./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memcleanup.prp --file ../sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (memcleanup) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-MemCleanup-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-memcleanup) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0eca46c14885d62179341dcc13b398752af03e020a80dcf533f4c9afc7372707 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:36:30,620 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:36:30,623 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:36:30,666 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:36:30,667 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:36:30,670 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:36:30,671 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:36:30,674 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:36:30,676 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:36:30,680 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:36:30,681 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:36:30,683 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:36:30,683 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:36:30,685 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:36:30,687 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:36:30,689 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:36:30,691 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:36:30,692 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:36:30,694 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:36:30,699 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:36:30,701 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:36:30,702 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:36:30,704 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:36:30,704 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:36:30,710 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:36:30,711 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:36:30,711 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:36:30,713 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:36:30,713 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:36:30,714 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:36:30,714 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:36:30,715 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:36:30,716 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:36:30,717 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:36:30,718 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:36:30,719 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:36:30,720 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:36:30,720 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:36:30,721 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:36:30,721 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:36:30,722 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:36:30,723 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-MemCleanup-32bit-Automizer_Default.epf [2022-02-20 23:36:30,755 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:36:30,759 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:36:30,760 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:36:30,760 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:36:30,761 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:36:30,761 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:36:30,762 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:36:30,762 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:36:30,762 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:36:30,762 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:36:30,763 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:36:30,763 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:36:30,764 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:36:30,764 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:36:30,764 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:36:30,764 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:36:30,764 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:36:30,765 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:36:30,765 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:36:30,765 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:36:30,765 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:36:30,765 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:36:30,766 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:36:30,766 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:36:30,766 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:36:30,766 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:36:30,766 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:36:30,767 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:36:30,768 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:36:30,768 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-memcleanup) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0eca46c14885d62179341dcc13b398752af03e020a80dcf533f4c9afc7372707 [2022-02-20 23:36:31,004 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:36:31,023 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:36:31,026 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:36:31,027 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:36:31,029 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:36:31,030 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i [2022-02-20 23:36:31,092 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6afd40df/f88687a7a63346c992d9a14e87495e2b/FLAG65673684a [2022-02-20 23:36:31,528 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:36:31,529 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i [2022-02-20 23:36:31,545 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6afd40df/f88687a7a63346c992d9a14e87495e2b/FLAG65673684a [2022-02-20 23:36:31,857 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f6afd40df/f88687a7a63346c992d9a14e87495e2b [2022-02-20 23:36:31,860 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:36:31,863 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:36:31,866 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:36:31,866 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:36:31,869 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:36:31,872 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:36:31" (1/1) ... [2022-02-20 23:36:31,874 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5c7a3b05 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:31, skipping insertion in model container [2022-02-20 23:36:31,874 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:36:31" (1/1) ... [2022-02-20 23:36:31,880 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:36:31,933 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:36:32,167 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i[22634,22647] [2022-02-20 23:36:32,242 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:36:32,259 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:36:32,293 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/heap-manipulation/dll_of_dll-2.i[22634,22647] [2022-02-20 23:36:32,315 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:36:32,353 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:36:32,354 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32 WrapperNode [2022-02-20 23:36:32,354 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:36:32,356 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:36:32,357 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:36:32,357 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:36:32,363 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,392 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,445 INFO L137 Inliner]: procedures = 140, calls = 94, calls flagged for inlining = 13, calls inlined = 13, statements flattened = 234 [2022-02-20 23:36:32,446 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:36:32,447 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:36:32,447 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:36:32,447 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:36:32,454 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,455 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,470 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,473 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,486 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,516 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,518 