUtils]: 17: Hoare triple {22544#true} call KbFilter_PnP_#t~ret14#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {22561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:28,139 INFO L290 TraceCheckUtils]: 18: Hoare triple {22561#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {22544#true} is VALID [2022-02-20 14:38:28,139 INFO L290 TraceCheckUtils]: 19: Hoare triple {22544#true} assume !(0 != ~compRegistered~0); {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 20: Hoare triple {22544#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 21: Hoare triple {22544#true} assume 0 == ~tmp_ndt_6~0; {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 22: Hoare triple {22544#true} ~returnVal2~0 := 0; {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 23: Hoare triple {22544#true} assume !(~s~0 == ~NP~0); {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 24: Hoare triple {22544#true} assume !(~s~0 == ~MPR1~0); {22544#true} is VALID [2022-02-20 14:38:28,140 INFO L290 TraceCheckUtils]: 25: Hoare triple {22544#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {22562#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:28,141 INFO L290 TraceCheckUtils]: 26: Hoare triple {22562#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,141 INFO L290 TraceCheckUtils]: 27: Hoare triple {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,142 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {22563#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {22544#true} #725#return; {22557#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} is VALID [2022-02-20 14:38:28,142 INFO L290 TraceCheckUtils]: 29: Hoare triple {22557#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} assume -2147483648 <= KbFilter_PnP_#t~ret14#1 && KbFilter_PnP_#t~ret14#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret14#1;havoc KbFilter_PnP_#t~ret14#1; {22558#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-20 14:38:28,143 INFO L290 TraceCheckUtils]: 30: Hoare triple {22558#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {22559#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,143 INFO L290 TraceCheckUtils]: 31: Hoare triple {22559#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,143 INFO L290 TraceCheckUtils]: 32: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,144 INFO L290 TraceCheckUtils]: 33: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,144 INFO L290 TraceCheckUtils]: 34: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,144 INFO L290 TraceCheckUtils]: 35: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,145 INFO L290 TraceCheckUtils]: 36: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,145 INFO L290 TraceCheckUtils]: 37: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,145 INFO L290 TraceCheckUtils]: 38: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:28,146 INFO L290 TraceCheckUtils]: 39: Hoare triple {22560#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {22545#false} is VALID [2022-02-20 14:38:28,146 INFO L272 TraceCheckUtils]: 40: Hoare triple {22545#false} call errorFn(); {22545#false} is VALID [2022-02-20 14:38:28,146 INFO L290 TraceCheckUtils]: 41: Hoare triple {22545#false} assume !false; {22545#false} is VALID [2022-02-20 14:38:28,146 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:28,146 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:28,146 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [775044185] [2022-02-20 14:38:28,146 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [775044185] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:28,147 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:28,147 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-20 14:38:28,147 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1729013677] [2022-02-20 14:38:28,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:28,148 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-20 14:38:28,148 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:28,148 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:28,174 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:28,174 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 14:38:28,174 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:28,174 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 14:38:28,175 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2022-02-20 14:38:28,175 INFO L87 Difference]: Start difference. First operand 324 states and 435 transitions. Second operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:29,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:29,167 INFO L93 Difference]: Finished difference Result 338 states and 449 transitions. [2022-02-20 14:38:29,167 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 14:38:29,167 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-20 14:38:29,168 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:29,168 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:29,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 239 transitions. [2022-02-20 14:38:29,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:29,171 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 239 transitions. [2022-02-20 14:38:29,171 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 239 transitions. [2022-02-20 14:38:29,319 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 239 edges. 239 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:29,325 INFO L225 Difference]: With dead ends: 338 [2022-02-20 14:38:29,325 INFO L226 Difference]: Without dead ends: 315 [2022-02-20 14:38:29,325 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2022-02-20 14:38:29,326 INFO L933 BasicCegarLoop]: 204 mSDtfsCounter, 52 mSDsluCounter, 1234 mSDsCounter, 0 mSdLazyCounter, 246 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 1438 SdHoareTripleChecker+Invalid, 264 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 246 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:29,326 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 1438 Invalid, 264 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 246 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:29,327 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 315 states. [2022-02-20 14:38:29,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 315 to 315. [2022-02-20 14:38:29,399 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:29,400 INFO L82 GeneralOperation]: Start isEquivalent. First operand 315 states. Second operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:29,400 INFO L74 IsIncluded]: Start isIncluded. First operand 315 states. Second operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:29,401 INFO L87 Difference]: Start difference. First operand 315 states. Second operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:29,407 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:29,407 INFO L93 Difference]: Finished difference Result 315 states and 422 transitions. [2022-02-20 14:38:29,407 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 422 transitions. [2022-02-20 14:38:29,408 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:29,408 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:29,409 INFO L74 IsIncluded]: Start isIncluded. First operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) Second operand 315 states. [2022-02-20 14:38:29,409 INFO L87 Difference]: Start difference. First operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) Second operand 315 states. [2022-02-20 14:38:29,415 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:29,415 INFO L93 Difference]: Finished difference Result 315 states and 422 transitions. [2022-02-20 14:38:29,415 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 422 transitions. [2022-02-20 14:38:29,416 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:29,416 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:29,416 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:29,416 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:29,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 278 states have (on average 1.3669064748201438) internal successors, (380), 284 states have internal predecessors, (380), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:29,424 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 422 transitions. [2022-02-20 14:38:29,424 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 422 transitions. Word has length 42 [2022-02-20 14:38:29,424 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:29,424 INFO L470 AbstractCegarLoop]: Abstraction has 315 states and 422 transitions. [2022-02-20 14:38:29,424 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:29,425 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 422 transitions. [2022-02-20 14:38:29,425 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-02-20 14:38:29,425 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:29,426 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:29,426 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2022-02-20 14:38:29,426 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:29,427 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:29,427 INFO L85 PathProgramCache]: Analyzing trace with hash 688199024, now seen corresponding path program 1 times [2022-02-20 14:38:29,427 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:29,427 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2006130454] [2022-02-20 14:38:29,427 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:29,427 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:29,455 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:29,474 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-20 14:38:29,479 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:29,482 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 14:38:29,484 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:29,493 INFO L290 TraceCheckUtils]: 0: Hoare triple {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {24057#true} is VALID [2022-02-20 14:38:29,493 INFO L290 TraceCheckUtils]: 1: Hoare triple {24057#true} assume !(0 != ~compRegistered~0); {24057#true} is VALID [2022-02-20 14:38:29,493 INFO L290 TraceCheckUtils]: 2: Hoare triple {24057#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {24057#true} is VALID [2022-02-20 14:38:29,493 INFO L290 TraceCheckUtils]: 3: Hoare triple {24057#true} assume 0 == ~tmp_ndt_6~0; {24057#true} is VALID [2022-02-20 14:38:29,493 INFO L290 TraceCheckUtils]: 4: Hoare triple {24057#true} ~returnVal2~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 5: Hoare triple {24057#true} assume !(~s~0 == ~NP~0); {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 6: Hoare triple {24057#true} assume !(~s~0 == ~MPR1~0); {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 7: Hoare triple {24057#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 8: Hoare triple {24057#true} #res := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 9: Hoare triple {24057#true} assume true; {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {24057#true} {24057#true} #753#return; {24057#true} is VALID [2022-02-20 14:38:29,494 INFO L290 TraceCheckUtils]: 0: Hoare triple {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {24057#true} is VALID [2022-02-20 14:38:29,495 INFO L290 TraceCheckUtils]: 1: Hoare triple {24057#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {24057#true} is VALID [2022-02-20 14:38:29,495 INFO L290 TraceCheckUtils]: 2: Hoare triple {24057#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {24057#true} is VALID [2022-02-20 14:38:29,495 INFO L272 TraceCheckUtils]: 3: Hoare triple {24057#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 4: Hoare triple {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 5: Hoare triple {24057#true} assume !(0 != ~compRegistered~0); {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 6: Hoare triple {24057#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 7: Hoare triple {24057#true} assume 0 == ~tmp_ndt_6~0; {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 8: Hoare triple {24057#true} ~returnVal2~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 9: Hoare triple {24057#true} assume !(~s~0 == ~NP~0); {24057#true} is VALID [2022-02-20 14:38:29,496 INFO L290 TraceCheckUtils]: 10: Hoare triple {24057#true} assume !(~s~0 == ~MPR1~0); {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L290 TraceCheckUtils]: 11: Hoare triple {24057#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L290 TraceCheckUtils]: 12: Hoare triple {24057#true} #res := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L290 TraceCheckUtils]: 13: Hoare triple {24057#true} assume true; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {24057#true} {24057#true} #753#return; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L290 TraceCheckUtils]: 15: Hoare triple {24057#true} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L290 TraceCheckUtils]: 16: Hoare triple {24057#true} assume true; {24057#true} is VALID [2022-02-20 14:38:29,497 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {24057#true} {24058#false} #745#return; {24058#false} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 0: Hoare triple {24057#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 1: Hoare triple {24057#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 2: Hoare triple {24057#true} assume { :end_inline__BLAST_init } true; {24057#true} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 3: Hoare triple {24057#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 4: Hoare triple {24057#true} assume !(0 == main_~irp_choice~0#1); {24057#true} is VALID [2022-02-20 14:38:29,498 INFO L290 TraceCheckUtils]: 5: Hoare triple {24057#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 6: Hoare triple {24057#true} assume { :end_inline_stub_driver_init } true; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 7: Hoare triple {24057#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 8: Hoare triple {24057#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 9: Hoare triple {24057#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 10: Hoare triple {24057#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 11: Hoare triple {24057#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {24057#true} is VALID [2022-02-20 14:38:29,499 INFO L290 TraceCheckUtils]: 12: Hoare triple {24057#true} assume 8 == main_~tmp_ndt_5~0#1; {24057#true} is VALID [2022-02-20 14:38:29,500 INFO L290 TraceCheckUtils]: 13: Hoare triple {24057#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {24057#true} is VALID [2022-02-20 14:38:29,500 INFO L290 TraceCheckUtils]: 14: Hoare triple {24057#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {24057#true} is VALID [2022-02-20 14:38:29,500 INFO L290 TraceCheckUtils]: 15: Hoare triple {24057#true} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {24059#(<= (+ 1073741757 |ULTIMATE.start_KbFilter_InternIoCtl_~status~3#1|) 0)} is VALID [2022-02-20 14:38:29,501 INFO L290 TraceCheckUtils]: 16: Hoare triple {24059#(<= (+ 1073741757 |ULTIMATE.start_KbFilter_InternIoCtl_~status~3#1|) 0)} assume !(KbFilter_InternIoCtl_~status~3#1 < 0); {24058#false} is VALID [2022-02-20 14:38:29,501 INFO L272 TraceCheckUtils]: 17: Hoare triple {24058#false} call KbFilter_InternIoCtl_#t~ret80#1 := KbFilter_DispatchPassThrough(KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1); {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:29,501 INFO L290 TraceCheckUtils]: 18: Hoare triple {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {24057#true} is VALID [2022-02-20 14:38:29,501 INFO L290 TraceCheckUtils]: 19: Hoare triple {24057#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {24057#true} is VALID [2022-02-20 14:38:29,501 INFO L290 TraceCheckUtils]: 20: Hoare triple {24057#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {24057#true} is VALID [2022-02-20 14:38:29,502 INFO L272 TraceCheckUtils]: 21: Hoare triple {24057#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:29,502 INFO L290 TraceCheckUtils]: 22: Hoare triple {24078#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {24057#true} is VALID [2022-02-20 14:38:29,502 INFO L290 TraceCheckUtils]: 23: Hoare triple {24057#true} assume !(0 != ~compRegistered~0); {24057#true} is VALID [2022-02-20 14:38:29,502 INFO L290 TraceCheckUtils]: 24: Hoare triple {24057#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 25: Hoare triple {24057#true} assume 0 == ~tmp_ndt_6~0; {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 26: Hoare triple {24057#true} ~returnVal2~0 := 0; {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 27: Hoare triple {24057#true} assume !(~s~0 == ~NP~0); {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 28: Hoare triple {24057#true} assume !(~s~0 == ~MPR1~0); {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 29: Hoare triple {24057#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 30: Hoare triple {24057#true} #res := ~returnVal2~0; {24057#true} is VALID [2022-02-20 14:38:29,503 INFO L290 TraceCheckUtils]: 31: Hoare triple {24057#true} assume true; {24057#true} is VALID [2022-02-20 14:38:29,504 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {24057#true} {24057#true} #753#return; {24057#true} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 33: Hoare triple {24057#true} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {24057#true} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 34: Hoare triple {24057#true} assume true; {24057#true} is VALID [2022-02-20 14:38:29,504 INFO L284 TraceCheckUtils]: 35: Hoare quadruple {24057#true} {24058#false} #745#return; {24058#false} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 36: Hoare triple {24058#false} assume -2147483648 <= KbFilter_InternIoCtl_#t~ret80#1 && KbFilter_InternIoCtl_#t~ret80#1 <= 2147483647;KbFilter_InternIoCtl_~tmp~3#1 := KbFilter_InternIoCtl_#t~ret80#1;havoc KbFilter_InternIoCtl_#t~ret80#1;KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~tmp~3#1; {24058#false} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 37: Hoare triple {24058#false} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {24058#false} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 38: Hoare triple {24058#false} assume !(1 == ~pended~0); {24058#false} is VALID [2022-02-20 14:38:29,504 INFO L290 TraceCheckUtils]: 39: Hoare triple {24058#false} assume !(1 == ~pended~0); {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 40: Hoare triple {24058#false} assume ~s~0 != ~UNLOADED~0; {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 41: Hoare triple {24058#false} assume -1 != main_~status~1#1; {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 42: Hoare triple {24058#false} assume !(~s~0 != ~SKIP2~0); {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 43: Hoare triple {24058#false} assume !(1 == ~pended~0); {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 44: Hoare triple {24058#false} assume !(~s~0 == ~DC~0); {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L290 TraceCheckUtils]: 45: Hoare triple {24058#false} assume main_~status~1#1 != ~lowerDriverReturn~0; {24058#false} is VALID [2022-02-20 14:38:29,505 INFO L272 TraceCheckUtils]: 46: Hoare triple {24058#false} call errorFn(); {24058#false} is VALID [2022-02-20 14:38:29,506 INFO L290 TraceCheckUtils]: 47: Hoare triple {24058#false} assume !false; {24058#false} is VALID [2022-02-20 14:38:29,506 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:29,506 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:29,506 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2006130454] [2022-02-20 14:38:29,506 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2006130454] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:29,506 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:29,506 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:29,507 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1671553804] [2022-02-20 14:38:29,507 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:29,508 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 48 [2022-02-20 14:38:29,508 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:29,508 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:29,539 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:29,539 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:29,539 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:29,540 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:29,540 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:29,540 INFO L87 Difference]: Start difference. First operand 315 states and 422 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:29,893 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:29,893 INFO L93 Difference]: Finished difference Result 375 states and 486 transitions. [2022-02-20 14:38:29,893 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:29,893 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 48 [2022-02-20 14:38:29,893 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:29,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:29,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 257 transitions. [2022-02-20 14:38:29,896 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:29,897 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 257 transitions. [2022-02-20 14:38:29,897 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 257 transitions. [2022-02-20 14:38:30,080 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 257 edges. 257 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:30,087 INFO L225 Difference]: With dead ends: 375 [2022-02-20 14:38:30,087 INFO L226 Difference]: Without dead ends: 313 [2022-02-20 14:38:30,087 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:30,088 INFO L933 BasicCegarLoop]: 203 mSDtfsCounter, 26 mSDsluCounter, 338 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 541 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:30,088 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [26 Valid, 541 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:30,089 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 313 states. [2022-02-20 14:38:30,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 313 to 313. [2022-02-20 14:38:30,172 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:30,173 INFO L82 GeneralOperation]: Start isEquivalent. First operand 313 states. Second operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:30,173 INFO L74 IsIncluded]: Start isIncluded. First operand 313 states. Second operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:30,174 INFO L87 Difference]: Start difference. First operand 313 states. Second operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:30,180 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:30,181 INFO L93 Difference]: Finished difference Result 313 states and 412 transitions. [2022-02-20 14:38:30,181 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 412 transitions. [2022-02-20 14:38:30,183 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:30,183 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:30,183 INFO L74 IsIncluded]: Start isIncluded. First operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) Second operand 313 states. [2022-02-20 14:38:30,184 INFO L87 Difference]: Start difference. First operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) Second operand 313 states. [2022-02-20 14:38:30,190 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:30,190 INFO L93 Difference]: Finished difference Result 313 states and 412 transitions. [2022-02-20 14:38:30,190 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 412 transitions. [2022-02-20 14:38:30,191 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:30,191 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:30,191 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:30,191 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:30,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 313 states, 276 states have (on average 1.3405797101449275) internal successors, (370), 282 states have internal predecessors, (370), 21 states have call successors, (21), 13 states have call predecessors, (21), 15 states have return successors, (21), 17 states have call predecessors, (21), 17 states have call successors, (21) [2022-02-20 14:38:30,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 313 states to 313 states and 412 transitions. [2022-02-20 14:38:30,200 INFO L78 Accepts]: Start accepts. Automaton has 313 states and 412 transitions. Word has length 48 [2022-02-20 14:38:30,201 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:30,201 INFO L470 AbstractCegarLoop]: Abstraction has 313 states and 412 transitions. [2022-02-20 14:38:30,201 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 14:38:30,201 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 412 transitions. [2022-02-20 14:38:30,202 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-02-20 14:38:30,202 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:30,202 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:30,202 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2022-02-20 14:38:30,203 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:30,203 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:30,203 INFO L85 PathProgramCache]: Analyzing trace with hash -1404526372, now seen corresponding path program 1 times [2022-02-20 14:38:30,203 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:30,203 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1489117620] [2022-02-20 14:38:30,204 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:30,204 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:30,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:30,265 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 14:38:30,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:30,292 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-20 14:38:30,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:30,313 INFO L290 TraceCheckUtils]: 0: Hoare triple {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 1: Hoare triple {25619#true} assume !(0 != ~compRegistered~0); {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 2: Hoare triple {25619#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 3: Hoare triple {25619#true} assume 0 == ~tmp_ndt_6~0; {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 4: Hoare triple {25619#true} ~returnVal2~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 5: Hoare triple {25619#true} assume !(~s~0 == ~NP~0); {25619#true} is VALID [2022-02-20 14:38:30,314 INFO L290 TraceCheckUtils]: 6: Hoare triple {25619#true} assume !(~s~0 == ~MPR1~0); {25619#true} is VALID [2022-02-20 14:38:30,315 INFO L290 TraceCheckUtils]: 7: Hoare triple {25619#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:30,315 INFO L290 TraceCheckUtils]: 8: Hoare triple {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,315 INFO L290 TraceCheckUtils]: 9: Hoare triple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,316 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {25619#true} #753#return; {25654#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,316 INFO L290 TraceCheckUtils]: 0: Hoare triple {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {25619#true} is VALID [2022-02-20 14:38:30,317 INFO L290 TraceCheckUtils]: 1: Hoare triple {25619#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {25619#true} is VALID [2022-02-20 14:38:30,317 INFO L290 TraceCheckUtils]: 2: Hoare triple {25619#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {25619#true} is VALID [2022-02-20 14:38:30,317 INFO L272 TraceCheckUtils]: 3: Hoare triple {25619#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 4: Hoare triple {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 5: Hoare triple {25619#true} assume !