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,522 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:36:32,529 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:36:32,530 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:36:32,530 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:36:32,531 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (1/1) ... [2022-02-20 23:36:32,538 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:36:32,547 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:36:32,565 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:36:32,594 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:36:32,621 INFO L130 BoogieDeclarations]: Found specification of procedure fail [2022-02-20 23:36:32,622 INFO L138 BoogieDeclarations]: Found implementation of procedure fail [2022-02-20 23:36:32,623 INFO L130 BoogieDeclarations]: Found specification of procedure inspect_base [2022-02-20 23:36:32,623 INFO L138 BoogieDeclarations]: Found implementation of procedure inspect_base [2022-02-20 23:36:32,623 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:36:32,623 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:36:32,623 INFO L130 BoogieDeclarations]: Found specification of procedure dll_insert_master [2022-02-20 23:36:32,623 INFO L138 BoogieDeclarations]: Found implementation of procedure dll_insert_master [2022-02-20 23:36:32,623 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2022-02-20 23:36:32,624 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:36:32,624 INFO L130 BoogieDeclarations]: Found specification of procedure ##fun~$Pointer$~TO~VOID [2022-02-20 23:36:32,624 INFO L138 BoogieDeclarations]: Found implementation of procedure ##fun~$Pointer$~TO~VOID [2022-02-20 23:36:32,624 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:36:32,624 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:36:32,624 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:36:32,625 INFO L130 BoogieDeclarations]: Found specification of procedure dll_create_generic [2022-02-20 23:36:32,625 INFO L138 BoogieDeclarations]: Found implementation of procedure dll_create_generic [2022-02-20 23:36:32,625 INFO L130 BoogieDeclarations]: Found specification of procedure dll_create_slave [2022-02-20 23:36:32,625 INFO L138 BoogieDeclarations]: Found implementation of procedure dll_create_slave [2022-02-20 23:36:32,625 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 23:36:32,626 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:36:32,626 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:36:32,786 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:36:32,787 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:36:33,555 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:36:33,567 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:36:33,567 INFO L299 CfgBuilder]: Removed 38 assume(true) statements. [2022-02-20 23:36:33,570 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:36:33 BoogieIcfgContainer [2022-02-20 23:36:33,570 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:36:33,571 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:36:33,572 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:36:33,575 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:36:33,576 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:36:31" (1/3) ... [2022-02-20 23:36:33,576 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6b78fd98 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:36:33, skipping insertion in model container [2022-02-20 23:36:33,576 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:36:32" (2/3) ... [2022-02-20 23:36:33,577 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6b78fd98 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:36:33, skipping insertion in model container [2022-02-20 23:36:33,577 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:36:33" (3/3) ... [2022-02-20 23:36:33,578 INFO L111 eAbstractionObserver]: Analyzing ICFG dll_of_dll-2.i [2022-02-20 23:36:33,582 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:36:33,582 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 98 error locations. [2022-02-20 23:36:33,619 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:36:33,625 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:36:33,625 INFO L340 AbstractCegarLoop]: Starting to check reachability of 98 error locations. [2022-02-20 23:36:33,652 INFO L276 IsEmpty]: Start isEmpty. Operand has 271 states, 142 states have (on average 2.1619718309859155) internal successors, (307), 259 states have internal predecessors, (307), 24 states have call successors, (24), 6 states have call predecessors, (24), 6 states have return successors, (24), 23 states have call predecessors, (24), 24 states have call successors, (24) [2022-02-20 23:36:33,658 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2022-02-20 23:36:33,662 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:33,663 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:33,663 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ##fun~$Pointer$~TO~VOIDErr0REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:33,668 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:33,668 INFO L85 PathProgramCache]: Analyzing trace with hash -853608627, now seen corresponding path program 1 times [2022-02-20 23:36:33,676 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:33,677 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1751751437] [2022-02-20 23:36:33,677 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:33,678 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:33,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:33,843 INFO L290 TraceCheckUtils]: 0: Hoare triple {274#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {274#true} is VALID [2022-02-20 23:36:33,843 INFO L290 TraceCheckUtils]: 1: Hoare triple {274#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {274#true} is VALID [2022-02-20 23:36:33,843 INFO L272 TraceCheckUtils]: 2: Hoare triple {274#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {274#true} is VALID [2022-02-20 23:36:33,844 INFO L290 TraceCheckUtils]: 3: Hoare triple {274#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {274#true} is VALID [2022-02-20 23:36:33,844 INFO L272 TraceCheckUtils]: 4: Hoare triple {274#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {274#true} is VALID [2022-02-20 23:36:33,844 INFO L290 TraceCheckUtils]: 5: Hoare triple {274#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {274#true} is VALID [2022-02-20 23:36:33,845 INFO L290 TraceCheckUtils]: 6: Hoare triple {274#true} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {274#true} is VALID [2022-02-20 23:36:33,846 INFO L290 TraceCheckUtils]: 7: Hoare triple {274#true} assume alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0;assume false; {275#false} is VALID [2022-02-20 23:36:33,846 INFO L290 TraceCheckUtils]: 8: Hoare triple {275#false} assume !(1 == #valid[alloc_or_die_slave_~ptr~0#1.base]); {275#false} is VALID [2022-02-20 23:36:33,847 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:33,848 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:33,848 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1751751437] [2022-02-20 23:36:33,848 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1751751437] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:33,849 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:33,849 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:36:33,851 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1425094284] [2022-02-20 23:36:33,851 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:33,856 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:33,857 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:33,860 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:33,871 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 9 edges. 9 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:33,871 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 23:36:33,872 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:33,888 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 23:36:33,889 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 23:36:33,893 INFO L87 Difference]: Start difference. First operand has 271 states, 142 states have (on average 2.1619718309859155) internal successors, (307), 259 states have internal predecessors, (307), 24 states have call successors, (24), 6 states have call predecessors, (24), 6 states have return successors, (24), 23 states have call predecessors, (24), 24 states have call successors, (24) Second operand has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:34,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:34,141 INFO L93 Difference]: Finished difference Result 269 states and 299 transitions. [2022-02-20 23:36:34,141 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 23:36:34,141 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:34,142 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:34,143 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:34,160 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 340 transitions. [2022-02-20 23:36:34,184 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:34,195 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 340 transitions. [2022-02-20 23:36:34,195 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 340 transitions. [2022-02-20 23:36:34,503 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 340 edges. 340 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:34,526 INFO L225 Difference]: With dead ends: 269 [2022-02-20 23:36:34,526 INFO L226 Difference]: Without dead ends: 267 [2022-02-20 23:36:34,528 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 23:36:34,531 INFO L933 BasicCegarLoop]: 299 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:34,532 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 299 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:36:34,548 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 267 states. [2022-02-20 23:36:34,584 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 267 to 267. [2022-02-20 23:36:34,588 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:34,595 INFO L82 GeneralOperation]: Start isEquivalent. First operand 267 states. Second operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:34,598 INFO L74 IsIncluded]: Start isIncluded. First operand 267 states. Second operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:34,600 INFO L87 Difference]: Start difference. First operand 267 states. Second operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:34,634 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:34,635 INFO L93 Difference]: Finished difference Result 267 states and 297 transitions. [2022-02-20 23:36:34,635 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 297 transitions. [2022-02-20 23:36:34,641 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:34,642 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:34,643 INFO L74 IsIncluded]: Start isIncluded. First operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 267 states. [2022-02-20 23:36:34,643 INFO L87 Difference]: Start difference. First operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 267 states. [2022-02-20 23:36:34,663 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:34,664 INFO L93 Difference]: Finished difference Result 267 states and 297 transitions. [2022-02-20 23:36:34,664 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 297 transitions. [2022-02-20 23:36:34,670 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:34,670 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:34,670 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:34,670 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:34,671 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 267 states, 140 states have (on average 1.8785714285714286) internal successors, (263), 255 states have internal predecessors, (263), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:34,688 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 267 states to 267 states and 297 transitions. [2022-02-20 23:36:34,690 INFO L78 Accepts]: Start accepts. Automaton has 267 states and 297 transitions. Word has length 9 [2022-02-20 23:36:34,691 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:34,693 INFO L470 AbstractCegarLoop]: Abstraction has 267 states and 297 transitions. [2022-02-20 23:36:34,693 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:34,694 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 297 transitions. [2022-02-20 23:36:34,694 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2022-02-20 23:36:34,695 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:34,695 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:34,696 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 23:36:34,696 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ##fun~$Pointer$~TO~VOIDErr0REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:34,698 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:34,703 INFO L85 PathProgramCache]: Analyzing trace with hash -853608565, now seen corresponding path program 1 times [2022-02-20 23:36:34,704 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:34,704 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1625143548] [2022-02-20 23:36:34,704 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:34,704 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:34,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:34,783 INFO L290 TraceCheckUtils]: 0: Hoare triple {1348#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {1348#true} is VALID [2022-02-20 23:36:34,783 INFO L290 TraceCheckUtils]: 1: Hoare triple {1348#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {1348#true} is VALID [2022-02-20 23:36:34,784 INFO L272 TraceCheckUtils]: 2: Hoare triple {1348#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {1348#true} is VALID [2022-02-20 23:36:34,784 INFO L290 TraceCheckUtils]: 3: Hoare triple {1348#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {1348#true} is VALID [2022-02-20 23:36:34,784 INFO L272 TraceCheckUtils]: 4: Hoare triple {1348#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {1348#true} is VALID [2022-02-20 23:36:34,784 INFO L290 TraceCheckUtils]: 5: Hoare triple {1348#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {1348#true} is VALID [2022-02-20 23:36:34,785 INFO L290 TraceCheckUtils]: 6: Hoare triple {1348#true} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {1350#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} is VALID [2022-02-20 23:36:34,786 INFO L290 TraceCheckUtils]: 7: Hoare triple {1350#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {1350#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} is VALID [2022-02-20 23:36:34,786 INFO L290 TraceCheckUtils]: 8: Hoare triple {1350#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} assume !(1 == #valid[alloc_or_die_slave_~ptr~0#1.base]); {1349#false} is VALID [2022-02-20 23:36:34,787 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:34,787 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:34,787 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1625143548] [2022-02-20 23:36:34,788 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1625143548] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:34,788 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:34,788 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:36:34,788 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1606983105] [2022-02-20 23:36:34,788 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:34,789 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:34,790 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:34,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:34,797 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 9 edges. 9 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:34,798 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:36:34,798 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:34,799 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:36:34,799 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:34,799 INFO L87 Difference]: Start difference. First operand 267 states and 297 transitions. Second operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:35,255 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:35,255 INFO L93 Difference]: Finished difference Result 267 states and 299 transitions. [2022-02-20 23:36:35,255 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:36:35,255 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:35,256 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:35,256 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:35,260 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 301 transitions. [2022-02-20 23:36:35,261 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:35,265 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 301 transitions. [2022-02-20 23:36:35,265 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 301 transitions. [2022-02-20 23:36:35,561 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 301 edges. 