(0 != ~compRegistered~0); {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 6: Hoare triple {25619#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 7: Hoare triple {25619#true} assume 0 == ~tmp_ndt_6~0; {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 8: Hoare triple {25619#true} ~returnVal2~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 9: Hoare triple {25619#true} assume !(~s~0 == ~NP~0); {25619#true} is VALID [2022-02-20 14:38:30,318 INFO L290 TraceCheckUtils]: 10: Hoare triple {25619#true} assume !(~s~0 == ~MPR1~0); {25619#true} is VALID [2022-02-20 14:38:30,319 INFO L290 TraceCheckUtils]: 11: Hoare triple {25619#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:30,319 INFO L290 TraceCheckUtils]: 12: Hoare triple {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,320 INFO L290 TraceCheckUtils]: 13: Hoare triple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,320 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {25619#true} #753#return; {25654#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,321 INFO L290 TraceCheckUtils]: 15: Hoare triple {25654#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,321 INFO L290 TraceCheckUtils]: 16: Hoare triple {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} assume true; {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,322 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} {25619#true} #745#return; {25639#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,322 INFO L290 TraceCheckUtils]: 0: Hoare triple {25619#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,322 INFO L290 TraceCheckUtils]: 1: Hoare triple {25619#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,322 INFO L290 TraceCheckUtils]: 2: Hoare triple {25619#true} assume { :end_inline__BLAST_init } true; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 3: Hoare triple {25619#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 4: Hoare triple {25619#true} assume !(0 == main_~irp_choice~0#1); {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 5: Hoare triple {25619#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 6: Hoare triple {25619#true} assume { :end_inline_stub_driver_init } true; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 7: Hoare triple {25619#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 8: Hoare triple {25619#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {25619#true} is VALID [2022-02-20 14:38:30,323 INFO L290 TraceCheckUtils]: 9: Hoare triple {25619#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 10: Hoare triple {25619#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 11: Hoare triple {25619#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 12: Hoare triple {25619#true} assume 8 == main_~tmp_ndt_5~0#1; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 13: Hoare triple {25619#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 14: Hoare triple {25619#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 15: Hoare triple {25619#true} assume !(0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1); {25619#true} is VALID [2022-02-20 14:38:30,324 INFO L290 TraceCheckUtils]: 16: Hoare triple {25619#true} assume !(KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 < KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1);KbFilter_InternIoCtl_~connectData~0#1 := KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1; {25619#true} is VALID [2022-02-20 14:38:30,325 INFO L290 TraceCheckUtils]: 17: Hoare triple {25619#true} assume !(KbFilter_InternIoCtl_~status~3#1 < 0); {25619#true} is VALID [2022-02-20 14:38:30,325 INFO L272 TraceCheckUtils]: 18: Hoare triple {25619#true} call KbFilter_InternIoCtl_#t~ret80#1 := KbFilter_DispatchPassThrough(KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1); {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:30,326 INFO L290 TraceCheckUtils]: 19: Hoare triple {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {25619#true} is VALID [2022-02-20 14:38:30,326 INFO L290 TraceCheckUtils]: 20: Hoare triple {25619#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {25619#true} is VALID [2022-02-20 14:38:30,326 INFO L290 TraceCheckUtils]: 21: Hoare triple {25619#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L272 TraceCheckUtils]: 22: Hoare triple {25619#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 23: Hoare triple {25642#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 24: Hoare triple {25619#true} assume !(0 != ~compRegistered~0); {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 25: Hoare triple {25619#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 26: Hoare triple {25619#true} assume 0 == ~tmp_ndt_6~0; {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 27: Hoare triple {25619#true} ~returnVal2~0 := 0; {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 28: Hoare triple {25619#true} assume !(~s~0 == ~NP~0); {25619#true} is VALID [2022-02-20 14:38:30,327 INFO L290 TraceCheckUtils]: 29: Hoare triple {25619#true} assume !(~s~0 == ~MPR1~0); {25619#true} is VALID [2022-02-20 14:38:30,328 INFO L290 TraceCheckUtils]: 30: Hoare triple {25619#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:30,328 INFO L290 TraceCheckUtils]: 31: Hoare triple {25656#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,329 INFO L290 TraceCheckUtils]: 32: Hoare triple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,329 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {25657#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {25619#true} #753#return; {25654#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,330 INFO L290 TraceCheckUtils]: 34: Hoare triple {25654#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,330 INFO L290 TraceCheckUtils]: 35: Hoare triple {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} assume true; {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,331 INFO L284 TraceCheckUtils]: 36: Hoare quadruple {25655#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} {25619#true} #745#return; {25639#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,331 INFO L290 TraceCheckUtils]: 37: Hoare triple {25639#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} assume -2147483648 <= KbFilter_InternIoCtl_#t~ret80#1 && KbFilter_InternIoCtl_#t~ret80#1 <= 2147483647;KbFilter_InternIoCtl_~tmp~3#1 := KbFilter_InternIoCtl_#t~ret80#1;havoc KbFilter_InternIoCtl_#t~ret80#1;KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~tmp~3#1; {25640#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_InternIoCtl_#res#1|)} is VALID [2022-02-20 14:38:30,332 INFO L290 TraceCheckUtils]: 38: Hoare triple {25640#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_InternIoCtl_#res#1|)} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,332 INFO L290 TraceCheckUtils]: 39: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,332 INFO L290 TraceCheckUtils]: 40: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,333 INFO L290 TraceCheckUtils]: 41: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,333 INFO L290 TraceCheckUtils]: 42: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,333 INFO L290 TraceCheckUtils]: 43: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,334 INFO L290 TraceCheckUtils]: 44: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,334 INFO L290 TraceCheckUtils]: 45: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:30,334 INFO L290 TraceCheckUtils]: 46: Hoare triple {25641#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {25620#false} is VALID [2022-02-20 14:38:30,335 INFO L272 TraceCheckUtils]: 47: Hoare triple {25620#false} call errorFn(); {25620#false} is VALID [2022-02-20 14:38:30,335 INFO L290 TraceCheckUtils]: 48: Hoare triple {25620#false} assume !false; {25620#false} is VALID [2022-02-20 14:38:30,335 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:30,335 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:30,335 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1489117620] [2022-02-20 14:38:30,335 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1489117620] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:30,336 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:30,336 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-02-20 14:38:30,336 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1062215131] [2022-02-20 14:38:30,336 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:30,336 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 49 [2022-02-20 14:38:30,337 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:30,337 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:30,372 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 49 edges. 49 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:30,372 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 14:38:30,372 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:30,372 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 14:38:30,372 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2022-02-20 14:38:30,373 INFO L87 Difference]: Start difference. First operand 313 states and 412 transitions. Second operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:31,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:31,355 INFO L93 Difference]: Finished difference Result 325 states and 424 transitions. [2022-02-20 14:38:31,355 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 14:38:31,355 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 49 [2022-02-20 14:38:31,355 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:31,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:31,357 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 225 transitions. [2022-02-20 14:38:31,357 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:31,359 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 225 transitions. [2022-02-20 14:38:31,359 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 225 transitions. [2022-02-20 14:38:31,496 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 225 edges. 225 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:31,501 INFO L225 Difference]: With dead ends: 325 [2022-02-20 14:38:31,501 INFO L226 Difference]: Without dead ends: 262 [2022-02-20 14:38:31,501 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=107, Unknown=0, NotChecked=0, Total=132 [2022-02-20 14:38:31,502 INFO L933 BasicCegarLoop]: 201 mSDtfsCounter, 41 mSDsluCounter, 1371 mSDsCounter, 0 mSdLazyCounter, 279 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 1572 SdHoareTripleChecker+Invalid, 295 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 279 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:31,502 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [41 Valid, 1572 Invalid, 295 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 279 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:31,503 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 262 states. [2022-02-20 14:38:31,557 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 262 to 262. [2022-02-20 14:38:31,557 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:31,558 INFO L82 GeneralOperation]: Start isEquivalent. First operand 262 states. Second operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) [2022-02-20 14:38:31,558 INFO L74 IsIncluded]: Start isIncluded. First operand 262 states. Second operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) [2022-02-20 14:38:31,559 INFO L87 Difference]: Start difference. First operand 262 states. Second operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) [2022-02-20 14:38:31,564 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:31,564 INFO L93 Difference]: Finished difference Result 262 states and 337 transitions. [2022-02-20 14:38:31,564 INFO L276 IsEmpty]: Start isEmpty. Operand 262 states and 337 transitions. [2022-02-20 14:38:31,564 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:31,565 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:31,565 INFO L74 IsIncluded]: Start isIncluded. First operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) Second operand 262 states. [2022-02-20 14:38:31,565 INFO L87 Difference]: Start difference. First operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) Second operand 262 states. [2022-02-20 14:38:31,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:31,570 INFO L93 Difference]: Finished difference Result 262 states and 337 transitions. [2022-02-20 14:38:31,570 INFO L276 IsEmpty]: Start isEmpty. Operand 262 states and 337 transitions. [2022-02-20 14:38:31,571 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:31,571 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:31,571 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:31,571 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:31,572 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 262 states, 229 states have (on average 1.314410480349345) internal successors, (301), 234 states have internal predecessors, (301), 18 states have call successors, (18), 12 states have call predecessors, (18), 14 states have return successors, (18), 15 states have call predecessors, (18), 14 states have call successors, (18) [2022-02-20 14:38:31,577 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 262 states to 262 states and 337 transitions. [2022-02-20 14:38:31,577 INFO L78 Accepts]: Start accepts. Automaton has 262 states and 337 transitions. Word has length 49 [2022-02-20 14:38:31,577 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:31,577 INFO L470 AbstractCegarLoop]: Abstraction has 262 states and 337 transitions. [2022-02-20 14:38:31,577 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:31,577 INFO L276 IsEmpty]: Start isEmpty. Operand 262 states and 337 transitions. [2022-02-20 14:38:31,578 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-20 14:38:31,578 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:31,578 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:31,579 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2022-02-20 14:38:31,579 INFO L402 AbstractCegarLoop]: === Iteration 21 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:31,579 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:31,579 INFO L85 PathProgramCache]: Analyzing trace with hash 128898727, now seen corresponding path program 1 times [2022-02-20 14:38:31,579 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:31,580 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1761180052] [2022-02-20 14:38:31,580 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:31,580 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:31,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:31,629 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 14:38:31,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:31,675 INFO L290 TraceCheckUtils]: 0: Hoare triple {26971#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {26954#true} is VALID [2022-02-20 14:38:31,675 INFO L290 TraceCheckUtils]: 1: Hoare triple {26954#true} assume !(0 != ~compRegistered~0); {26954#true} is VALID [2022-02-20 14:38:31,675 INFO L290 TraceCheckUtils]: 2: Hoare triple {26954#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {26954#true} is VALID [2022-02-20 14:38:31,675 INFO L290 TraceCheckUtils]: 3: Hoare triple {26954#true} assume 0 == ~tmp_ndt_6~0; {26954#true} is VALID [2022-02-20 14:38:31,676 INFO L290 TraceCheckUtils]: 4: Hoare triple {26954#true} ~returnVal2~0 := 0; {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,676 INFO L290 TraceCheckUtils]: 5: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~NP~0); {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,676 INFO L290 TraceCheckUtils]: 6: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~MPR1~0); {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,677 INFO L290 TraceCheckUtils]: 7: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,677 INFO L290 TraceCheckUtils]: 8: Hoare triple {26967#(= ~lowerDriverReturn~0 0)} #res := ~returnVal2~0; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,677 INFO L290 TraceCheckUtils]: 9: Hoare triple {26967#(= ~lowerDriverReturn~0 0)} assume true; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,678 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {26967#(= ~lowerDriverReturn~0 0)} {26954#true} #729#return; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,678 INFO L290 TraceCheckUtils]: 0: Hoare triple {26954#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {26954#true} is VALID [2022-02-20 14:38:31,678 INFO L290 TraceCheckUtils]: 1: Hoare triple {26954#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {26954#true} is VALID [2022-02-20 14:38:31,678 INFO L290 TraceCheckUtils]: 2: Hoare triple {26954#true} assume { :end_inline__BLAST_init } true; {26954#true} is VALID [2022-02-20 14:38:31,678 INFO L290 TraceCheckUtils]: 3: Hoare triple {26954#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {26954#true} is VALID [2022-02-20 14:38:31,679 INFO L290 TraceCheckUtils]: 4: Hoare triple {26954#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {26954#true} is VALID [2022-02-20 14:38:31,680 INFO L290 TraceCheckUtils]: 5: Hoare triple {26954#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {26954#true} is VALID [2022-02-20 14:38:31,681 INFO L290 TraceCheckUtils]: 6: Hoare triple {26954#true} assume { :end_inline_stub_driver_init } true; {26954#true} is VALID [2022-02-20 14:38:31,681 INFO L290 TraceCheckUtils]: 7: Hoare triple {26954#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {26954#true} is VALID [2022-02-20 14:38:31,681 INFO L290 TraceCheckUtils]: 8: Hoare triple {26954#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {26954#true} is VALID [2022-02-20 14:38:31,681 INFO L290 TraceCheckUtils]: 9: Hoare triple {26954#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 10: Hoare triple {26954#true} assume 3 == main_~tmp_ndt_3~0#1; {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 11: Hoare triple {26954#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 12: Hoare triple {26954#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 13: Hoare triple {26954#true} assume !(23 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 14: Hoare triple {26954#true} assume 2 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 15: Hoare triple {26954#true} KbFilter_PnP_~devExt__Removed~0#1 := 1; {26954#true} is VALID [2022-02-20 14:38:31,682 INFO L290 TraceCheckUtils]: 16: Hoare triple {26954#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {26954#true} is VALID [2022-02-20 14:38:31,683 INFO L290 TraceCheckUtils]: 17: Hoare triple {26954#true} KbFilter_PnP_#t~post15#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post15#1;havoc KbFilter_PnP_#t~post15#1;KbFilter_PnP_#t~post16#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post16#1;havoc KbFilter_PnP_#t~post16#1; {26954#true} is VALID [2022-02-20 14:38:31,684 INFO L272 TraceCheckUtils]: 18: Hoare triple {26954#true} call KbFilter_PnP_#t~ret17#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {26971#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:31,684 INFO L290 TraceCheckUtils]: 19: Hoare triple {26971#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {26954#true} is VALID [2022-02-20 14:38:31,684 INFO L290 TraceCheckUtils]: 20: Hoare triple {26954#true} assume !(0 != ~compRegistered~0); {26954#true} is VALID [2022-02-20 14:38:31,684 INFO L290 TraceCheckUtils]: 21: Hoare triple {26954#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {26954#true} is VALID [2022-02-20 14:38:31,684 INFO L290 TraceCheckUtils]: 22: Hoare triple {26954#true} assume 0 == ~tmp_ndt_6~0; {26954#true} is VALID [2022-02-20 14:38:31,685 INFO L290 TraceCheckUtils]: 23: Hoare triple {26954#true} ~returnVal2~0 := 0; {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,685 INFO L290 TraceCheckUtils]: 24: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~NP~0); {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,686 INFO L290 TraceCheckUtils]: 25: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~MPR1~0); {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-20 14:38:31,686 INFO L290 TraceCheckUtils]: 26: Hoare triple {26972#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,687 INFO L290 TraceCheckUtils]: 27: Hoare triple {26967#(= ~lowerDriverReturn~0 0)} #res := ~returnVal2~0; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,687 INFO L290 TraceCheckUtils]: 28: Hoare triple {26967#(= ~lowerDriverReturn~0 0)} assume true; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,688 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {26967#(= ~lowerDriverReturn~0 0)} {26954#true} #729#return; {26967#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-20 14:38:31,689 INFO L290 TraceCheckUtils]: 30: Hoare triple {26967#(= ~lowerDriverReturn~0 0)} assume -2147483648 <= KbFilter_PnP_#t~ret17#1 && KbFilter_PnP_#t~ret17#1 <= 2147483647;havoc KbFilter_PnP_#t~ret17#1;KbFilter_PnP_~status~0#1 := 0; {26968#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-20 14:38:31,689 INFO L290 TraceCheckUtils]: 31: Hoare triple {26968#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {26969#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,690 INFO L290 TraceCheckUtils]: 32: Hoare triple {26969#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,690 INFO L290 TraceCheckUtils]: 33: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,691 INFO L290 TraceCheckUtils]: 34: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,691 INFO L290 TraceCheckUtils]: 35: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,691 INFO L290 TraceCheckUtils]: 36: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,692 INFO L290 TraceCheckUtils]: 37: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,692 INFO L290 TraceCheckUtils]: 38: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,693 INFO L290 TraceCheckUtils]: 39: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:31,693 INFO L290 TraceCheckUtils]: 40: Hoare triple {26970#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {26955#false} is VALID [2022-02-20 14:38:31,693 INFO L272 TraceCheckUtils]: 41: Hoare triple {26955#false} call errorFn(); {26955#false} is VALID [2022-02-20 14:38:31,693 INFO L290 TraceCheckUtils]: 42: Hoare triple {26955#false} assume !false; {26955#false} is VALID [2022-02-20 14:38:31,694 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:31,694 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:31,694 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1761180052] [2022-02-20 14:38:31,694 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1761180052] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:31,694 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:31,694 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 14:38:31,695 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1546725495] [2022-02-20 14:38:31,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:31,696 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-20 14:38:31,696 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:31,696 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:31,738 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:31,738 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 14:38:31,739 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:31,740 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 14:38:31,740 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-02-20 14:38:31,740 INFO L87 Difference]: Start difference. First operand 262 states and 337 transitions. Second operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:32,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:32,593 INFO L93 Difference]: Finished difference Result 319 states and 399 transitions. [2022-02-20 14:38:32,593 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 14:38:32,593 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-20 14:38:32,594 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:32,594 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:32,607 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 237 transitions. [2022-02-20 14:38:32,608 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:32,611 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 237 transitions. [2022-02-20 14:38:32,611 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 237 transitions. [2022-02-20 14:38:32,789 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 237 edges. 