301 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:35,578 INFO L225 Difference]: With dead ends: 267 [2022-02-20 23:36:35,579 INFO L226 Difference]: Without dead ends: 267 [2022-02-20 23:36:35,583 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:35,586 INFO L933 BasicCegarLoop]: 282 mSDtfsCounter, 23 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 105 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 23 SdHoareTripleChecker+Valid, 463 SdHoareTripleChecker+Invalid, 106 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 105 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:35,586 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [23 Valid, 463 Invalid, 106 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:36:35,589 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 267 states. [2022-02-20 23:36:35,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 267 to 265. [2022-02-20 23:36:35,603 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:35,604 INFO L82 GeneralOperation]: Start isEquivalent. First operand 267 states. Second operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:35,604 INFO L74 IsIncluded]: Start isIncluded. First operand 267 states. Second operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:35,605 INFO L87 Difference]: Start difference. First operand 267 states. Second operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:35,615 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:35,615 INFO L93 Difference]: Finished difference Result 267 states and 299 transitions. [2022-02-20 23:36:35,615 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 299 transitions. [2022-02-20 23:36:35,617 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:35,617 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:35,618 INFO L74 IsIncluded]: Start isIncluded. First operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 267 states. [2022-02-20 23:36:35,618 INFO L87 Difference]: Start difference. First operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 267 states. [2022-02-20 23:36:35,628 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:35,628 INFO L93 Difference]: Finished difference Result 267 states and 299 transitions. [2022-02-20 23:36:35,629 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 299 transitions. [2022-02-20 23:36:35,630 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:35,630 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:35,630 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:35,630 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:35,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 265 states, 140 states have (on average 1.8642857142857143) internal successors, (261), 253 states have internal predecessors, (261), 24 states have call successors, (24), 6 states have call predecessors, (24), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:36:35,639 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 265 states to 265 states and 295 transitions. [2022-02-20 23:36:35,640 INFO L78 Accepts]: Start accepts. Automaton has 265 states and 295 transitions. Word has length 9 [2022-02-20 23:36:35,640 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:35,640 INFO L470 AbstractCegarLoop]: Abstraction has 265 states and 295 transitions. [2022-02-20 23:36:35,640 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 3 states have internal predecessors, (7), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:35,640 INFO L276 IsEmpty]: Start isEmpty. Operand 265 states and 295 transitions. [2022-02-20 23:36:35,641 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2022-02-20 23:36:35,641 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:35,641 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:35,641 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 23:36:35,641 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ##fun~$Pointer$~TO~VOIDErr1REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:35,642 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:35,642 INFO L85 PathProgramCache]: Analyzing trace with hash -853608564, now seen corresponding path program 1 times [2022-02-20 23:36:35,642 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:35,642 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1095338825] [2022-02-20 23:36:35,642 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:35,643 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:35,684 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:35,784 INFO L290 TraceCheckUtils]: 0: Hoare triple {2419#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {2419#true} is VALID [2022-02-20 23:36:35,785 INFO L290 TraceCheckUtils]: 1: Hoare triple {2419#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {2419#true} is VALID [2022-02-20 23:36:35,785 INFO L272 TraceCheckUtils]: 2: Hoare triple {2419#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {2421#(and (<= |#funAddr~dll_insert_master.offset| |dll_create_generic_#in~insert_fnc.offset|) (<= |dll_create_generic_#in~insert_fnc.offset| |#funAddr~dll_insert_master.offset|) (<= |#funAddr~dll_insert_master.base| |dll_create_generic_#in~insert_fnc.base|) (<= |dll_create_generic_#in~insert_fnc.base| |#funAddr~dll_insert_master.base|))} is VALID [2022-02-20 23:36:35,786 INFO L290 TraceCheckUtils]: 3: Hoare triple {2421#(and (<= |#funAddr~dll_insert_master.offset| |dll_create_generic_#in~insert_fnc.offset|) (<= |dll_create_generic_#in~insert_fnc.offset| |#funAddr~dll_insert_master.offset|) (<= |#funAddr~dll_insert_master.base| |dll_create_generic_#in~insert_fnc.base|) (<= |dll_create_generic_#in~insert_fnc.base| |#funAddr~dll_insert_master.base|))} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {2422#(and (<= dll_create_generic_~insert_fnc.offset |#funAddr~dll_insert_master.offset|) (<= |#funAddr~dll_insert_master.offset| dll_create_generic_~insert_fnc.offset) (<= dll_create_generic_~insert_fnc.base |#funAddr~dll_insert_master.base|) (<= |#funAddr~dll_insert_master.base| dll_create_generic_~insert_fnc.base))} is VALID [2022-02-20 23:36:35,788 INFO L272 TraceCheckUtils]: 4: Hoare triple {2422#(and (<= dll_create_generic_~insert_fnc.offset |#funAddr~dll_insert_master.offset|) (<= |#funAddr~dll_insert_master.offset| dll_create_generic_~insert_fnc.offset) (<= dll_create_generic_~insert_fnc.base |#funAddr~dll_insert_master.base|) (<= |#funAddr~dll_insert_master.base| dll_create_generic_~insert_fnc.base))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {2423#(and (<= |#funAddr~dll_insert_master.base| |##fun~$Pointer$~TO~VOID_#in~#fp#1.base|) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.base| (+ |#funAddr~dll_insert_master.base| 1)) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset| (+ |#funAddr~dll_insert_master.offset| 1)) (<= |#funAddr~dll_insert_master.offset| |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset|))} is VALID [2022-02-20 23:36:35,789 INFO L290 TraceCheckUtils]: 5: Hoare triple {2423#(and (<= |#funAddr~dll_insert_master.base| |##fun~$Pointer$~TO~VOID_#in~#fp#1.base|) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.base| (+ |#funAddr~dll_insert_master.base| 1)) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset| (+ |#funAddr~dll_insert_master.offset| 1)) (<= |#funAddr~dll_insert_master.offset| |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset|))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {2423#(and (<= |#funAddr~dll_insert_master.base| |##fun~$Pointer$~TO~VOID_#in~#fp#1.base|) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.base| (+ |#funAddr~dll_insert_master.base| 1)) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset| (+ |#funAddr~dll_insert_master.offset| 1)) (<= |#funAddr~dll_insert_master.offset| |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset|))} is VALID [2022-02-20 23:36:35,790 INFO L290 TraceCheckUtils]: 6: Hoare triple {2423#(and (<= |#funAddr~dll_insert_master.base| |##fun~$Pointer$~TO~VOID_#in~#fp#1.base|) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.base| (+ |#funAddr~dll_insert_master.base| 1)) (< |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset| (+ |#funAddr~dll_insert_master.offset| 1)) (<= |#funAddr~dll_insert_master.offset| |##fun~$Pointer$~TO~VOID_#in~#fp#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {2420#false} is VALID [2022-02-20 23:36:35,790 INFO L290 TraceCheckUtils]: 7: Hoare triple {2420#false} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {2420#false} is VALID [2022-02-20 23:36:35,790 INFO L290 TraceCheckUtils]: 8: Hoare triple {2420#false} assume !(4 + alloc_or_die_slave_~ptr~0#1.offset <= #length[alloc_or_die_slave_~ptr~0#1.base] && 0 <= alloc_or_die_slave_~ptr~0#1.offset); {2420#false} is VALID [2022-02-20 23:36:35,791 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:35,791 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:35,791 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1095338825] [2022-02-20 23:36:35,791 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1095338825] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:35,792 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:35,792 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:36:35,792 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1474665077] [2022-02-20 23:36:35,792 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:35,793 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:35,793 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:35,793 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:35,801 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 9 edges. 9 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:35,802 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:36:35,802 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:35,803 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:36:35,803 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:36:35,803 INFO L87 Difference]: Start difference. First operand 265 states and 295 transitions. Second operand has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:36,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:36,675 INFO L93 Difference]: Finished difference Result 291 states and 329 transitions. [2022-02-20 23:36:36,675 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:36:36,676 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 9 [2022-02-20 23:36:36,676 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:36,676 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:36,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 330 transitions. [2022-02-20 23:36:36,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:36,685 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 330 transitions. [2022-02-20 23:36:36,686 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 330 transitions. [2022-02-20 23:36:36,943 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 330 edges. 330 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:36,949 INFO L225 Difference]: With dead ends: 291 [2022-02-20 23:36:36,949 INFO L226 Difference]: Without dead ends: 291 [2022-02-20 23:36:36,950 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:36:36,950 INFO L933 BasicCegarLoop]: 313 mSDtfsCounter, 19 mSDsluCounter, 904 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 22 SdHoareTripleChecker+Valid, 1217 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:36,951 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [22 Valid, 1217 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:36:36,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 291 states. [2022-02-20 23:36:36,960 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 291 to 283. [2022-02-20 23:36:36,960 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:36,961 INFO L82 GeneralOperation]: Start isEquivalent. First operand 291 states. Second operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:36,962 INFO L74 IsIncluded]: Start isIncluded. First operand 291 states. Second operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:36,963 INFO L87 Difference]: Start difference. First operand 291 states. Second operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:36,972 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:36,973 INFO L93 Difference]: Finished difference Result 291 states and 329 transitions. [2022-02-20 23:36:36,973 INFO L276 IsEmpty]: Start isEmpty. Operand 291 states and 329 transitions. [2022-02-20 23:36:36,974 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:36,974 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:36,975 INFO L74 IsIncluded]: Start isIncluded. First operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 291 states. [2022-02-20 23:36:36,976 INFO L87 Difference]: Start difference. First operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 291 states. [2022-02-20 23:36:36,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:36,985 INFO L93 Difference]: Finished difference Result 291 states and 329 transitions. [2022-02-20 23:36:36,986 INFO L276 IsEmpty]: Start isEmpty. Operand 291 states and 329 transitions. [2022-02-20 23:36:36,987 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:36,987 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:36,987 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:36,987 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:36,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 151 states have (on average 1.8278145695364238) internal successors, (276), 264 states have internal predecessors, (276), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:36,996 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 323 transitions. [2022-02-20 23:36:36,997 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 323 transitions. Word has length 9 [2022-02-20 23:36:36,997 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:36,997 INFO L470 AbstractCegarLoop]: Abstraction has 283 states and 323 transitions. [2022-02-20 23:36:36,997 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 1.75) internal successors, (7), 4 states have internal predecessors, (7), 2 states have call successors, (2), 2 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:36,998 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 323 transitions. [2022-02-20 23:36:36,998 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:36:36,998 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:36,998 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:36,998 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 23:36:36,998 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting dll_insert_masterErr0REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:36,999 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:36,999 INFO L85 PathProgramCache]: Analyzing trace with hash 33414869, now seen corresponding path program 1 times [2022-02-20 23:36:36,999 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:36,999 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2005062260] [2022-02-20 23:36:37,000 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:37,000 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:37,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:37,065 INFO L290 TraceCheckUtils]: 0: Hoare triple {3584#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {3584#true} is VALID [2022-02-20 23:36:37,065 INFO L290 TraceCheckUtils]: 1: Hoare triple {3584#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {3584#true} is VALID [2022-02-20 23:36:37,065 INFO L272 TraceCheckUtils]: 2: Hoare triple {3584#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {3584#true} is VALID [2022-02-20 23:36:37,066 INFO L290 TraceCheckUtils]: 3: Hoare triple {3584#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {3584#true} is VALID [2022-02-20 23:36:37,066 INFO L272 TraceCheckUtils]: 4: Hoare triple {3584#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {3584#true} is VALID [2022-02-20 23:36:37,066 INFO L290 TraceCheckUtils]: 5: Hoare triple {3584#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {3584#true} is VALID [2022-02-20 23:36:37,066 INFO L290 TraceCheckUtils]: 6: Hoare triple {3584#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {3584#true} is VALID [2022-02-20 23:36:37,067 INFO L272 TraceCheckUtils]: 7: Hoare triple {3584#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {3584#true} is VALID [2022-02-20 23:36:37,068 INFO L290 TraceCheckUtils]: 8: Hoare triple {3584#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {3586#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} is VALID [2022-02-20 23:36:37,068 INFO L290 TraceCheckUtils]: 9: Hoare triple {3586#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {3586#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} is VALID [2022-02-20 23:36:37,068 INFO L290 TraceCheckUtils]: 10: Hoare triple {3586#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} assume !