237 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:32,800 INFO L225 Difference]: With dead ends: 319 [2022-02-20 14:38:32,800 INFO L226 Difference]: Without dead ends: 304 [2022-02-20 14:38:32,800 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 8 SyntacticMatches, 1 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=136, Unknown=0, NotChecked=0, Total=182 [2022-02-20 14:38:32,801 INFO L933 BasicCegarLoop]: 165 mSDtfsCounter, 314 mSDsluCounter, 569 mSDsCounter, 0 mSdLazyCounter, 227 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 314 SdHoareTripleChecker+Valid, 734 SdHoareTripleChecker+Invalid, 277 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 227 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:32,801 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [314 Valid, 734 Invalid, 277 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 227 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:32,808 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 304 states. [2022-02-20 14:38:32,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 304 to 274. [2022-02-20 14:38:32,869 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:32,870 INFO L82 GeneralOperation]: Start isEquivalent. First operand 304 states. Second operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) [2022-02-20 14:38:32,870 INFO L74 IsIncluded]: Start isIncluded. First operand 304 states. Second operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) [2022-02-20 14:38:32,871 INFO L87 Difference]: Start difference. First operand 304 states. Second operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) [2022-02-20 14:38:32,881 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:32,881 INFO L93 Difference]: Finished difference Result 304 states and 382 transitions. [2022-02-20 14:38:32,881 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 382 transitions. [2022-02-20 14:38:32,882 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:32,882 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:32,882 INFO L74 IsIncluded]: Start isIncluded. First operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) Second operand 304 states. [2022-02-20 14:38:32,883 INFO L87 Difference]: Start difference. First operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) Second operand 304 states. [2022-02-20 14:38:32,892 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:32,892 INFO L93 Difference]: Finished difference Result 304 states and 382 transitions. [2022-02-20 14:38:32,892 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 382 transitions. [2022-02-20 14:38:32,893 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:32,893 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:32,893 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:32,893 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:32,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 274 states, 239 states have (on average 1.301255230125523) internal successors, (311), 246 states have internal predecessors, (311), 18 states have call successors, (18), 12 states have call predecessors, (18), 16 states have return successors, (21), 15 states have call predecessors, (21), 14 states have call successors, (21) [2022-02-20 14:38:32,903 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 274 states to 274 states and 350 transitions. [2022-02-20 14:38:32,903 INFO L78 Accepts]: Start accepts. Automaton has 274 states and 350 transitions. Word has length 43 [2022-02-20 14:38:32,904 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:32,904 INFO L470 AbstractCegarLoop]: Abstraction has 274 states and 350 transitions. [2022-02-20 14:38:32,904 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:32,904 INFO L276 IsEmpty]: Start isEmpty. Operand 274 states and 350 transitions. [2022-02-20 14:38:32,905 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-20 14:38:32,905 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:32,905 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:32,905 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2022-02-20 14:38:32,905 INFO L402 AbstractCegarLoop]: === Iteration 22 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:32,906 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:32,906 INFO L85 PathProgramCache]: Analyzing trace with hash 1523737831, now seen corresponding path program 1 times [2022-02-20 14:38:32,906 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:32,906 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [139430999] [2022-02-20 14:38:32,906 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:32,907 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:32,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:32,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-20 14:38:32,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:32,984 INFO L290 TraceCheckUtils]: 0: Hoare triple {28391#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {28374#true} is VALID [2022-02-20 14:38:32,984 INFO L290 TraceCheckUtils]: 1: Hoare triple {28374#true} assume !(0 != ~compRegistered~0); {28374#true} is VALID [2022-02-20 14:38:32,984 INFO L290 TraceCheckUtils]: 2: Hoare triple {28374#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {28374#true} is VALID [2022-02-20 14:38:32,984 INFO L290 TraceCheckUtils]: 3: Hoare triple {28374#true} assume 0 == ~tmp_ndt_6~0; {28374#true} is VALID [2022-02-20 14:38:32,984 INFO L290 TraceCheckUtils]: 4: Hoare triple {28374#true} ~returnVal2~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,985 INFO L290 TraceCheckUtils]: 5: Hoare triple {28374#true} assume !(~s~0 == ~NP~0); {28374#true} is VALID [2022-02-20 14:38:32,985 INFO L290 TraceCheckUtils]: 6: Hoare triple {28374#true} assume !(~s~0 == ~MPR1~0); {28374#true} is VALID [2022-02-20 14:38:32,985 INFO L290 TraceCheckUtils]: 7: Hoare triple {28374#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {28392#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:32,985 INFO L290 TraceCheckUtils]: 8: Hoare triple {28392#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,986 INFO L290 TraceCheckUtils]: 9: Hoare triple {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,987 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {28374#true} #733#return; {28387#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 0: Hoare triple {28374#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 1: Hoare triple {28374#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 2: Hoare triple {28374#true} assume { :end_inline__BLAST_init } true; {28374#true} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 3: Hoare triple {28374#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 4: Hoare triple {28374#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {28374#true} is VALID [2022-02-20 14:38:32,987 INFO L290 TraceCheckUtils]: 5: Hoare triple {28374#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 6: Hoare triple {28374#true} assume { :end_inline_stub_driver_init } true; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 7: Hoare triple {28374#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 8: Hoare triple {28374#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 9: Hoare triple {28374#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 10: Hoare triple {28374#true} assume 3 == main_~tmp_ndt_3~0#1; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 11: Hoare triple {28374#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {28374#true} is VALID [2022-02-20 14:38:32,988 INFO L290 TraceCheckUtils]: 12: Hoare triple {28374#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {28374#true} is VALID [2022-02-20 14:38:32,989 INFO L290 TraceCheckUtils]: 13: Hoare triple {28374#true} assume !(23 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {28374#true} is VALID [2022-02-20 14:38:32,989 INFO L290 TraceCheckUtils]: 14: Hoare triple {28374#true} assume !(2 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {28374#true} is VALID [2022-02-20 14:38:32,989 INFO L290 TraceCheckUtils]: 15: Hoare triple {28374#true} assume 1 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {28374#true} is VALID [2022-02-20 14:38:32,989 INFO L290 TraceCheckUtils]: 16: Hoare triple {28374#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {28374#true} is VALID [2022-02-20 14:38:32,989 INFO L290 TraceCheckUtils]: 17: Hoare triple {28374#true} KbFilter_PnP_#t~post18#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post18#1;havoc KbFilter_PnP_#t~post18#1;KbFilter_PnP_#t~post19#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post19#1;havoc KbFilter_PnP_#t~post19#1; {28374#true} is VALID [2022-02-20 14:38:32,990 INFO L272 TraceCheckUtils]: 18: Hoare triple {28374#true} call KbFilter_PnP_#t~ret20#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {28391#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-20 14:38:32,990 INFO L290 TraceCheckUtils]: 19: Hoare triple {28391#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {28374#true} is VALID [2022-02-20 14:38:32,990 INFO L290 TraceCheckUtils]: 20: Hoare triple {28374#true} assume !(0 != ~compRegistered~0); {28374#true} is VALID [2022-02-20 14:38:32,990 INFO L290 TraceCheckUtils]: 21: Hoare triple {28374#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {28374#true} is VALID [2022-02-20 14:38:32,990 INFO L290 TraceCheckUtils]: 22: Hoare triple {28374#true} assume 0 == ~tmp_ndt_6~0; {28374#true} is VALID [2022-02-20 14:38:32,990 INFO L290 TraceCheckUtils]: 23: Hoare triple {28374#true} ~returnVal2~0 := 0; {28374#true} is VALID [2022-02-20 14:38:32,991 INFO L290 TraceCheckUtils]: 24: Hoare triple {28374#true} assume !(~s~0 == ~NP~0); {28374#true} is VALID [2022-02-20 14:38:32,991 INFO L290 TraceCheckUtils]: 25: Hoare triple {28374#true} assume !(~s~0 == ~MPR1~0); {28374#true} is VALID [2022-02-20 14:38:32,991 INFO L290 TraceCheckUtils]: 26: Hoare triple {28374#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {28392#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-20 14:38:32,992 INFO L290 TraceCheckUtils]: 27: Hoare triple {28392#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,992 INFO L290 TraceCheckUtils]: 28: Hoare triple {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,993 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {28393#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {28374#true} #733#return; {28387#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} is VALID [2022-02-20 14:38:32,993 INFO L290 TraceCheckUtils]: 30: Hoare triple {28387#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} assume -2147483648 <= KbFilter_PnP_#t~ret20#1 && KbFilter_PnP_#t~ret20#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret20#1;havoc KbFilter_PnP_#t~ret20#1; {28388#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-20 14:38:32,994 INFO L290 TraceCheckUtils]: 31: Hoare triple {28388#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {28389#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,994 INFO L290 TraceCheckUtils]: 32: Hoare triple {28389#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,994 INFO L290 TraceCheckUtils]: 33: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,995 INFO L290 TraceCheckUtils]: 34: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,995 INFO L290 TraceCheckUtils]: 35: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,995 INFO L290 TraceCheckUtils]: 36: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,996 INFO L290 TraceCheckUtils]: 37: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,996 INFO L290 TraceCheckUtils]: 38: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,996 INFO L290 TraceCheckUtils]: 39: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-20 14:38:32,997 INFO L290 TraceCheckUtils]: 40: Hoare triple {28390#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {28375#false} is VALID [2022-02-20 14:38:32,997 INFO L272 TraceCheckUtils]: 41: Hoare triple {28375#false} call errorFn(); {28375#false} is VALID [2022-02-20 14:38:32,997 INFO L290 TraceCheckUtils]: 42: Hoare triple {28375#false} assume !false; {28375#false} is VALID [2022-02-20 14:38:32,997 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:32,997 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 14:38:32,997 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [139430999] [2022-02-20 14:38:32,998 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [139430999] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:32,998 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:32,998 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-20 14:38:32,998 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1815562334] [2022-02-20 14:38:32,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:32,999 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-20 14:38:32,999 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:32,999 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:33,029 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:33,029 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 14:38:33,029 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 14:38:33,030 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 14:38:33,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2022-02-20 14:38:33,030 INFO L87 Difference]: Start difference. First operand 274 states and 350 transitions. Second operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:33,777 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:33,778 INFO L93 Difference]: Finished difference Result 288 states and 364 transitions. [2022-02-20 14:38:33,778 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 14:38:33,778 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-20 14:38:33,778 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:33,778 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:33,780 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 192 transitions. [2022-02-20 14:38:33,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:33,782 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 192 transitions. [2022-02-20 14:38:33,782 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 192 transitions. [2022-02-20 14:38:33,901 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 192 edges. 192 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:33,906 INFO L225 Difference]: With dead ends: 288 [2022-02-20 14:38:33,906 INFO L226 Difference]: Without dead ends: 224 [2022-02-20 14:38:33,907 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2022-02-20 14:38:33,907 INFO L933 BasicCegarLoop]: 157 mSDtfsCounter, 52 mSDsluCounter, 917 mSDsCounter, 0 mSdLazyCounter, 236 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 1074 SdHoareTripleChecker+Invalid, 252 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 236 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:33,908 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 1074 Invalid, 252 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 236 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:33,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2022-02-20 14:38:33,969 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 224. [2022-02-20 14:38:33,970 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:33,970 INFO L82 GeneralOperation]: Start isEquivalent. First operand 224 states. Second operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) [2022-02-20 14:38:33,971 INFO L74 IsIncluded]: Start isIncluded. First operand 224 states. Second operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) [2022-02-20 14:38:33,971 INFO L87 Difference]: Start difference. First operand 224 states. Second operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) [2022-02-20 14:38:33,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:33,977 INFO L93 Difference]: Finished difference Result 224 states and 258 transitions. [2022-02-20 14:38:33,977 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 258 transitions. [2022-02-20 14:38:33,978 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:33,978 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:33,978 INFO L74 IsIncluded]: Start isIncluded. First operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) Second operand 224 states. [2022-02-20 14:38:33,979 INFO L87 Difference]: Start difference. First operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) Second operand 224 states. [2022-02-20 14:38:33,983 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:33,983 INFO L93 Difference]: Finished difference Result 224 states and 258 transitions. [2022-02-20 14:38:33,983 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 258 transitions. [2022-02-20 14:38:33,984 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:33,984 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:33,984 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:33,984 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:33,984 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 192 states have (on average 1.171875) internal successors, (225), 197 states have internal predecessors, (225), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (17), 14 states have call predecessors, (17), 12 states have call successors, (17) [2022-02-20 14:38:33,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 258 transitions. [2022-02-20 14:38:33,989 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 258 transitions. Word has length 43 [2022-02-20 14:38:33,989 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:33,989 INFO L470 AbstractCegarLoop]: Abstraction has 224 states and 258 transitions. [2022-02-20 14:38:33,989 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:33,990 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 258 transitions. [2022-02-20 14:38:33,990 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-20 14:38:33,990 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:33,990 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:33,991 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2022-02-20 14:38:33,991 INFO L402 AbstractCegarLoop]: === Iteration 23 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:33,991 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:33,991 INFO L85 PathProgramCache]: Analyzing trace with hash -2019746375, now seen corresponding path program 1 times [2022-02-20 14:38:33,991 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 14:38:33,992 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [987758347] [2022-02-20 14:38:33,992 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:33,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 14:38:34,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 14:38:34,015 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-20 14:38:34,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-20 14:38:34,066 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-20 14:38:34,067 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-20 14:38:34,068 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-02-20 14:38:34,069 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable22 [2022-02-20 14:38:34,072 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:34,075 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-20 14:38:34,115 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call #t~ret17 := IofCallDriver(~devExt__TopOfStack~0, ~Irp); [2022-02-20 14:38:34,116 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getProgramExecutionAsString(CounterExampleResult.java:155) at de.uni_freiburg.informatik.ultimate.core.lib.results.CounterExampleResult.getLongDescription(CounterExampleResult.java:134) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-20 14:38:34,123 INFO L158 Benchmark]: Toolchain (without parser) took 26595.13ms. Allocated memory was 100.7MB in the beginning and 182.5MB in the end (delta: 81.8MB). Free memory was 66.9MB in the beginning and 102.8MB in the end (delta: -35.9MB). Peak memory consumption was 45.4MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,123 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 79.7MB. Free memory was 52.1MB in the beginning and 52.1MB in the end (delta: 26.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 14:38:34,123 INFO L158 Benchmark]: CACSL2BoogieTranslator took 471.09ms. Allocated memory is still 100.7MB. Free memory was 66.9MB in the beginning and 67.9MB in the end (delta: -1.1MB). Peak memory consumption was 12.0MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,123 INFO L158 Benchmark]: Boogie Procedure Inliner took 90.53ms. Allocated memory is still 100.7MB. Free memory was 67.9MB in the beginning and 62.9MB in the end (delta: 5.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,124 INFO L158 Benchmark]: Boogie Preprocessor took 48.83ms. Allocated memory is still 100.7MB. Free memory was 62.9MB in the beginning and 60.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,125 INFO L158 Benchmark]: RCFGBuilder took 1104.97ms. Allocated memory is still 100.7MB. Free memory was 60.2MB in the beginning and 46.1MB in the end (delta: 14.0MB). Peak memory consumption was 29.6MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,126 INFO L158 Benchmark]: TraceAbstraction took 24871.91ms. Allocated memory was 100.7MB in the beginning and 182.5MB in the end (delta: 81.8MB). Free memory was 46.1MB in the beginning and 102.8MB in the end (delta: -56.6MB). Peak memory consumption was 24.8MB. Max. memory is 16.1GB. [2022-02-20 14:38:34,128 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 79.7MB. Free memory was 52.1MB in the beginning and 52.1MB in the end (delta: 26.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 471.09ms. Allocated memory is still 100.7MB. Free memory was 66.9MB in the beginning and 67.9MB in the end (delta: -1.1MB). Peak memory consumption was 12.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 90.53ms. Allocated memory is still 100.7MB. Free memory was 67.9MB in the beginning and 62.9MB in the end (delta: 5.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 48.83ms. Allocated memory is still 100.7MB. Free memory was 62.9MB in the beginning and 60.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 1104.97ms. Allocated memory is still 100.7MB. Free memory was 60.2MB in the beginning and 46.1MB in the end (delta: 14.0MB). Peak memory consumption was 29.6MB. Max. memory is 16.1GB. * TraceAbstraction took 24871.91ms. Allocated memory was 100.7MB in the beginning and 182.5MB in the end (delta: 81.8MB). Free memory was 46.1MB in the beginning and 102.8MB in the end (delta: -56.6MB). Peak memory consumption was 24.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-20 14:38:34,165 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 14:38:36,042 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 14:38:36,045 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 14:38:36,078 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 14:38:36,080 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 14:38:36,084 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 14:38:36,086 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 14:38:36,091 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 14:38:36,093 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 14:38:36,097 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 14:38:36,098 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 14:38:36,102 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 14:38:36,102 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 14:38:36,105 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 14:38:36,106 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 14:38:36,108 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 14:38:36,108 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 14:38:36,109 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 14:38:36,113 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 14:38:36,122 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 14:38:36,124 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 14:38:36,125 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 14:38:36,126 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 14:38:36,128 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 14:38:36,133 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 14:38:36,134 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 14:38:36,134 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 14:38:36,136 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 14:38:36,136 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 14:38:36,137 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 14:38:36,137 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 14:38:36,138 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 14:38:36,139 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 14:38:36,140 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 14:38:36,141 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 14:38:36,141 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 14:38:36,142 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 14:38:36,142 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 14:38:36,143 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 14:38:36,144 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 14:38:36,145 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 14:38:36,148 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Bitvector.epf [2022-02-20 14:38:36,188 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 14:38:36,189 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 14:38:36,189 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 14:38:36,189 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 14:38:36,190 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 14:38:36,190 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 14:38:36,192 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 14:38:36,192 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 14:38:36,192 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 14:38:36,192 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 14:38:36,193 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 14:38:36,193 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 14:38:36,194 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 14:38:36,194 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-02-20 14:38:36,194 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 14:38:36,194 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-02-20 14:38:36,194 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 14:38:36,195 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 14:38:36,195 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 14:38:36,195 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 14:38:36,195 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-02-20 14:38:36,195 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 14:38:36,196 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-02-20 14:38:36,196 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 14:38:36,196 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 14:38:36,196 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 14:38:36,197 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 14:38:36,197 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 14:38:36,197 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 14:38:36,197 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-02-20 14:38:36,197 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 14:38:36,198 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 14:38:36,198 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2022-02-20 14:38:36,198 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-02-20 14:38:36,198 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-02-20 14:38:36,199 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 14:38:36,199 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde [2022-02-20 14:38:36,496 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 14:38:36,518 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 14:38:36,522 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 14:38:36,523 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 14:38:36,524 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 14:38:36,526 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:36,585 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4c9a84a64/81f0d88475484c1cb9f3669829ecafc9/FLAGf2bb3f940 [2022-02-20 14:38:37,003 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 14:38:37,005 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:37,016 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4c9a84a64/81f0d88475484c1cb9f3669829ecafc9/FLAGf2bb3f940 [2022-02-20 14:38:37,029 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4c9a84a64/81f0d88475484c1cb9f3669829ecafc9 [2022-02-20 14:38:37,031 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 14:38:37,032 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 14:38:37,033 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 14:38:37,033 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 14:38:37,040 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 14:38:37,041 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,042 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6322a80e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37, skipping insertion in model container [2022-02-20 14:38:37,042 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,048 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 14:38:37,096 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 14:38:37,398 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-20 14:38:37,406 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 14:38:37,417 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 14:38:37,512 