(1 == #valid[alloc_or_die_master_~ptr~1#1.base]); {3585#false} is VALID [2022-02-20 23:36:37,069 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:37,069 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:37,069 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2005062260] [2022-02-20 23:36:37,069 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2005062260] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:37,069 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:37,070 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:36:37,070 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1798156050] [2022-02-20 23:36:37,070 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:37,070 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:36:37,071 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:37,071 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,096 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:37,096 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:36:37,096 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:37,097 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:36:37,097 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:37,097 INFO L87 Difference]: Start difference. First operand 283 states and 323 transitions. Second operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:37,420 INFO L93 Difference]: Finished difference Result 280 states and 320 transitions. [2022-02-20 23:36:37,420 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:36:37,420 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:36:37,421 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:37,421 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,424 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 295 transitions. [2022-02-20 23:36:37,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 295 transitions. [2022-02-20 23:36:37,428 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 295 transitions. [2022-02-20 23:36:37,633 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 295 edges. 295 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:37,638 INFO L225 Difference]: With dead ends: 280 [2022-02-20 23:36:37,639 INFO L226 Difference]: Without dead ends: 280 [2022-02-20 23:36:37,639 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:37,640 INFO L933 BasicCegarLoop]: 278 mSDtfsCounter, 20 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 460 SdHoareTripleChecker+Invalid, 104 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:37,640 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 460 Invalid, 104 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:36:37,641 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2022-02-20 23:36:37,646 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 280. [2022-02-20 23:36:37,647 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:37,647 INFO L82 GeneralOperation]: Start isEquivalent. First operand 280 states. Second operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:37,648 INFO L74 IsIncluded]: Start isIncluded. First operand 280 states. Second operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:37,649 INFO L87 Difference]: Start difference. First operand 280 states. Second operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:37,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:37,657 INFO L93 Difference]: Finished difference Result 280 states and 320 transitions. [2022-02-20 23:36:37,658 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 320 transitions. [2022-02-20 23:36:37,659 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:37,659 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:37,660 INFO L74 IsIncluded]: Start isIncluded. First operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 280 states. [2022-02-20 23:36:37,661 INFO L87 Difference]: Start difference. First operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 280 states. [2022-02-20 23:36:37,669 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:37,669 INFO L93 Difference]: Finished difference Result 280 states and 320 transitions. [2022-02-20 23:36:37,670 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 320 transitions. [2022-02-20 23:36:37,670 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:37,671 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:37,671 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:37,671 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:37,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 280 states, 151 states have (on average 1.8079470198675496) internal successors, (273), 261 states have internal predecessors, (273), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:37,680 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 280 states to 280 states and 320 transitions. [2022-02-20 23:36:37,680 INFO L78 Accepts]: Start accepts. Automaton has 280 states and 320 transitions. Word has length 11 [2022-02-20 23:36:37,681 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:37,681 INFO L470 AbstractCegarLoop]: Abstraction has 280 states and 320 transitions. [2022-02-20 23:36:37,681 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,681 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 320 transitions. [2022-02-20 23:36:37,681 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:36:37,681 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:37,681 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:37,682 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 23:36:37,682 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting dll_insert_masterErr1REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:37,684 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:37,684 INFO L85 PathProgramCache]: Analyzing trace with hash 33414870, now seen corresponding path program 1 times [2022-02-20 23:36:37,684 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:37,684 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1547237799] [2022-02-20 23:36:37,684 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:37,684 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:37,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:37,754 INFO L290 TraceCheckUtils]: 0: Hoare triple {4709#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L290 TraceCheckUtils]: 1: Hoare triple {4709#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L272 TraceCheckUtils]: 2: Hoare triple {4709#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L290 TraceCheckUtils]: 3: Hoare triple {4709#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L272 TraceCheckUtils]: 4: Hoare triple {4709#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L290 TraceCheckUtils]: 5: Hoare triple {4709#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L290 TraceCheckUtils]: 6: Hoare triple {4709#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {4709#true} is VALID [2022-02-20 23:36:37,755 INFO L272 TraceCheckUtils]: 7: Hoare triple {4709#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {4709#true} is VALID [2022-02-20 23:36:37,756 INFO L290 TraceCheckUtils]: 8: Hoare triple {4709#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {4711#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0))} is VALID [2022-02-20 23:36:37,757 INFO L290 TraceCheckUtils]: 9: Hoare triple {4711#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0))} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {4711#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0))} is VALID [2022-02-20 23:36:37,757 INFO L290 TraceCheckUtils]: 10: Hoare triple {4711#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0))} assume !(4 + alloc_or_die_master_~ptr~1#1.offset <= #length[alloc_or_die_master_~ptr~1#1.base] && 0 <= alloc_or_die_master_~ptr~1#1.offset); {4710#false} is VALID [2022-02-20 23:36:37,758 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:37,758 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:37,758 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1547237799] [2022-02-20 23:36:37,758 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1547237799] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:37,758 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:37,758 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:36:37,759 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [929843364] [2022-02-20 23:36:37,759 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:37,759 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:36:37,759 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:37,759 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:37,766 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:37,766 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:36:37,767 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:37,767 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:36:37,767 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:37,767 INFO L87 Difference]: Start difference. First operand 280 states and 320 transitions. Second operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:38,120 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:38,121 INFO L93 Difference]: Finished difference Result 277 states and 317 transitions. [2022-02-20 23:36:38,121 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:36:38,121 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:36:38,122 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:38,122 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:38,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 292 transitions. [2022-02-20 23:36:38,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:38,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 292 transitions. [2022-02-20 23:36:38,127 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 292 transitions. [2022-02-20 23:36:38,332 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 292 edges. 