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-20 14:38:37,521 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 14:38:37,538 INFO L208 MainTranslator]: Completed translation [2022-02-20 14:38:37,539 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37 WrapperNode [2022-02-20 14:38:37,539 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 14:38:37,540 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 14:38:37,540 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 14:38:37,540 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 14:38:37,546 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,567 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,620 INFO L137 Inliner]: procedures = 29, calls = 44, calls flagged for inlining = 10, calls inlined = 10, statements flattened = 607 [2022-02-20 14:38:37,621 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 14:38:37,622 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 14:38:37,622 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 14:38:37,622 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 14:38:37,629 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,629 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,634 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,634 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,644 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,650 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,652 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,656 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 14:38:37,656 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 14:38:37,657 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 14:38:37,657 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 14:38:37,658 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (1/1) ... [2022-02-20 14:38:37,663 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 14:38:37,673 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 14:38:37,684 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 14:38:37,720 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 14:38:37,735 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 14:38:37,735 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_Complete [2022-02-20 14:38:37,736 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_Complete [2022-02-20 14:38:37,736 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-20 14:38:37,736 INFO L130 BoogieDeclarations]: Found specification of procedure stubMoreProcessingRequired [2022-02-20 14:38:37,736 INFO L138 BoogieDeclarations]: Found implementation of procedure stubMoreProcessingRequired [2022-02-20 14:38:37,736 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_CreateClose [2022-02-20 14:38:37,736 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_CreateClose [2022-02-20 14:38:37,737 INFO L130 BoogieDeclarations]: Found specification of procedure IofCompleteRequest [2022-02-20 14:38:37,737 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCompleteRequest [2022-02-20 14:38:37,737 INFO L130 BoogieDeclarations]: Found specification of procedure errorFn [2022-02-20 14:38:37,737 INFO L138 BoogieDeclarations]: Found implementation of procedure errorFn [2022-02-20 14:38:37,737 INFO L130 BoogieDeclarations]: Found specification of procedure IofCallDriver [2022-02-20 14:38:37,737 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCallDriver [2022-02-20 14:38:37,737 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 14:38:37,738 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 14:38:37,738 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_DispatchPassThrough [2022-02-20 14:38:37,738 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_DispatchPassThrough [2022-02-20 14:38:37,854 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 14:38:37,855 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 14:38:37,998 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,002 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,004 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,008 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,010 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,493 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##87: assume !false; [2022-02-20 14:38:38,493 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##86: assume false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##63: assume !false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##62: assume false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##129: assume false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##130: assume !false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##18: assume false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##19: assume !false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##113: assume !false; [2022-02-20 14:38:38,494 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##112: assume false; [2022-02-20 14:38:38,550 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-20 14:38:38,580 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##12: assume !false; [2022-02-20 14:38:38,580 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##11: assume false; [2022-02-20 14:38:38,588 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 14:38:38,597 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 14:38:38,598 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 14:38:38,599 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 02:38:38 BoogieIcfgContainer [2022-02-20 14:38:38,599 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 14:38:38,601 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 14:38:38,601 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 14:38:38,604 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 14:38:38,604 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 02:38:37" (1/3) ... [2022-02-20 14:38:38,605 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2e4b763e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 02:38:38, skipping insertion in model container [2022-02-20 14:38:38,605 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 02:38:37" (2/3) ... [2022-02-20 14:38:38,606 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2e4b763e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 02:38:38, skipping insertion in model container [2022-02-20 14:38:38,607 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 02:38:38" (3/3) ... [2022-02-20 14:38:38,608 INFO L111 eAbstractionObserver]: Analyzing ICFG kbfiltr_simpl2.cil-2.c [2022-02-20 14:38:38,613 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 14:38:38,613 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-02-20 14:38:38,653 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 14:38:38,659 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 14:38:38,660 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-02-20 14:38:38,682 INFO L276 IsEmpty]: Start isEmpty. Operand has 209 states, 171 states have (on average 1.5964912280701755) internal successors, (273), 189 states have internal predecessors, (273), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-20 14:38:38,686 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 14:38:38,686 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:38,687 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:38,687 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:38,691 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:38,692 INFO L85 PathProgramCache]: Analyzing trace with hash -809123759, now seen corresponding path program 1 times [2022-02-20 14:38:38,702 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:38,702 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2125734694] [2022-02-20 14:38:38,702 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:38,703 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:38,703 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:38,709 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:38,712 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 14:38:38,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:38,795 INFO L263 TraceCheckSpWp]: Trace formula consists of 67 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 14:38:38,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:38,812 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:38,913 INFO L290 TraceCheckUtils]: 0: Hoare triple {212#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {212#true} is VALID [2022-02-20 14:38:38,914 INFO L290 TraceCheckUtils]: 1: Hoare triple {212#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {220#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} is VALID [2022-02-20 14:38:38,914 INFO L290 TraceCheckUtils]: 2: Hoare triple {220#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} assume { :end_inline__BLAST_init } true; {220#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} is VALID [2022-02-20 14:38:38,915 INFO L290 TraceCheckUtils]: 3: Hoare triple {220#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} assume !~bvsge32(main_~status~1#1, 0bv32); {213#false} is VALID [2022-02-20 14:38:38,915 INFO L290 TraceCheckUtils]: 4: Hoare triple {213#false} assume !(1bv32 == ~pended~0); {213#false} is VALID [2022-02-20 14:38:38,915 INFO L290 TraceCheckUtils]: 5: Hoare triple {213#false} assume !(1bv32 == ~pended~0); {213#false} is VALID [2022-02-20 14:38:38,916 INFO L290 TraceCheckUtils]: 6: Hoare triple {213#false} assume ~s~0 != ~UNLOADED~0; {213#false} is VALID [2022-02-20 14:38:38,916 INFO L290 TraceCheckUtils]: 7: Hoare triple {213#false} assume 4294967295bv32 != main_~status~1#1; {213#false} is VALID [2022-02-20 14:38:38,916 INFO L290 TraceCheckUtils]: 8: Hoare triple {213#false} assume !(~s~0 != ~SKIP2~0); {213#false} is VALID [2022-02-20 14:38:38,916 INFO L290 TraceCheckUtils]: 9: Hoare triple {213#false} assume 1bv32 == ~pended~0; {213#false} is VALID [2022-02-20 14:38:38,917 INFO L290 TraceCheckUtils]: 10: Hoare triple {213#false} assume 259bv32 != main_~status~1#1; {213#false} is VALID [2022-02-20 14:38:38,917 INFO L272 TraceCheckUtils]: 11: Hoare triple {213#false} call errorFn(); {213#false} is VALID [2022-02-20 14:38:38,917 INFO L290 TraceCheckUtils]: 12: Hoare triple {213#false} assume !false; {213#false} is VALID [2022-02-20 14:38:38,918 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:38,918 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:38,919 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:38,919 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2125734694] [2022-02-20 14:38:38,920 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2125734694] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:38,920 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:38,920 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:38,921 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [171953834] [2022-02-20 14:38:38,922 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:38,926 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-02-20 14:38:38,927 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:38,929 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:38,945 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:38,945 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:38,946 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:38,963 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:38,963 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:38,971 INFO L87 Difference]: Start difference. First operand has 209 states, 171 states have (on average 1.5964912280701755) internal successors, (273), 189 states have internal predecessors, (273), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) Second operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:39,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:39,436 INFO L93 Difference]: Finished difference Result 340 states and 533 transitions. [2022-02-20 14:38:39,437 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:39,437 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-02-20 14:38:39,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:39,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:39,461 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 533 transitions. [2022-02-20 14:38:39,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:39,476 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 533 transitions. [2022-02-20 14:38:39,476 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 533 transitions. [2022-02-20 14:38:40,016 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 533 edges. 533 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:40,034 INFO L225 Difference]: With dead ends: 340 [2022-02-20 14:38:40,034 INFO L226 Difference]: Without dead ends: 201 [2022-02-20 14:38:40,037 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:40,040 INFO L933 BasicCegarLoop]: 309 mSDtfsCounter, 178 mSDsluCounter, 108 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 189 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:40,043 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [189 Valid, 417 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:40,058 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 201 states. [2022-02-20 14:38:40,099 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 201 to 201. [2022-02-20 14:38:40,100 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:40,106 INFO L82 GeneralOperation]: Start isEquivalent. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:40,109 INFO L74 IsIncluded]: Start isIncluded. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:40,109 INFO L87 Difference]: Start difference. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:40,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:40,129 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-20 14:38:40,129 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:40,137 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:40,138 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:40,139 INFO L74 IsIncluded]: Start isIncluded. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-20 14:38:40,140 INFO L87 Difference]: Start difference. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-20 14:38:40,154 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:40,154 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-20 14:38:40,154 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:40,156 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:40,156 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:40,156 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:40,156 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:40,158 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 14:38:40,167 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 296 transitions. [2022-02-20 14:38:40,168 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 296 transitions. Word has length 13 [2022-02-20 14:38:40,168 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:40,169 INFO L470 AbstractCegarLoop]: Abstraction has 201 states and 296 transitions. [2022-02-20 14:38:40,169 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.0) internal successors, (12), 3 states have internal predecessors, (12), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:40,169 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-20 14:38:40,170 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 14:38:40,170 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:40,170 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:40,180 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:40,379 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:40,380 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:40,380 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:40,381 INFO L85 PathProgramCache]: Analyzing trace with hash 705160648, now seen corresponding path program 1 times [2022-02-20 14:38:40,381 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:40,381 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2138903472] [2022-02-20 14:38:40,381 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:40,382 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:40,382 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:40,383 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:40,385 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 14:38:40,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:40,463 INFO L263 TraceCheckSpWp]: Trace formula consists of 117 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 14:38:40,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:40,482 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:40,653 INFO L290 TraceCheckUtils]: 0: Hoare triple {1403#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {1403#true} is VALID [2022-02-20 14:38:40,654 INFO L290 TraceCheckUtils]: 1: Hoare triple {1403#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1411#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-20 14:38:40,654 INFO L290 TraceCheckUtils]: 2: Hoare triple {1411#(= ~NP~0 (_ bv1 32))} assume { :end_inline__BLAST_init } true; {1411#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-20 14:38:40,655 INFO L290 TraceCheckUtils]: 3: Hoare triple {1411#(= ~NP~0 (_ bv1 32))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {1411#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-20 14:38:40,655 INFO L290 TraceCheckUtils]: 4: Hoare triple {1411#(= ~NP~0 (_ bv1 32))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {1411#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-20 14:38:40,656 INFO L290 TraceCheckUtils]: 5: Hoare triple {1411#(= ~NP~0 (_ bv1 32))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,656 INFO L290 TraceCheckUtils]: 6: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline_stub_driver_init } true; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,657 INFO L290 TraceCheckUtils]: 7: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,657 INFO L290 TraceCheckUtils]: 8: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == main_~tmp_ndt_1~0#1; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,658 INFO L272 TraceCheckUtils]: 9: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,659 INFO L290 TraceCheckUtils]: 10: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,659 INFO L290 TraceCheckUtils]: 11: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == ~irpStack__MajorFunction~0; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,660 INFO L290 TraceCheckUtils]: 12: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == ~devExt__UpperConnectData__ClassService~0;~status~2 := 3221225860bv32; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,661 INFO L290 TraceCheckUtils]: 13: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,661 INFO L272 TraceCheckUtils]: 14: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,662 INFO L290 TraceCheckUtils]: 15: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:40,662 INFO L290 TraceCheckUtils]: 16: Hoare triple {1424#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume !(~s~0 == ~NP~0); {1404#false} is VALID [2022-02-20 14:38:40,663 INFO L272 TraceCheckUtils]: 17: Hoare triple {1404#false} call errorFn(); {1404#false} is VALID [2022-02-20 14:38:40,663 INFO L290 TraceCheckUtils]: 18: Hoare triple {1404#false} assume !false; {1404#false} is VALID [2022-02-20 14:38:40,663 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:40,663 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:40,663 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:40,664 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2138903472] [2022-02-20 14:38:40,664 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2138903472] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:40,664 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:40,664 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:40,664 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1765734424] [2022-02-20 14:38:40,665 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:40,666 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-20 14:38:40,666 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:40,666 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:40,685 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:40,685 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:40,685 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:40,686 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:40,686 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:40,686 INFO L87 Difference]: Start difference. First operand 201 states and 296 transitions. Second operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:41,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:41,403 INFO L93 Difference]: Finished difference Result 323 states and 461 transitions. [2022-02-20 14:38:41,403 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:41,403 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-20 14:38:41,403 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:41,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:41,409 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 461 transitions. [2022-02-20 14:38:41,418 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:41,424 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 461 transitions. [2022-02-20 14:38:41,424 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 461 transitions. [2022-02-20 14:38:41,843 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 461 edges. 461 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:41,851 INFO L225 Difference]: With dead ends: 323 [2022-02-20 14:38:41,851 INFO L226 Difference]: Without dead ends: 268 [2022-02-20 14:38:41,852 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:41,853 INFO L933 BasicCegarLoop]: 311 mSDtfsCounter, 360 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 360 SdHoareTripleChecker+Valid, 395 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:41,853 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [360 Valid, 395 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:41,854 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-20 14:38:41,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 252. [2022-02-20 14:38:41,870 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:41,871 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:41,873 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:41,873 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:41,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:41,885 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-20 14:38:41,885 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-20 14:38:41,886 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:41,886 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:41,888 INFO L74 IsIncluded]: Start isIncluded. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-20 14:38:41,891 INFO L87 Difference]: Start difference. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-20 14:38:41,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:41,902 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-20 14:38:41,902 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-20 14:38:41,903 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:41,903 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:41,903 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:41,904 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:41,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-20 14:38:41,921 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 361 transitions. [2022-02-20 14:38:41,921 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 361 transitions. Word has length 19 [2022-02-20 14:38:41,921 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:41,922 INFO L470 AbstractCegarLoop]: Abstraction has 252 states and 361 transitions. [2022-02-20 14:38:41,922 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:41,922 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 361 transitions. [2022-02-20 14:38:41,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 14:38:41,923 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:41,923 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:41,941 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:42,141 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:42,142 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:42,142 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:42,143 INFO L85 PathProgramCache]: Analyzing trace with hash -2016043499, now seen corresponding path program 1 times [2022-02-20 14:38:42,143 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:42,143 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2037444996] [2022-02-20 14:38:42,143 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:42,143 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:42,144 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:42,144 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:42,146 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 14:38:42,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:42,215 INFO L263 TraceCheckSpWp]: Trace formula consists of 99 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 14:38:42,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:42,228 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:42,273 INFO L290 TraceCheckUtils]: 0: Hoare triple {2788#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {2788#true} is VALID [2022-02-20 14:38:42,273 INFO L290 TraceCheckUtils]: 1: Hoare triple {2788#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {2788#true} is VALID [2022-02-20 14:38:42,273 INFO L290 TraceCheckUtils]: 2: Hoare triple {2788#true} assume { :end_inline__BLAST_init } true; {2788#true} is VALID [2022-02-20 14:38:42,274 INFO L290 TraceCheckUtils]: 3: Hoare triple {2788#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {2788#true} is VALID [2022-02-20 14:38:42,274 INFO L290 TraceCheckUtils]: 4: Hoare triple {2788#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {2788#true} is VALID [2022-02-20 14:38:42,274 INFO L290 TraceCheckUtils]: 5: Hoare triple {2788#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,275 INFO L290 TraceCheckUtils]: 6: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume { :end_inline_stub_driver_init } true; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,275 INFO L290 TraceCheckUtils]: 7: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,276 INFO L290 TraceCheckUtils]: 8: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,276 INFO L290 TraceCheckUtils]: 9: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,276 INFO L290 TraceCheckUtils]: 10: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume 3bv32 == main_~tmp_ndt_3~0#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,277 INFO L290 TraceCheckUtils]: 11: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,278 INFO L290 TraceCheckUtils]: 12: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,278 INFO L290 TraceCheckUtils]: 13: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,278 INFO L290 TraceCheckUtils]: 14: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume !(~s~0 != ~NP~0); {2808#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-20 14:38:42,279 INFO L290 TraceCheckUtils]: 15: Hoare triple {2808#(= ~compRegistered~0 (_ bv0 32))} assume 0bv32 != ~compRegistered~0; {2789#false} is VALID [2022-02-20 14:38:42,279 INFO L272 TraceCheckUtils]: 16: Hoare triple {2789#false} call errorFn(); {2789#false} is VALID [2022-02-20 14:38:42,279 INFO L290 TraceCheckUtils]: 17: Hoare triple {2789#false} assume !false; {2789#false} is VALID [2022-02-20 14:38:42,279 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:42,279 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:42,279 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:42,280 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2037444996] [2022-02-20 14:38:42,280 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2037444996] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:42,280 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:42,280 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:42,280 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [417467593] [2022-02-20 14:38:42,280 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:42,280 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 14:38:42,281 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:42,281 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:42,302 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:42,303 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:42,303 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:42,303 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:42,303 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:42,304 INFO L87 Difference]: Start difference. First operand 252 states and 361 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:42,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:42,638 INFO L93 Difference]: Finished difference Result 411 states and 569 transitions. [2022-02-20 14:38:42,638 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:42,638 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 14:38:42,638 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:42,639 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:42,644 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 453 transitions. [2022-02-20 14:38:42,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:42,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 453 transitions. [2022-02-20 14:38:42,649 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 453 transitions. [2022-02-20 14:38:42,999 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 453 edges. 453 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:43,008 INFO L225 Difference]: With dead ends: 411 [2022-02-20 14:38:43,008 INFO L226 Difference]: Without dead ends: 312 [2022-02-20 14:38:43,009 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:43,012 INFO L933 BasicCegarLoop]: 272 mSDtfsCounter, 242 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:43,013 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [242 Valid, 360 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:43,015 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2022-02-20 14:38:43,035 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 290. [2022-02-20 14:38:43,042 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:43,043 INFO L82 GeneralOperation]: Start isEquivalent. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:43,044 INFO L74 IsIncluded]: Start isIncluded. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:43,045 INFO L87 Difference]: Start difference. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:43,068 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:43,069 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-20 14:38:43,069 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-20 14:38:43,070 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:43,070 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:43,072 INFO L74 IsIncluded]: Start isIncluded. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-20 14:38:43,074 INFO L87 Difference]: Start difference. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-20 14:38:43,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:43,085 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-20 14:38:43,085 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-20 14:38:43,087 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:43,087 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:43,087 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:43,087 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:43,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:43,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 290 states to 290 states and 410 transitions. [2022-02-20 14:38:43,097 INFO L78 Accepts]: Start accepts. Automaton has 290 states and 410 transitions. Word has length 18 [2022-02-20 14:38:43,097 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:43,098 INFO L470 AbstractCegarLoop]: Abstraction has 290 states and 410 transitions. [2022-02-20 14:38:43,098 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:43,098 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 410 transitions. [2022-02-20 14:38:43,099 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 14:38:43,099 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:43,099 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:43,109 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:43,308 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:43,309 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:43,309 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:43,309 INFO L85 PathProgramCache]: Analyzing trace with hash 2075722554, now seen corresponding path program 1 times [2022-02-20 14:38:43,309 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:43,309 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1348752034] [2022-02-20 14:38:43,310 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:43,310 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:43,310 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:43,311 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:43,311 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 14:38:43,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:43,394 INFO L263 TraceCheckSpWp]: Trace formula consists of 138 conjuncts, 5 conjunts are in the unsatisfiable core [2022-02-20 14:38:43,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:43,411 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:43,582 INFO L290 TraceCheckUtils]: 0: Hoare triple {4420#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {4420#true} is VALID [2022-02-20 14:38:43,582 INFO L290 TraceCheckUtils]: 1: Hoare triple {4420#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,585 INFO L290 TraceCheckUtils]: 2: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume { :end_inline__BLAST_init } true; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,586 INFO L290 TraceCheckUtils]: 3: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,588 INFO L290 TraceCheckUtils]: 4: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,589 INFO L290 TraceCheckUtils]: 5: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,589 INFO L290 TraceCheckUtils]: 6: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume { :end_inline_stub_driver_init } true; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,590 INFO L290 TraceCheckUtils]: 7: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,590 INFO L290 TraceCheckUtils]: 8: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == main_~tmp_ndt_1~0#1; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,591 INFO L272 TraceCheckUtils]: 9: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,592 INFO L290 TraceCheckUtils]: 10: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,592 INFO L290 TraceCheckUtils]: 11: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == ~irpStack__MajorFunction~0; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,593 INFO L290 TraceCheckUtils]: 12: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == ~devExt__UpperConnectData__ClassService~0;~status~2 := 3221225860bv32; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,593 INFO L290 TraceCheckUtils]: 13: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,594 INFO L272 TraceCheckUtils]: 14: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,594 INFO L290 TraceCheckUtils]: 15: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {4428#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-20 14:38:43,595 INFO L290 TraceCheckUtils]: 16: Hoare triple {4428#(= (_ bv3 32) ~SKIP1~0)} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,596 INFO L290 TraceCheckUtils]: 17: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := ~bvadd32(1bv32, #t~post47);havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := ~bvadd32(1bv32, #t~post48);havoc #t~post48; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,596 INFO L272 TraceCheckUtils]: 18: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,597 INFO L290 TraceCheckUtils]: 19: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,603 INFO L290 TraceCheckUtils]: 20: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(0bv32 != ~compRegistered~0); {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,604 INFO L290 TraceCheckUtils]: 21: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,605 INFO L290 TraceCheckUtils]: 22: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume 0bv32 == ~tmp_ndt_6~0; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,605 INFO L290 TraceCheckUtils]: 23: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} ~returnVal2~0 := 0bv32; {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,606 INFO L290 TraceCheckUtils]: 24: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~NP~0); {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,606 INFO L290 TraceCheckUtils]: 25: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~MPR1~0); {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-20 14:38:43,607 INFO L290 TraceCheckUtils]: 26: Hoare triple {4474#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~SKIP1~0); {4421#false} is VALID [2022-02-20 14:38:43,607 INFO L272 TraceCheckUtils]: 27: Hoare triple {4421#false} call errorFn(); {4421#false} is VALID [2022-02-20 14:38:43,607 INFO L290 TraceCheckUtils]: 28: Hoare triple {4421#false} assume !false; {4421#false} is VALID [2022-02-20 14:38:43,608 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:43,608 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:43,608 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:43,609 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1348752034] [2022-02-20 14:38:43,610 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1348752034] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:43,610 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:43,610 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:43,612 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2111730523] [2022-02-20 14:38:43,612 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:43,613 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-20 14:38:43,613 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:43,613 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:43,643 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:43,643 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:43,643 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:43,644 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:43,645 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:43,645 INFO L87 Difference]: Start difference. First operand 290 states and 410 transitions. Second operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:44,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:44,189 INFO L93 Difference]: Finished difference Result 293 states and 412 transitions. [2022-02-20 14:38:44,189 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:44,189 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-20 14:38:44,189 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:44,189 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:44,192 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 292 transitions. [2022-02-20 14:38:44,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:44,195 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 292 transitions. [2022-02-20 14:38:44,195 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 292 transitions. [2022-02-20 14:38:44,437 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 292 edges. 292 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:44,445 INFO L225 Difference]: With dead ends: 293 [2022-02-20 14:38:44,445 INFO L226 Difference]: Without dead ends: 289 [2022-02-20 14:38:44,445 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:44,446 INFO L933 BasicCegarLoop]: 261 mSDtfsCounter, 257 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 84 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 257 SdHoareTripleChecker+Valid, 443 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 84 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:44,446 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [257 Valid, 443 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 84 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:44,447 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2022-02-20 14:38:44,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 289. [2022-02-20 14:38:44,460 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:44,461 INFO L82 GeneralOperation]: Start isEquivalent. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:44,461 INFO L74 IsIncluded]: Start isIncluded. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:44,462 INFO L87 Difference]: Start difference. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:44,469 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:44,470 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-20 14:38:44,470 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:44,470 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:44,470 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:44,471 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-20 14:38:44,472 INFO L87 Difference]: Start difference. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-20 14:38:44,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:44,479 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-20 14:38:44,479 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:44,480 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:44,480 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:44,480 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:44,480 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:44,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:44,489 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 407 transitions. [2022-02-20 14:38:44,490 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 407 transitions. Word has length 29 [2022-02-20 14:38:44,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:44,490 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 407 transitions. [2022-02-20 14:38:44,490 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:44,490 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-20 14:38:44,491 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 14:38:44,491 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:44,491 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:44,505 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:44,703 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:44,703 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:44,703 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:44,704 INFO L85 PathProgramCache]: Analyzing trace with hash -889185583, now seen corresponding path program 1 times [2022-02-20 14:38:44,704 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:44,704 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [540759550] [2022-02-20 14:38:44,704 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:44,704 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:44,704 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:44,705 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:44,706 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 14:38:44,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:44,783 INFO L263 TraceCheckSpWp]: Trace formula consists of 121 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 14:38:44,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:44,805 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:45,062 INFO L290 TraceCheckUtils]: 0: Hoare triple {5873#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {5873#true} is VALID [2022-02-20 14:38:45,063 INFO L290 TraceCheckUtils]: 1: Hoare triple {5873#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,064 INFO L290 TraceCheckUtils]: 2: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :end_inline__BLAST_init } true; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,064 INFO L290 TraceCheckUtils]: 3: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,065 INFO L290 TraceCheckUtils]: 4: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,066 INFO L290 TraceCheckUtils]: 5: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,066 INFO L290 TraceCheckUtils]: 6: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :end_inline_stub_driver_init } true; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,066 INFO L290 TraceCheckUtils]: 7: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,067 INFO L290 TraceCheckUtils]: 8: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,067 INFO L290 TraceCheckUtils]: 9: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,068 INFO L290 TraceCheckUtils]: 10: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,068 INFO L290 TraceCheckUtils]: 11: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,069 INFO L290 TraceCheckUtils]: 12: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 8bv32 == main_~tmp_ndt_5~0#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,070 INFO L290 TraceCheckUtils]: 13: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,071 INFO L290 TraceCheckUtils]: 14: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,072 INFO L290 TraceCheckUtils]: 15: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,072 INFO L290 TraceCheckUtils]: 16: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,073 INFO L272 TraceCheckUtils]: 17: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,074 INFO L290 TraceCheckUtils]: 18: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,074 INFO L290 TraceCheckUtils]: 19: Hoare triple {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5936#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,074 INFO L290 TraceCheckUtils]: 20: Hoare triple {5936#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} assume true; {5936#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,075 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5936#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} {5881#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} #743#return; {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,076 INFO L290 TraceCheckUtils]: 22: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,076 INFO L290 TraceCheckUtils]: 23: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,077 INFO L290 TraceCheckUtils]: 24: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(1bv32 == ~pended~0); {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,077 INFO L290 TraceCheckUtils]: 25: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(1bv32 == ~pended~0); {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,080 INFO L290 TraceCheckUtils]: 26: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume ~s~0 != ~UNLOADED~0; {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,081 INFO L290 TraceCheckUtils]: 27: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume 4294967295bv32 != main_~status~1#1; {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-20 14:38:45,081 INFO L290 TraceCheckUtils]: 28: Hoare triple {5943#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(~s~0 != ~SKIP2~0); {5874#false} is VALID [2022-02-20 14:38:45,082 INFO L290 TraceCheckUtils]: 29: Hoare triple {5874#false} assume 1bv32 == ~pended~0; {5874#false} is VALID [2022-02-20 14:38:45,082 INFO L290 TraceCheckUtils]: 30: Hoare triple {5874#false} assume 259bv32 != main_~status~1#1; {5874#false} is VALID [2022-02-20 14:38:45,082 INFO L272 TraceCheckUtils]: 31: Hoare triple {5874#false} call errorFn(); {5874#false} is VALID [2022-02-20 14:38:45,083 INFO L290 TraceCheckUtils]: 32: Hoare triple {5874#false} assume !false; {5874#false} is VALID [2022-02-20 14:38:45,084 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:45,084 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:45,085 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:45,085 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [540759550] [2022-02-20 14:38:45,085 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [540759550] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:45,085 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:45,085 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:45,085 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [917072568] [2022-02-20 14:38:45,086 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:45,089 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-20 14:38:45,089 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:45,089 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:45,116 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:45,117 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:45,117 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:45,117 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:45,118 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:45,118 INFO L87 Difference]: Start difference. First operand 289 states and 407 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:45,965 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:45,965 INFO L93 Difference]: Finished difference Result 315 states and 437 transitions. [2022-02-20 14:38:45,965 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:45,965 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-20 14:38:45,966 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:45,966 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:45,968 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 300 transitions. [2022-02-20 14:38:45,968 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:45,970 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 300 transitions. [2022-02-20 14:38:45,971 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 300 transitions. [2022-02-20 14:38:46,203 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 300 edges. 300 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:46,211 INFO L225 Difference]: With dead ends: 315 [2022-02-20 14:38:46,211 INFO L226 Difference]: Without dead ends: 306 [2022-02-20 14:38:46,211 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:46,212 INFO L933 BasicCegarLoop]: 265 mSDtfsCounter, 271 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 153 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 271 SdHoareTripleChecker+Valid, 653 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 153 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:46,212 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [271 Valid, 653 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 153 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 14:38:46,213 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-20 14:38:46,225 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-20 14:38:46,225 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:46,226 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:46,226 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:46,227 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:46,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:46,234 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-20 14:38:46,234 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-20 14:38:46,235 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:46,235 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:46,236 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:46,237 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:46,244 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:46,244 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-20 14:38:46,244 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-20 14:38:46,245 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:46,245 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:46,245 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:46,245 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:46,246 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:46,254 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 422 transitions. [2022-02-20 14:38:46,254 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 422 transitions. Word has length 33 [2022-02-20 14:38:46,254 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:46,254 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 422 transitions. [2022-02-20 14:38:46,255 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:46,255 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 422 transitions. [2022-02-20 14:38:46,256 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:46,256 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:46,256 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:46,267 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:46,464 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:46,464 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:46,465 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:46,465 INFO L85 PathProgramCache]: Analyzing trace with hash 2121154083, now seen corresponding path program 1 times [2022-02-20 14:38:46,465 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:46,465 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1611371639] [2022-02-20 14:38:46,465 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:46,465 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:46,465 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:46,466 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:46,468 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 14:38:46,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:46,556 INFO L263 TraceCheckSpWp]: Trace formula consists of 122 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 14:38:46,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:46,572 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:46,802 INFO L290 TraceCheckUtils]: 0: Hoare triple {7424#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {7424#true} is VALID [2022-02-20 14:38:46,803 INFO L290 TraceCheckUtils]: 1: Hoare triple {7424#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,805 INFO L290 TraceCheckUtils]: 2: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :end_inline__BLAST_init } true; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,805 INFO L290 TraceCheckUtils]: 3: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,813 INFO L290 TraceCheckUtils]: 4: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,816 INFO L290 TraceCheckUtils]: 5: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,817 INFO L290 TraceCheckUtils]: 6: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :end_inline_stub_driver_init } true; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,817 INFO L290 TraceCheckUtils]: 7: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,818 INFO L290 TraceCheckUtils]: 8: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,818 INFO L290 TraceCheckUtils]: 9: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,819 INFO L290 TraceCheckUtils]: 10: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,819 INFO L290 TraceCheckUtils]: 11: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,820 INFO L290 TraceCheckUtils]: 12: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 8bv32 == main_~tmp_ndt_5~0#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,820 INFO L290 TraceCheckUtils]: 13: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,821 INFO L290 TraceCheckUtils]: 14: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,822 INFO L290 TraceCheckUtils]: 15: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,822 INFO L290 TraceCheckUtils]: 16: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,823 INFO L272 TraceCheckUtils]: 17: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,824 INFO L290 TraceCheckUtils]: 18: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,824 INFO L290 TraceCheckUtils]: 19: Hoare triple {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {7487#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,824 INFO L290 TraceCheckUtils]: 20: Hoare triple {7487#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume true; {7487#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,825 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {7487#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} {7432#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} #743#return; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,826 INFO L290 TraceCheckUtils]: 22: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,826 INFO L290 TraceCheckUtils]: 23: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,827 INFO L290 TraceCheckUtils]: 24: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == ~pended~0); {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,827 INFO L290 TraceCheckUtils]: 25: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == ~pended~0); {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,827 INFO L290 TraceCheckUtils]: 26: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 != ~UNLOADED~0; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,828 INFO L290 TraceCheckUtils]: 27: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 4294967295bv32 != main_~status~1#1; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,828 INFO L290 TraceCheckUtils]: 28: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 != ~SKIP2~0; {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-20 14:38:46,829 INFO L290 TraceCheckUtils]: 29: Hoare triple {7494#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(~s~0 != ~IPC~0); {7425#false} is VALID [2022-02-20 14:38:46,829 INFO L290 TraceCheckUtils]: 30: Hoare triple {7425#false} assume 1bv32 == ~pended~0; {7425#false} is VALID [2022-02-20 14:38:46,829 INFO L290 TraceCheckUtils]: 31: Hoare triple {7425#false} assume 259bv32 != main_~status~1#1; {7425#false} is VALID [2022-02-20 14:38:46,829 INFO L272 TraceCheckUtils]: 32: Hoare triple {7425#false} call errorFn(); {7425#false} is VALID [2022-02-20 14:38:46,829 INFO L290 TraceCheckUtils]: 33: Hoare triple {7425#false} assume !false; {7425#false} is VALID [2022-02-20 14:38:46,830 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:46,830 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:46,830 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:46,830 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1611371639] [2022-02-20 14:38:46,830 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1611371639] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:46,831 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:46,831 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 14:38:46,831 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1190355454] [2022-02-20 14:38:46,831 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:46,831 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:46,832 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:46,832 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:46,863 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:46,863 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 14:38:46,863 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:46,864 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 14:38:46,864 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:46,864 INFO L87 Difference]: Start difference. First operand 301 states and 422 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:47,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:47,666 INFO L93 Difference]: Finished difference Result 311 states and 430 transitions. [2022-02-20 14:38:47,666 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:47,666 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:47,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:47,667 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:47,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 293 transitions. [2022-02-20 14:38:47,669 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:47,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 293 transitions. [2022-02-20 14:38:47,672 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 293 transitions. [2022-02-20 14:38:47,899 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 293 edges. 293 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:47,906 INFO L225 Difference]: With dead ends: 311 [2022-02-20 14:38:47,906 INFO L226 Difference]: Without dead ends: 306 [2022-02-20 14:38:47,907 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:47,908 INFO L933 BasicCegarLoop]: 265 mSDtfsCounter, 283 mSDsluCounter, 388 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 285 SdHoareTripleChecker+Valid, 653 SdHoareTripleChecker+Invalid, 153 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:47,908 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [285 Valid, 653 Invalid, 153 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:47,909 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-20 14:38:47,928 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-20 14:38:47,929 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:47,930 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:47,930 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:47,931 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:47,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:47,939 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-20 14:38:47,939 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-20 14:38:47,940 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:47,940 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:47,941 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:47,941 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-20 14:38:47,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:47,949 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-20 14:38:47,949 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-20 14:38:47,950 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:47,950 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:47,950 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:47,950 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:47,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-20 14:38:47,958 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 421 transitions. [2022-02-20 14:38:47,959 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 421 transitions. Word has length 34 [2022-02-20 14:38:47,959 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:47,959 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 421 transitions. [2022-02-20 14:38:47,959 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:47,959 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 421 transitions. [2022-02-20 14:38:47,960 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:47,960 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:47,960 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:47,972 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:48,169 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:48,169 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:48,170 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:48,170 INFO L85 PathProgramCache]: Analyzing trace with hash -1780979361, now seen corresponding path program 1 times [2022-02-20 14:38:48,170 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:48,170 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [761797389] [2022-02-20 14:38:48,170 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:48,170 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:48,170 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:48,171 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:48,172 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 14:38:48,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:48,250 INFO L263 TraceCheckSpWp]: Trace formula consists of 140 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 14:38:48,266 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:48,269 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:48,340 INFO L290 TraceCheckUtils]: 0: Hoare triple {8973#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {8973#true} is VALID [2022-02-20 14:38:48,340 INFO L290 TraceCheckUtils]: 1: Hoare triple {8973#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {8973#true} is VALID [2022-02-20 14:38:48,340 INFO L290 TraceCheckUtils]: 2: Hoare triple {8973#true} assume { :end_inline__BLAST_init } true; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 3: Hoare triple {8973#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 4: Hoare triple {8973#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 5: Hoare triple {8973#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 6: Hoare triple {8973#true} assume { :end_inline_stub_driver_init } true; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 7: Hoare triple {8973#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {8973#true} is VALID [2022-02-20 14:38:48,341 INFO L290 TraceCheckUtils]: 8: Hoare triple {8973#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 9: Hoare triple {8973#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 10: Hoare triple {8973#true} assume 3bv32 == main_~tmp_ndt_3~0#1; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 11: Hoare triple {8973#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 12: Hoare triple {8973#true} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 13: Hoare triple {8973#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {8973#true} is VALID [2022-02-20 14:38:48,342 INFO L290 TraceCheckUtils]: 14: Hoare triple {8973#true} assume !(~s~0 != ~NP~0); {8973#true} is VALID [2022-02-20 14:38:48,343 INFO L290 TraceCheckUtils]: 15: Hoare triple {8973#true} assume !(0bv32 != ~compRegistered~0);~compRegistered~0 := 1bv32; {9023#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-20 14:38:48,343 INFO L290 TraceCheckUtils]: 16: Hoare triple {9023#(= ~compRegistered~0 (_ bv1 32))} KbFilter_PnP_~irpSp___0~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224bv32; {9023#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-20 14:38:48,344 INFO L272 TraceCheckUtils]: 17: Hoare triple {9023#(= ~compRegistered~0 (_ bv1 32))} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {9023#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-20 14:38:48,344 INFO L290 TraceCheckUtils]: 18: Hoare triple {9023#(= ~compRegistered~0 (_ bv1 32))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {9023#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-20 14:38:48,345 INFO L290 TraceCheckUtils]: 19: Hoare triple {9023#(= ~compRegistered~0 (_ bv1 32))} assume !(0bv32 != ~compRegistered~0); {8974#false} is VALID [2022-02-20 14:38:48,345 INFO L290 TraceCheckUtils]: 20: Hoare triple {8974#false} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {8974#false} is VALID [2022-02-20 14:38:48,345 INFO L290 TraceCheckUtils]: 21: Hoare triple {8974#false} assume 0bv32 == ~tmp_ndt_6~0; {8974#false} is VALID [2022-02-20 14:38:48,345 INFO L290 TraceCheckUtils]: 22: Hoare triple {8974#false} ~returnVal2~0 := 0bv32; {8974#false} is VALID [2022-02-20 14:38:48,345 INFO L290 TraceCheckUtils]: 23: Hoare triple {8974#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {8974#false} is VALID [2022-02-20 14:38:48,346 INFO L290 TraceCheckUtils]: 24: Hoare triple {8974#false} #res := ~returnVal2~0; {8974#false} is VALID [2022-02-20 14:38:48,346 INFO L290 TraceCheckUtils]: 25: Hoare triple {8974#false} assume true; {8974#false} is VALID [2022-02-20 14:38:48,346 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {8974#false} {9023#(= ~compRegistered~0 (_ bv1 32))} #717#return; {8974#false} is VALID [2022-02-20 14:38:48,346 INFO L290 TraceCheckUtils]: 27: Hoare triple {8974#false} KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {8974#false} is VALID [2022-02-20 14:38:48,346 INFO L290 TraceCheckUtils]: 28: Hoare triple {8974#false} assume 259bv32 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0bv32, 0bv32;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L290 TraceCheckUtils]: 29: Hoare triple {8974#false} assume !(~s~0 == ~MPR3~0); {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L290 TraceCheckUtils]: 30: Hoare triple {8974#false} assume !(1bv32 == ~customIrp~0); {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L290 TraceCheckUtils]: 31: Hoare triple {8974#false} assume ~s~0 == ~MPR3~0; {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L272 TraceCheckUtils]: 32: Hoare triple {8974#false} call errorFn(); {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L290 TraceCheckUtils]: 33: Hoare triple {8974#false} assume !false; {8974#false} is VALID [2022-02-20 14:38:48,347 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:48,348 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:48,348 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:48,348 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [761797389] [2022-02-20 14:38:48,348 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [761797389] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:48,348 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:48,348 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:48,348 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1530785551] [2022-02-20 14:38:48,349 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:48,349 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:48,351 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:48,351 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:48,376 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:48,377 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:48,377 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:48,377 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:48,377 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:48,377 INFO L87 Difference]: Start difference. First operand 301 states and 421 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:48,669 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:48,670 INFO L93 Difference]: Finished difference Result 340 states and 460 transitions. [2022-02-20 14:38:48,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:48,670 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-20 14:38:48,670 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:48,670 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:48,673 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 368 transitions. [2022-02-20 14:38:48,673 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:48,676 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 368 transitions. [2022-02-20 14:38:48,676 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 368 transitions. [2022-02-20 14:38:48,969 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 368 edges. 368 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:48,976 INFO L225 Difference]: With dead ends: 340 [2022-02-20 14:38:48,976 INFO L226 Difference]: Without dead ends: 282 [2022-02-20 14:38:48,976 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:48,977 INFO L933 BasicCegarLoop]: 306 mSDtfsCounter, 80 mSDsluCounter, 218 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 524 SdHoareTripleChecker+Invalid, 7 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:48,977 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 524 Invalid, 7 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:48,978 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-02-20 14:38:48,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 268. [2022-02-20 14:38:48,987 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:48,988 INFO L82 GeneralOperation]: Start isEquivalent. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:48,989 INFO L74 IsIncluded]: Start isIncluded. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:48,989 INFO L87 Difference]: Start difference. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:48,995 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:48,996 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-20 14:38:48,996 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-20 14:38:48,996 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:48,997 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:48,997 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-20 14:38:48,998 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-20 14:38:49,004 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:49,004 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-20 14:38:49,005 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-20 14:38:49,005 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:49,005 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:49,005 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:49,005 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:49,006 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:49,013 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 370 transitions. [2022-02-20 14:38:49,013 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 370 transitions. Word has length 34 [2022-02-20 14:38:49,013 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:49,013 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 370 transitions. [2022-02-20 14:38:49,013 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:49,013 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 370 transitions. [2022-02-20 14:38:49,014 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-20 14:38:49,014 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:49,014 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:49,030 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:49,224 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:49,224 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:49,224 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:49,224 INFO L85 PathProgramCache]: Analyzing trace with hash -2069817079, now seen corresponding path program 1 times [2022-02-20 14:38:49,225 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:49,225 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1124296547] [2022-02-20 14:38:49,225 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:49,225 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:49,225 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:49,226 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:49,228 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 14:38:49,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:49,299 INFO L263 TraceCheckSpWp]: Trace formula consists of 120 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 14:38:49,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:49,313 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:49,506 INFO L290 TraceCheckUtils]: 0: Hoare triple {10466#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {10466#true} is VALID [2022-02-20 14:38:49,506 INFO L290 TraceCheckUtils]: 1: Hoare triple {10466#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,507 INFO L290 TraceCheckUtils]: 2: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline__BLAST_init } true; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,507 INFO L290 TraceCheckUtils]: 3: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,508 INFO L290 TraceCheckUtils]: 4: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,508 INFO L290 TraceCheckUtils]: 5: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,508 INFO L290 TraceCheckUtils]: 6: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline_stub_driver_init } true; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,509 INFO L290 TraceCheckUtils]: 7: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,509 INFO L290 TraceCheckUtils]: 8: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,509 INFO L290 TraceCheckUtils]: 9: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,510 INFO L290 TraceCheckUtils]: 10: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,510 INFO L290 TraceCheckUtils]: 11: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 4bv32 == main_~tmp_ndt_4~0#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,511 INFO L290 TraceCheckUtils]: 12: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,511 INFO L290 TraceCheckUtils]: 13: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,511 INFO L290 TraceCheckUtils]: 14: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-20 14:38:49,512 INFO L290 TraceCheckUtils]: 15: Hoare triple {10474#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,513 INFO L290 TraceCheckUtils]: 16: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,513 INFO L290 TraceCheckUtils]: 17: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume !(0bv32 != ~compRegistered~0); {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,514 INFO L290 TraceCheckUtils]: 18: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,514 INFO L290 TraceCheckUtils]: 19: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume 0bv32 == PoCallDriver_~tmp_ndt_9~0#1; {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,515 INFO L290 TraceCheckUtils]: 20: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} PoCallDriver_~returnVal~0#1 := 0bv32; {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-20 14:38:49,515 INFO L290 TraceCheckUtils]: 21: Hoare triple {10517#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {10467#false} is VALID [2022-02-20 14:38:49,515 INFO L290 TraceCheckUtils]: 22: Hoare triple {10467#false} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 23: Hoare triple {10467#false} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 24: Hoare triple {10467#false} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 25: Hoare triple {10467#false} assume !(1bv32 == ~pended~0); {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 26: Hoare triple {10467#false} assume !(1bv32 == ~pended~0); {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 27: Hoare triple {10467#false} assume ~s~0 != ~UNLOADED~0; {10467#false} is VALID [2022-02-20 14:38:49,516 INFO L290 TraceCheckUtils]: 28: Hoare triple {10467#false} assume 4294967295bv32 != main_~status~1#1; {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L290 TraceCheckUtils]: 29: Hoare triple {10467#false} assume !(~s~0 != ~SKIP2~0); {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L290 TraceCheckUtils]: 30: Hoare triple {10467#false} assume 1bv32 == ~pended~0; {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L290 TraceCheckUtils]: 31: Hoare triple {10467#false} assume 259bv32 != main_~status~1#1; {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L272 TraceCheckUtils]: 32: Hoare triple {10467#false} call errorFn(); {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L290 TraceCheckUtils]: 33: Hoare triple {10467#false} assume !false; {10467#false} is VALID [2022-02-20 14:38:49,517 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:49,518 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:49,518 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:49,518 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1124296547] [2022-02-20 14:38:49,518 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1124296547] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:49,518 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:49,518 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 14:38:49,518 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1932009360] [2022-02-20 14:38:49,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:49,519 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-20 14:38:49,519 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:49,521 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:49,553 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:49,553 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 14:38:49,553 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:49,553 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 14:38:49,554 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 14:38:49,554 INFO L87 Difference]: Start difference. First operand 268 states and 370 transitions. Second operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:50,073 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:50,073 INFO L93 Difference]: Finished difference Result 307 states and 418 transitions. [2022-02-20 14:38:50,073 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 14:38:50,073 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-20 14:38:50,074 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:50,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:50,076 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 333 transitions. [2022-02-20 14:38:50,077 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:50,079 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 333 transitions. [2022-02-20 14:38:50,079 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 333 transitions. [2022-02-20 14:38:50,389 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 333 edges. 