292 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:38,337 INFO L225 Difference]: With dead ends: 277 [2022-02-20 23:36:38,337 INFO L226 Difference]: Without dead ends: 277 [2022-02-20 23:36:38,338 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:38,338 INFO L933 BasicCegarLoop]: 278 mSDtfsCounter, 17 mSDsluCounter, 187 mSDsCounter, 0 mSdLazyCounter, 94 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 17 SdHoareTripleChecker+Valid, 465 SdHoareTripleChecker+Invalid, 96 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 94 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:38,339 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [17 Valid, 465 Invalid, 96 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 94 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:36:38,340 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 277 states. [2022-02-20 23:36:38,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 277 to 277. [2022-02-20 23:36:38,346 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:38,347 INFO L82 GeneralOperation]: Start isEquivalent. First operand 277 states. Second operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:38,347 INFO L74 IsIncluded]: Start isIncluded. First operand 277 states. Second operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:38,348 INFO L87 Difference]: Start difference. First operand 277 states. Second operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:38,355 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:38,355 INFO L93 Difference]: Finished difference Result 277 states and 317 transitions. [2022-02-20 23:36:38,355 INFO L276 IsEmpty]: Start isEmpty. Operand 277 states and 317 transitions. [2022-02-20 23:36:38,356 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:38,356 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:38,357 INFO L74 IsIncluded]: Start isIncluded. First operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 277 states. [2022-02-20 23:36:38,358 INFO L87 Difference]: Start difference. First operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) Second operand 277 states. [2022-02-20 23:36:38,365 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:38,365 INFO L93 Difference]: Finished difference Result 277 states and 317 transitions. [2022-02-20 23:36:38,365 INFO L276 IsEmpty]: Start isEmpty. Operand 277 states and 317 transitions. [2022-02-20 23:36:38,366 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:38,367 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:38,367 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:38,367 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:38,368 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 277 states, 151 states have (on average 1.7880794701986755) internal successors, (270), 258 states have internal predecessors, (270), 29 states have call successors, (29), 8 states have call predecessors, (29), 7 states have return successors, (18), 13 states have call predecessors, (18), 15 states have call successors, (18) [2022-02-20 23:36:38,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 277 states to 277 states and 317 transitions. [2022-02-20 23:36:38,374 INFO L78 Accepts]: Start accepts. Automaton has 277 states and 317 transitions. Word has length 11 [2022-02-20 23:36:38,374 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:38,374 INFO L470 AbstractCegarLoop]: Abstraction has 277 states and 317 transitions. [2022-02-20 23:36:38,375 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 4.0) internal successors, (8), 3 states have internal predecessors, (8), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:38,375 INFO L276 IsEmpty]: Start isEmpty. Operand 277 states and 317 transitions. [2022-02-20 23:36:38,375 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-02-20 23:36:38,375 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:38,376 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:38,376 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 23:36:38,376 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting dll_insert_masterErr6REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:38,376 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:38,377 INFO L85 PathProgramCache]: Analyzing trace with hash -226556130, now seen corresponding path program 1 times [2022-02-20 23:36:38,377 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:38,377 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1795994572] [2022-02-20 23:36:38,377 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:38,377 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:38,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:38,511 INFO L290 TraceCheckUtils]: 0: Hoare triple {5822#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {5822#true} is VALID [2022-02-20 23:36:38,512 INFO L290 TraceCheckUtils]: 1: Hoare triple {5822#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {5822#true} is VALID [2022-02-20 23:36:38,512 INFO L272 TraceCheckUtils]: 2: Hoare triple {5822#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {5822#true} is VALID [2022-02-20 23:36:38,513 INFO L290 TraceCheckUtils]: 3: Hoare triple {5822#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {5824#(= (select |#valid| |dll_create_generic_~#dll~0.base|) 1)} is VALID [2022-02-20 23:36:38,514 INFO L272 TraceCheckUtils]: 4: Hoare triple {5824#(= (select |#valid| |dll_create_generic_~#dll~0.base|) 1)} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {5825#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1)} is VALID [2022-02-20 23:36:38,514 INFO L290 TraceCheckUtils]: 5: Hoare triple {5825#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1)} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {5826#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} is VALID [2022-02-20 23:36:38,515 INFO L290 TraceCheckUtils]: 6: Hoare triple {5826#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {5826#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} is VALID [2022-02-20 23:36:38,516 INFO L272 TraceCheckUtils]: 7: Hoare triple {5826#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} call dll_insert_master(#~10#1.base, #~10#1.offset); {5827#(= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,516 INFO L290 TraceCheckUtils]: 8: Hoare triple {5827#(= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1)} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {5828#(or (= (select |#valid| |dll_insert_master_~dll#1.base|) 1) (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|))} is VALID [2022-02-20 23:36:38,517 INFO L290 TraceCheckUtils]: 9: Hoare triple {5828#(or (= (select |#valid| |dll_insert_master_~dll#1.base|) 1) (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|))} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {5828#(or (= (select |#valid| |dll_insert_master_~dll#1.base|) 1) (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|))} is VALID [2022-02-20 23:36:38,518 INFO L290 TraceCheckUtils]: 10: Hoare triple {5828#(or (= (select |#valid| |dll_insert_master_~dll#1.base|) 1) (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,518 INFO L290 TraceCheckUtils]: 11: Hoare triple {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,519 INFO L290 TraceCheckUtils]: 12: Hoare triple {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,519 INFO L290 TraceCheckUtils]: 13: Hoare triple {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,520 INFO L290 TraceCheckUtils]: 14: Hoare triple {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:38,520 INFO L290 TraceCheckUtils]: 15: Hoare triple {5829#(= (select |#valid| |dll_insert_master_~dll#1.base|) 1)} assume !