333 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:50,395 INFO L225 Difference]: With dead ends: 307 [2022-02-20 14:38:50,395 INFO L226 Difference]: Without dead ends: 268 [2022-02-20 14:38:50,396 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 14:38:50,398 INFO L933 BasicCegarLoop]: 240 mSDtfsCounter, 285 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 285 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 109 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:50,399 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [285 Valid, 421 Invalid, 109 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:50,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-20 14:38:50,410 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 268. [2022-02-20 14:38:50,410 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:50,415 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:50,417 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:50,418 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:50,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:50,427 INFO L93 Difference]: Finished difference Result 268 states and 368 transitions. [2022-02-20 14:38:50,427 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-20 14:38:50,428 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:50,428 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:50,428 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 268 states. [2022-02-20 14:38:50,429 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 268 states. [2022-02-20 14:38:50,434 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:50,435 INFO L93 Difference]: Finished difference Result 268 states and 368 transitions. [2022-02-20 14:38:50,435 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-20 14:38:50,435 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:50,435 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:50,436 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:50,436 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:50,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-20 14:38:50,446 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 368 transitions. [2022-02-20 14:38:50,446 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 368 transitions. Word has length 34 [2022-02-20 14:38:50,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:50,447 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 368 transitions. [2022-02-20 14:38:50,447 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:50,447 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-20 14:38:50,448 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 14:38:50,448 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:50,448 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:50,460 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:50,656 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:50,657 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:50,657 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:50,657 INFO L85 PathProgramCache]: Analyzing trace with hash 1120484039, now seen corresponding path program 1 times [2022-02-20 14:38:50,658 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:50,658 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [348711539] [2022-02-20 14:38:50,658 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:50,658 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:50,658 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:50,659 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:50,660 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 14:38:50,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:50,728 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 14:38:50,753 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:50,754 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 0: Hoare triple {11883#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {11883#true} is VALID [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 1: Hoare triple {11883#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {11883#true} is VALID [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 2: Hoare triple {11883#true} assume { :end_inline__BLAST_init } true; {11883#true} is VALID [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 3: Hoare triple {11883#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {11883#true} is VALID [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 4: Hoare triple {11883#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {11883#true} is VALID [2022-02-20 14:38:50,852 INFO L290 TraceCheckUtils]: 5: Hoare triple {11883#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,853 INFO L290 TraceCheckUtils]: 6: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume { :end_inline_stub_driver_init } true; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,853 INFO L290 TraceCheckUtils]: 7: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,853 INFO L290 TraceCheckUtils]: 8: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,854 INFO L290 TraceCheckUtils]: 9: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,854 INFO L290 TraceCheckUtils]: 10: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,854 INFO L290 TraceCheckUtils]: 11: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,854 INFO L290 TraceCheckUtils]: 12: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume 8bv32 == main_~tmp_ndt_5~0#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,855 INFO L290 TraceCheckUtils]: 13: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,855 INFO L290 TraceCheckUtils]: 14: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,856 INFO L290 TraceCheckUtils]: 15: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,856 INFO L290 TraceCheckUtils]: 16: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,856 INFO L272 TraceCheckUtils]: 17: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,857 INFO L290 TraceCheckUtils]: 18: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,857 INFO L290 TraceCheckUtils]: 19: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,857 INFO L290 TraceCheckUtils]: 20: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume true; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,858 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {11903#(= ~pended~0 (_ bv0 32))} {11903#(= ~pended~0 (_ bv0 32))} #743#return; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,858 INFO L290 TraceCheckUtils]: 22: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,858 INFO L290 TraceCheckUtils]: 23: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,859 INFO L290 TraceCheckUtils]: 24: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == ~pended~0); {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,859 INFO L290 TraceCheckUtils]: 25: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == ~pended~0); {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,864 INFO L290 TraceCheckUtils]: 26: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~UNLOADED~0; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,864 INFO L290 TraceCheckUtils]: 27: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume 4294967295bv32 != main_~status~1#1; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,864 INFO L290 TraceCheckUtils]: 28: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~SKIP2~0; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,865 INFO L290 TraceCheckUtils]: 29: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~IPC~0; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,866 INFO L290 TraceCheckUtils]: 30: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume ~s~0 == ~DC~0; {11903#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-20 14:38:50,866 INFO L290 TraceCheckUtils]: 31: Hoare triple {11903#(= ~pended~0 (_ bv0 32))} assume 1bv32 == ~pended~0; {11884#false} is VALID [2022-02-20 14:38:50,867 INFO L290 TraceCheckUtils]: 32: Hoare triple {11884#false} assume 259bv32 != main_~status~1#1; {11884#false} is VALID [2022-02-20 14:38:50,867 INFO L272 TraceCheckUtils]: 33: Hoare triple {11884#false} call errorFn(); {11884#false} is VALID [2022-02-20 14:38:50,867 INFO L290 TraceCheckUtils]: 34: Hoare triple {11884#false} assume !false; {11884#false} is VALID [2022-02-20 14:38:50,867 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:50,867 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:50,868 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:50,868 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [348711539] [2022-02-20 14:38:50,868 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [348711539] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:50,868 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:50,868 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:50,868 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [872872843] [2022-02-20 14:38:50,868 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:50,869 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-20 14:38:50,869 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:50,869 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:50,900 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:50,900 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:50,900 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:50,901 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:50,901 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:50,901 INFO L87 Difference]: Start difference. First operand 268 states and 368 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:51,127 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:51,127 INFO L93 Difference]: Finished difference Result 286 states and 390 transitions. [2022-02-20 14:38:51,127 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:51,127 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-20 14:38:51,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:51,128 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:51,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 284 transitions. [2022-02-20 14:38:51,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:51,132 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 284 transitions. [2022-02-20 14:38:51,133 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 284 transitions. [2022-02-20 14:38:51,343 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 284 edges. 284 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:51,348 INFO L225 Difference]: With dead ends: 286 [2022-02-20 14:38:51,348 INFO L226 Difference]: Without dead ends: 232 [2022-02-20 14:38:51,348 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:51,349 INFO L933 BasicCegarLoop]: 259 mSDtfsCounter, 233 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 233 SdHoareTripleChecker+Valid, 259 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:51,349 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [233 Valid, 259 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:51,350 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2022-02-20 14:38:51,364 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 210. [2022-02-20 14:38:51,364 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:51,364 INFO L82 GeneralOperation]: Start isEquivalent. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:51,365 INFO L74 IsIncluded]: Start isIncluded. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:51,365 INFO L87 Difference]: Start difference. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:51,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:51,370 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-20 14:38:51,371 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-20 14:38:51,371 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:51,371 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:51,372 INFO L74 IsIncluded]: Start isIncluded. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-20 14:38:51,372 INFO L87 Difference]: Start difference. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-20 14:38:51,377 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:51,377 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-20 14:38:51,377 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-20 14:38:51,378 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:51,378 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:51,378 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:51,378 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:51,379 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:51,383 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 287 transitions. [2022-02-20 14:38:51,383 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 287 transitions. Word has length 35 [2022-02-20 14:38:51,384 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:51,384 INFO L470 AbstractCegarLoop]: Abstraction has 210 states and 287 transitions. [2022-02-20 14:38:51,384 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 14:38:51,384 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 287 transitions. [2022-02-20 14:38:51,385 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 14:38:51,385 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:51,386 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:51,396 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:51,595 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:51,595 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:51,596 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:51,596 INFO L85 PathProgramCache]: Analyzing trace with hash -152990302, now seen corresponding path program 1 times [2022-02-20 14:38:51,596 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:51,596 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1537314322] [2022-02-20 14:38:51,597 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:51,597 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:51,597 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:51,598 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:51,637 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Waiting until timeout for monitored process [2022-02-20 14:38:51,728 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:51,731 INFO L263 TraceCheckSpWp]: Trace formula consists of 151 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-20 14:38:51,749 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:51,751 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:51,862 INFO L290 TraceCheckUtils]: 0: Hoare triple {13123#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {13123#true} is VALID [2022-02-20 14:38:51,863 INFO L290 TraceCheckUtils]: 1: Hoare triple {13123#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {13123#true} is VALID [2022-02-20 14:38:51,863 INFO L290 TraceCheckUtils]: 2: Hoare triple {13123#true} assume { :end_inline__BLAST_init } true; {13123#true} is VALID [2022-02-20 14:38:51,863 INFO L290 TraceCheckUtils]: 3: Hoare triple {13123#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {13123#true} is VALID [2022-02-20 14:38:51,863 INFO L290 TraceCheckUtils]: 4: Hoare triple {13123#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 5: Hoare triple {13123#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 6: Hoare triple {13123#true} assume { :end_inline_stub_driver_init } true; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 7: Hoare triple {13123#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 8: Hoare triple {13123#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 9: Hoare triple {13123#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {13123#true} is VALID [2022-02-20 14:38:51,864 INFO L290 TraceCheckUtils]: 10: Hoare triple {13123#true} assume 3bv32 == main_~tmp_ndt_3~0#1; {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 11: Hoare triple {13123#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 12: Hoare triple {13123#true} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 13: Hoare triple {13123#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 14: Hoare triple {13123#true} assume !(~s~0 != ~NP~0); {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 15: Hoare triple {13123#true} assume !(0bv32 != ~compRegistered~0);~compRegistered~0 := 1bv32; {13123#true} is VALID [2022-02-20 14:38:51,865 INFO L290 TraceCheckUtils]: 16: Hoare triple {13123#true} KbFilter_PnP_~irpSp___0~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224bv32; {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L272 TraceCheckUtils]: 17: Hoare triple {13123#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L290 TraceCheckUtils]: 18: Hoare triple {13123#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L290 TraceCheckUtils]: 19: Hoare triple {13123#true} assume 0bv32 != ~compRegistered~0; {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L272 TraceCheckUtils]: 20: Hoare triple {13123#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L290 TraceCheckUtils]: 21: Hoare triple {13123#true} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0bv32, 0bv32;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1bv32;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {13123#true} is VALID [2022-02-20 14:38:51,866 INFO L290 TraceCheckUtils]: 22: Hoare triple {13123#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;havoc #t~ret40#1;#res#1 := 3221225494bv32; {13123#true} is VALID [2022-02-20 14:38:51,867 INFO L290 TraceCheckUtils]: 23: Hoare triple {13123#true} assume true; {13123#true} is VALID [2022-02-20 14:38:51,867 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {13123#true} {13123#true} #755#return; {13123#true} is VALID [2022-02-20 14:38:51,867 INFO L290 TraceCheckUtils]: 25: Hoare triple {13123#true} ~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~sign_extendFrom32To64(~compRetStatus~0); {13123#true} is VALID [2022-02-20 14:38:51,867 INFO L290 TraceCheckUtils]: 26: Hoare triple {13123#true} assume 18446744072635809814bv64 == ~__cil_tmp7~0; {13123#true} is VALID [2022-02-20 14:38:51,867 INFO L272 TraceCheckUtils]: 27: Hoare triple {13123#true} call stubMoreProcessingRequired(); {13123#true} is VALID [2022-02-20 14:38:51,868 INFO L290 TraceCheckUtils]: 28: Hoare triple {13123#true} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,868 INFO L290 TraceCheckUtils]: 29: Hoare triple {13212#(= ~s~0 ~MPR1~0)} assume true; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,869 INFO L284 TraceCheckUtils]: 30: Hoare quadruple {13212#(= ~s~0 ~MPR1~0)} {13123#true} #757#return; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,869 INFO L290 TraceCheckUtils]: 31: Hoare triple {13212#(= ~s~0 ~MPR1~0)} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,869 INFO L290 TraceCheckUtils]: 32: Hoare triple {13212#(= ~s~0 ~MPR1~0)} assume 0bv32 == ~tmp_ndt_6~0; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,870 INFO L290 TraceCheckUtils]: 33: Hoare triple {13212#(= ~s~0 ~MPR1~0)} ~returnVal2~0 := 0bv32; {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,870 INFO L290 TraceCheckUtils]: 34: Hoare triple {13212#(= ~s~0 ~MPR1~0)} assume !(~s~0 == ~NP~0); {13212#(= ~s~0 ~MPR1~0)} is VALID [2022-02-20 14:38:51,870 INFO L290 TraceCheckUtils]: 35: Hoare triple {13212#(= ~s~0 ~MPR1~0)} assume !(~s~0 == ~MPR1~0); {13124#false} is VALID [2022-02-20 14:38:51,871 INFO L290 TraceCheckUtils]: 36: Hoare triple {13124#false} assume !(~s~0 == ~SKIP1~0); {13124#false} is VALID [2022-02-20 14:38:51,871 INFO L272 TraceCheckUtils]: 37: Hoare triple {13124#false} call errorFn(); {13124#false} is VALID [2022-02-20 14:38:51,871 INFO L290 TraceCheckUtils]: 38: Hoare triple {13124#false} assume !false; {13124#false} is VALID [2022-02-20 14:38:51,871 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:51,871 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:51,872 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:51,872 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1537314322] [2022-02-20 14:38:51,872 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1537314322] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:51,872 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:51,872 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 14:38:51,872 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1911593203] [2022-02-20 14:38:51,872 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:51,873 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-20 14:38:51,873 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:51,873 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:51,904 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:51,904 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 14:38:51,904 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:51,905 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 14:38:51,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:51,905 INFO L87 Difference]: Start difference. First operand 210 states and 287 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:52,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:52,195 INFO L93 Difference]: Finished difference Result 234 states and 316 transitions. [2022-02-20 14:38:52,195 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 14:38:52,196 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-20 14:38:52,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:52,196 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:52,198 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 293 transitions. [2022-02-20 14:38:52,198 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:52,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 293 transitions. [2022-02-20 14:38:52,201 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 293 transitions. [2022-02-20 14:38:52,430 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 293 edges. 293 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:52,434 INFO L225 Difference]: With dead ends: 234 [2022-02-20 14:38:52,434 INFO L226 Difference]: Without dead ends: 208 [2022-02-20 14:38:52,435 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 38 GetRequests, 37 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 14:38:52,435 INFO L933 BasicCegarLoop]: 257 mSDtfsCounter, 5 mSDsluCounter, 213 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 5 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:52,437 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [5 Valid, 470 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 14:38:52,437 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-20 14:38:52,445 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 208. [2022-02-20 14:38:52,445 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:52,446 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:52,447 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:52,447 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:52,451 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:52,451 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-20 14:38:52,452 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:52,452 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:52,452 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:52,453 INFO L74 IsIncluded]: Start isIncluded. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-20 14:38:52,453 INFO L87 Difference]: Start difference. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-20 14:38:52,457 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:52,457 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-20 14:38:52,457 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:52,458 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:52,458 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:52,458 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:52,458 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:52,458 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:52,463 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 283 transitions. [2022-02-20 14:38:52,463 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 283 transitions. Word has length 39 [2022-02-20 14:38:52,463 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:52,463 INFO L470 AbstractCegarLoop]: Abstraction has 208 states and 283 transitions. [2022-02-20 14:38:52,463 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 14:38:52,463 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-20 14:38:52,464 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 14:38:52,465 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:52,465 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:52,477 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:52,674 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:52,674 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:52,675 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:52,675 INFO L85 PathProgramCache]: Analyzing trace with hash 143802695, now seen corresponding path program 1 times [2022-02-20 14:38:52,676 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:52,676 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [814585818] [2022-02-20 14:38:52,676 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:52,676 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:52,676 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:52,677 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:52,679 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-20 14:38:52,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:52,745 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 14:38:52,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:52,760 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:52,919 INFO L290 TraceCheckUtils]: 0: Hoare triple {14252#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {14252#true} is VALID [2022-02-20 14:38:52,919 INFO L290 TraceCheckUtils]: 1: Hoare triple {14252#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 2: Hoare triple {14252#true} assume { :end_inline__BLAST_init } true; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 3: Hoare triple {14252#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 4: Hoare triple {14252#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 5: Hoare triple {14252#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 6: Hoare triple {14252#true} assume { :end_inline_stub_driver_init } true; {14252#true} is VALID [2022-02-20 14:38:52,920 INFO L290 TraceCheckUtils]: 7: Hoare triple {14252#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {14252#true} is VALID [2022-02-20 14:38:52,921 INFO L290 TraceCheckUtils]: 8: Hoare triple {14252#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {14252#true} is VALID [2022-02-20 14:38:52,921 INFO L290 TraceCheckUtils]: 9: Hoare triple {14252#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {14252#true} is VALID [2022-02-20 14:38:52,921 INFO L290 TraceCheckUtils]: 10: Hoare triple {14252#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {14252#true} is VALID [2022-02-20 14:38:52,921 INFO L290 TraceCheckUtils]: 11: Hoare triple {14252#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {14252#true} is VALID [2022-02-20 14:38:52,922 INFO L290 TraceCheckUtils]: 12: Hoare triple {14252#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {14252#true} is VALID [2022-02-20 14:38:52,922 INFO L290 TraceCheckUtils]: 13: Hoare triple {14252#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {14252#true} is VALID [2022-02-20 14:38:52,922 INFO L290 TraceCheckUtils]: 14: Hoare triple {14252#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {14252#true} is VALID [2022-02-20 14:38:52,922 INFO L290 TraceCheckUtils]: 15: Hoare triple {14252#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {14252#true} is VALID [2022-02-20 14:38:52,922 INFO L290 TraceCheckUtils]: 16: Hoare triple {14252#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {14252#true} is VALID [2022-02-20 14:38:52,923 INFO L290 TraceCheckUtils]: 17: Hoare triple {14252#true} assume !(0bv32 != ~compRegistered~0); {14252#true} is VALID [2022-02-20 14:38:52,923 INFO L290 TraceCheckUtils]: 18: Hoare triple {14252#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {14252#true} is VALID [2022-02-20 14:38:52,923 INFO L290 TraceCheckUtils]: 19: Hoare triple {14252#true} assume 0bv32 == PoCallDriver_~tmp_ndt_9~0#1; {14252#true} is VALID [2022-02-20 14:38:52,924 INFO L290 TraceCheckUtils]: 20: Hoare triple {14252#true} PoCallDriver_~returnVal~0#1 := 0bv32; {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-20 14:38:52,924 INFO L290 TraceCheckUtils]: 21: Hoare triple {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume !(~s~0 == ~NP~0); {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-20 14:38:52,925 INFO L290 TraceCheckUtils]: 22: Hoare triple {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume !(~s~0 == ~MPR1~0); {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-20 14:38:52,925 INFO L290 TraceCheckUtils]: 23: Hoare triple {14317#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {14327#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32)))} is VALID [2022-02-20 14:38:52,926 INFO L290 TraceCheckUtils]: 24: Hoare triple {14327#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32)))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {14331#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,926 INFO L290 TraceCheckUtils]: 25: Hoare triple {14331#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {14335#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,926 INFO L290 TraceCheckUtils]: 26: Hoare triple {14335#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,927 INFO L290 TraceCheckUtils]: 27: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,928 INFO L290 TraceCheckUtils]: 28: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,928 INFO L290 TraceCheckUtils]: 29: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,929 INFO L290 TraceCheckUtils]: 30: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,929 INFO L290 TraceCheckUtils]: 31: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,929 INFO L290 TraceCheckUtils]: 32: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,930 INFO L290 TraceCheckUtils]: 33: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:52,930 INFO L290 TraceCheckUtils]: 34: Hoare triple {14339#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {14253#false} is VALID [2022-02-20 14:38:52,930 INFO L272 TraceCheckUtils]: 35: Hoare triple {14253#false} call errorFn(); {14253#false} is VALID [2022-02-20 14:38:52,931 INFO L290 TraceCheckUtils]: 36: Hoare triple {14253#false} assume !false; {14253#false} is VALID [2022-02-20 14:38:52,931 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:52,931 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:52,931 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:52,931 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [814585818] [2022-02-20 14:38:52,931 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [814585818] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:52,932 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:52,932 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 14:38:52,932 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1025814681] [2022-02-20 14:38:52,932 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:52,932 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-20 14:38:52,933 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:52,933 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:52,966 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:52,966 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 14:38:52,966 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:52,967 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 14:38:52,967 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:52,968 INFO L87 Difference]: Start difference. First operand 208 states and 283 transitions. Second operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:54,121 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:54,121 INFO L93 Difference]: Finished difference Result 227 states and 304 transitions. [2022-02-20 14:38:54,121 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 14:38:54,122 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-20 14:38:54,122 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:54,122 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:54,125 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 270 transitions. [2022-02-20 14:38:54,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:54,128 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 270 transitions. [2022-02-20 14:38:54,128 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 270 transitions. [2022-02-20 14:38:54,366 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 270 edges. 270 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:54,369 INFO L225 Difference]: With dead ends: 227 [2022-02-20 14:38:54,369 INFO L226 Difference]: Without dead ends: 207 [2022-02-20 14:38:54,370 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2022-02-20 14:38:54,370 INFO L933 BasicCegarLoop]: 239 mSDtfsCounter, 167 mSDsluCounter, 1000 mSDsCounter, 0 mSdLazyCounter, 123 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 167 SdHoareTripleChecker+Valid, 1239 SdHoareTripleChecker+Invalid, 136 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 123 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:54,370 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [167 Valid, 1239 Invalid, 136 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:54,371 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2022-02-20 14:38:54,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 207. [2022-02-20 14:38:54,379 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:54,380 INFO L82 GeneralOperation]: Start isEquivalent. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:54,380 INFO L74 IsIncluded]: Start isIncluded. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:54,380 INFO L87 Difference]: Start difference. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:54,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:54,386 INFO L93 Difference]: Finished difference Result 207 states and 281 transitions. [2022-02-20 14:38:54,386 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-20 14:38:54,386 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:54,386 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:54,387 INFO L74 IsIncluded]: Start isIncluded. First operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 207 states. [2022-02-20 14:38:54,387 INFO L87 Difference]: Start difference. First operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 207 states. [2022-02-20 14:38:54,392 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:54,392 INFO L93 Difference]: Finished difference Result 207 states and 281 transitions. [2022-02-20 14:38:54,392 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-20 14:38:54,393 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:54,393 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:54,393 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:54,393 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:54,394 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:54,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 281 transitions. [2022-02-20 14:38:54,400 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 281 transitions. Word has length 37 [2022-02-20 14:38:54,401 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:54,401 INFO L470 AbstractCegarLoop]: Abstraction has 207 states and 281 transitions. [2022-02-20 14:38:54,401 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:54,401 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-20 14:38:54,403 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 14:38:54,404 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:54,404 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:54,414 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:54,612 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:54,613 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:54,613 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:54,614 INFO L85 PathProgramCache]: Analyzing trace with hash -1174329782, now seen corresponding path program 1 times [2022-02-20 14:38:54,614 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:54,614 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1879696328] [2022-02-20 14:38:54,614 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:54,615 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:54,615 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:54,616 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:54,617 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-20 14:38:54,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:54,684 INFO L263 TraceCheckSpWp]: Trace formula consists of 125 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 14:38:54,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:54,697 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:54,866 INFO L290 TraceCheckUtils]: 0: Hoare triple {15373#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {15373#true} is VALID [2022-02-20 14:38:54,866 INFO L290 TraceCheckUtils]: 1: Hoare triple {15373#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {15373#true} is VALID [2022-02-20 14:38:54,866 INFO L290 TraceCheckUtils]: 2: Hoare triple {15373#true} assume { :end_inline__BLAST_init } true; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 3: Hoare triple {15373#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 4: Hoare triple {15373#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 5: Hoare triple {15373#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 6: Hoare triple {15373#true} assume { :end_inline_stub_driver_init } true; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 7: Hoare triple {15373#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 8: Hoare triple {15373#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {15373#true} is VALID [2022-02-20 14:38:54,867 INFO L290 TraceCheckUtils]: 9: Hoare triple {15373#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 10: Hoare triple {15373#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 11: Hoare triple {15373#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 12: Hoare triple {15373#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 13: Hoare triple {15373#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 14: Hoare triple {15373#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 15: Hoare triple {15373#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {15373#true} is VALID [2022-02-20 14:38:54,868 INFO L290 TraceCheckUtils]: 16: Hoare triple {15373#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {15373#true} is VALID [2022-02-20 14:38:54,869 INFO L290 TraceCheckUtils]: 17: Hoare triple {15373#true} assume !(0bv32 != ~compRegistered~0); {15373#true} is VALID [2022-02-20 14:38:54,869 INFO L290 TraceCheckUtils]: 18: Hoare triple {15373#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {15373#true} is VALID [2022-02-20 14:38:54,869 INFO L290 TraceCheckUtils]: 19: Hoare triple {15373#true} assume !(0bv32 == PoCallDriver_~tmp_ndt_9~0#1);havoc PoCallDriver_~tmp_ndt_10~0#1;PoCallDriver_~tmp_ndt_10~0#1 := PoCallDriver_#t~nondet62#1;havoc PoCallDriver_#t~nondet62#1; {15373#true} is VALID [2022-02-20 14:38:54,869 INFO L290 TraceCheckUtils]: 20: Hoare triple {15373#true} assume 1bv32 == PoCallDriver_~tmp_ndt_10~0#1; {15373#true} is VALID [2022-02-20 14:38:54,869 INFO L290 TraceCheckUtils]: 21: Hoare triple {15373#true} PoCallDriver_~returnVal~0#1 := 3221225473bv32; {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-20 14:38:54,870 INFO L290 TraceCheckUtils]: 22: Hoare triple {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume !(~s~0 == ~NP~0); {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-20 14:38:54,870 INFO L290 TraceCheckUtils]: 23: Hoare triple {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume !(~s~0 == ~MPR1~0); {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-20 14:38:54,871 INFO L290 TraceCheckUtils]: 24: Hoare triple {15441#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {15451#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|))} is VALID [2022-02-20 14:38:54,871 INFO L290 TraceCheckUtils]: 25: Hoare triple {15451#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {15455#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,872 INFO L290 TraceCheckUtils]: 26: Hoare triple {15455#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {15459#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,872 INFO L290 TraceCheckUtils]: 27: Hoare triple {15459#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,873 INFO L290 TraceCheckUtils]: 28: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,873 INFO L290 TraceCheckUtils]: 29: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,873 INFO L290 TraceCheckUtils]: 30: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,874 INFO L290 TraceCheckUtils]: 31: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,875 INFO L290 TraceCheckUtils]: 32: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,875 INFO L290 TraceCheckUtils]: 33: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,876 INFO L290 TraceCheckUtils]: 34: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:54,876 INFO L290 TraceCheckUtils]: 35: Hoare triple {15463#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {15374#false} is VALID [2022-02-20 14:38:54,876 INFO L272 TraceCheckUtils]: 36: Hoare triple {15374#false} call errorFn(); {15374#false} is VALID [2022-02-20 14:38:54,876 INFO L290 TraceCheckUtils]: 37: Hoare triple {15374#false} assume !false; {15374#false} is VALID [2022-02-20 14:38:54,877 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:54,877 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:54,877 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:54,877 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1879696328] [2022-02-20 14:38:54,877 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1879696328] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:54,877 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:54,877 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 14:38:54,878 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1869779980] [2022-02-20 14:38:54,878 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:54,878 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-20 14:38:54,878 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:54,879 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:54,907 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:54,907 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 14:38:54,908 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:54,908 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 14:38:54,908 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:54,909 INFO L87 Difference]: Start difference. First operand 207 states and 281 transitions. Second operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:55,750 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:55,750 INFO L93 Difference]: Finished difference Result 226 states and 302 transitions. [2022-02-20 14:38:55,750 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:55,750 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-20 14:38:55,751 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:55,751 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:55,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 268 transitions. [2022-02-20 14:38:55,755 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:55,757 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 268 transitions. [2022-02-20 14:38:55,757 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 268 transitions. [2022-02-20 14:38:55,975 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 268 edges. 268 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:55,979 INFO L225 Difference]: With dead ends: 226 [2022-02-20 14:38:55,979 INFO L226 Difference]: Without dead ends: 206 [2022-02-20 14:38:55,979 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2022-02-20 14:38:55,984 INFO L933 BasicCegarLoop]: 239 mSDtfsCounter, 51 mSDsluCounter, 927 mSDsCounter, 0 mSdLazyCounter, 72 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 1166 SdHoareTripleChecker+Invalid, 74 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 72 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 14:38:55,984 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 1166 Invalid, 74 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 72 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 14:38:55,985 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 206 states. [2022-02-20 14:38:55,992 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 206 to 206. [2022-02-20 14:38:55,993 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 14:38:55,994 INFO L82 GeneralOperation]: Start isEquivalent. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:56,002 INFO L74 IsIncluded]: Start isIncluded. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:56,010 INFO L87 Difference]: Start difference. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:56,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:56,015 INFO L93 Difference]: Finished difference Result 206 states and 279 transitions. [2022-02-20 14:38:56,015 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-20 14:38:56,016 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:56,016 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:56,016 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 206 states. [2022-02-20 14:38:56,016 INFO L87 Difference]: Start difference. First operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 206 states. [2022-02-20 14:38:56,021 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:56,022 INFO L93 Difference]: Finished difference Result 206 states and 279 transitions. [2022-02-20 14:38:56,022 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-20 14:38:56,023 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 14:38:56,023 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 14:38:56,023 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 14:38:56,023 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 14:38:56,023 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-20 14:38:56,029 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 279 transitions. [2022-02-20 14:38:56,029 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 279 transitions. Word has length 38 [2022-02-20 14:38:56,029 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 14:38:56,029 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 279 transitions. [2022-02-20 14:38:56,030 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:56,030 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-20 14:38:56,030 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-20 14:38:56,031 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 14:38:56,031 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 14:38:56,042 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Forceful destruction successful, exit code 0 [2022-02-20 14:38:56,239 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 14:38:56,239 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION === [errorFnErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-02-20 14:38:56,239 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 14:38:56,240 INFO L85 PathProgramCache]: Analyzing trace with hash -461855094, now seen corresponding path program 1 times [2022-02-20 14:38:56,240 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 14:38:56,240 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1156802107] [2022-02-20 14:38:56,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 14:38:56,240 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 14:38:56,240 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 14:38:56,241 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 14:38:56,242 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2022-02-20 14:38:56,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:56,304 INFO L263 TraceCheckSpWp]: Trace formula consists of 125 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 14:38:56,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 14:38:56,317 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 14:38:56,467 INFO L290 TraceCheckUtils]: 0: Hoare triple {16491#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {16491#true} is VALID [2022-02-20 14:38:56,468 INFO L290 TraceCheckUtils]: 1: Hoare triple {16491#true} assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {16491#true} is VALID [2022-02-20 14:38:56,468 INFO L290 TraceCheckUtils]: 2: Hoare triple {16491#true} assume { :end_inline__BLAST_init } true; {16491#true} is VALID [2022-02-20 14:38:56,468 INFO L290 TraceCheckUtils]: 3: Hoare triple {16491#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {16491#true} is VALID [2022-02-20 14:38:56,468 INFO L290 TraceCheckUtils]: 4: Hoare triple {16491#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 5: Hoare triple {16491#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 6: Hoare triple {16491#true} assume { :end_inline_stub_driver_init } true; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 7: Hoare triple {16491#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 8: Hoare triple {16491#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 9: Hoare triple {16491#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 10: Hoare triple {16491#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {16491#true} is VALID [2022-02-20 14:38:56,469 INFO L290 TraceCheckUtils]: 11: Hoare triple {16491#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 12: Hoare triple {16491#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 13: Hoare triple {16491#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 14: Hoare triple {16491#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 15: Hoare triple {16491#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 16: Hoare triple {16491#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {16491#true} is VALID [2022-02-20 14:38:56,470 INFO L290 TraceCheckUtils]: 17: Hoare triple {16491#true} assume !(0bv32 != ~compRegistered~0); {16491#true} is VALID [2022-02-20 14:38:56,471 INFO L290 TraceCheckUtils]: 18: Hoare triple {16491#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {16491#true} is VALID [2022-02-20 14:38:56,471 INFO L290 TraceCheckUtils]: 19: Hoare triple {16491#true} assume !(0bv32 == PoCallDriver_~tmp_ndt_9~0#1);havoc PoCallDriver_~tmp_ndt_10~0#1;PoCallDriver_~tmp_ndt_10~0#1 := PoCallDriver_#t~nondet62#1;havoc PoCallDriver_#t~nondet62#1; {16491#true} is VALID [2022-02-20 14:38:56,471 INFO L290 TraceCheckUtils]: 20: Hoare triple {16491#true} assume !(1bv32 == PoCallDriver_~tmp_ndt_10~0#1); {16491#true} is VALID [2022-02-20 14:38:56,474 INFO L290 TraceCheckUtils]: 21: Hoare triple {16491#true} PoCallDriver_~returnVal~0#1 := 259bv32; {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-20 14:38:56,475 INFO L290 TraceCheckUtils]: 22: Hoare triple {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume !(~s~0 == ~NP~0); {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-20 14:38:56,475 INFO L290 TraceCheckUtils]: 23: Hoare triple {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume !(~s~0 == ~MPR1~0); {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-20 14:38:56,475 INFO L290 TraceCheckUtils]: 24: Hoare triple {16559#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {16569#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32)))} is VALID [2022-02-20 14:38:56,476 INFO L290 TraceCheckUtils]: 25: Hoare triple {16569#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32)))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {16573#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,476 INFO L290 TraceCheckUtils]: 26: Hoare triple {16573#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {16577#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,477 INFO L290 TraceCheckUtils]: 27: Hoare triple {16577#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,477 INFO L290 TraceCheckUtils]: 28: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,477 INFO L290 TraceCheckUtils]: 29: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,478 INFO L290 TraceCheckUtils]: 30: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,478 INFO L290 TraceCheckUtils]: 31: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,478 INFO L290 TraceCheckUtils]: 32: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,479 INFO L290 TraceCheckUtils]: 33: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,479 INFO L290 TraceCheckUtils]: 34: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-20 14:38:56,480 INFO L290 TraceCheckUtils]: 35: Hoare triple {16581#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {16492#false} is VALID [2022-02-20 14:38:56,480 INFO L272 TraceCheckUtils]: 36: Hoare triple {16492#false} call errorFn(); {16492#false} is VALID [2022-02-20 14:38:56,480 INFO L290 TraceCheckUtils]: 37: Hoare triple {16492#false} assume !false; {16492#false} is VALID [2022-02-20 14:38:56,480 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 14:38:56,480 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 14:38:56,480 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 14:38:56,480 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1156802107] [2022-02-20 14:38:56,481 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1156802107] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 14:38:56,481 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 14:38:56,481 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 14:38:56,481 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1484499572] [2022-02-20 14:38:56,481 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 14:38:56,481 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-20 14:38:56,482 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 14:38:56,482 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:56,511 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 14:38:56,511 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 14:38:56,511 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 14:38:56,512 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 14:38:56,512 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 14:38:56,512 INFO L87 Difference]: Start difference. First operand 206 states and 279 transitions. Second operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:57,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 14:38:57,226 INFO L93 Difference]: Finished difference Result 218 states and 291 transitions. [2022-02-20 14:38:57,226 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 14:38:57,226 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-20 14:38:57,227 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 14:38:57,227 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:57,229 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 257 transitions. [2022-02-20 14:38:57,229 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 14:38:57,232 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 257 transitions. [2022-02-20 14:38:57,232 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 257 transitions.