(1 == #valid[~dll#1.base]); {5823#false} is VALID [2022-02-20 23:36:38,520 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:38,521 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:38,521 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1795994572] [2022-02-20 23:36:38,521 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1795994572] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:38,521 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:38,521 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:36:38,521 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1937200527] [2022-02-20 23:36:38,522 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:38,522 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-02-20 23:36:38,522 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:38,522 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:38,534 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:38,534 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:36:38,534 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:38,535 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:36:38,535 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:36:38,535 INFO L87 Difference]: Start difference. First operand 277 states and 317 transitions. Second operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:40,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:40,112 INFO L93 Difference]: Finished difference Result 300 states and 343 transitions. [2022-02-20 23:36:40,112 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:36:40,113 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-02-20 23:36:40,113 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:40,113 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:40,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 328 transitions. [2022-02-20 23:36:40,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:40,122 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 328 transitions. [2022-02-20 23:36:40,122 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 328 transitions. [2022-02-20 23:36:40,373 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 328 edges. 328 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:40,378 INFO L225 Difference]: With dead ends: 300 [2022-02-20 23:36:40,378 INFO L226 Difference]: Without dead ends: 300 [2022-02-20 23:36:40,379 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=67, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:36:40,380 INFO L933 BasicCegarLoop]: 266 mSDtfsCounter, 99 mSDsluCounter, 1063 mSDsCounter, 0 mSdLazyCounter, 653 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 1329 SdHoareTripleChecker+Invalid, 666 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 653 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:40,380 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [99 Valid, 1329 Invalid, 666 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 653 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-02-20 23:36:40,381 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states. [2022-02-20 23:36:40,386 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 289. [2022-02-20 23:36:40,386 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:40,387 INFO L82 GeneralOperation]: Start isEquivalent. First operand 300 states. Second operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:40,388 INFO L74 IsIncluded]: Start isIncluded. First operand 300 states. Second operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:40,388 INFO L87 Difference]: Start difference. First operand 300 states. Second operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:40,395 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:40,396 INFO L93 Difference]: Finished difference Result 300 states and 343 transitions. [2022-02-20 23:36:40,396 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 343 transitions. [2022-02-20 23:36:40,397 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:40,397 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:40,398 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 300 states. [2022-02-20 23:36:40,399 INFO L87 Difference]: Start difference. First operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 300 states. [2022-02-20 23:36:40,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:40,406 INFO L93 Difference]: Finished difference Result 300 states and 343 transitions. [2022-02-20 23:36:40,407 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 343 transitions. [2022-02-20 23:36:40,408 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:40,408 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:40,408 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:40,408 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:40,409 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 162 states have (on average 1.7469135802469136) internal successors, (283), 268 states have internal predecessors, (283), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:40,415 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 332 transitions. [2022-02-20 23:36:40,416 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 332 transitions. Word has length 16 [2022-02-20 23:36:40,416 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:40,416 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 332 transitions. [2022-02-20 23:36:40,416 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:40,416 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 332 transitions. [2022-02-20 23:36:40,417 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-02-20 23:36:40,417 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:40,417 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:40,417 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 23:36:40,417 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting dll_insert_masterErr7REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:40,418 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:40,418 INFO L85 PathProgramCache]: Analyzing trace with hash -226556129, now seen corresponding path program 1 times [2022-02-20 23:36:40,418 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:40,418 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [606666448] [2022-02-20 23:36:40,418 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:40,418 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:40,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:40,576 INFO L290 TraceCheckUtils]: 0: Hoare triple {7025#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {7025#true} is VALID [2022-02-20 23:36:40,576 INFO L290 TraceCheckUtils]: 1: Hoare triple {7025#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {7025#true} is VALID [2022-02-20 23:36:40,576 INFO L272 TraceCheckUtils]: 2: Hoare triple {7025#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {7025#true} is VALID [2022-02-20 23:36:40,577 INFO L290 TraceCheckUtils]: 3: Hoare triple {7025#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {7027#(and (<= 4 (select |#length| |dll_create_generic_~#dll~0.base|)) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:40,578 INFO L272 TraceCheckUtils]: 4: Hoare triple {7027#(and (<= 4 (select |#length| |dll_create_generic_~#dll~0.base|)) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {7028#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)))} is VALID [2022-02-20 23:36:40,579 INFO L290 TraceCheckUtils]: 5: Hoare triple {7028#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {7029#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} is VALID [2022-02-20 23:36:40,579 INFO L290 TraceCheckUtils]: 6: Hoare triple {7029#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {7029#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} is VALID [2022-02-20 23:36:40,580 INFO L272 TraceCheckUtils]: 7: Hoare triple {7029#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} call dll_insert_master(#~10#1.base, #~10#1.offset); {7030#(and (<= 4 (select |#length| |dll_insert_master_#in~dll#1.base|)) (= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1) (= 0 |dll_insert_master_#in~dll#1.offset|))} is VALID [2022-02-20 23:36:40,581 INFO L290 TraceCheckUtils]: 8: Hoare triple {7030#(and (<= 4 (select |#length| |dll_insert_master_#in~dll#1.base|)) (= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1) (= 0 |dll_insert_master_#in~dll#1.offset|))} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,581 INFO L290 TraceCheckUtils]: 9: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,582 INFO L290 TraceCheckUtils]: 10: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,582 INFO L290 TraceCheckUtils]: 11: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,583 INFO L290 TraceCheckUtils]: 12: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,583 INFO L290 TraceCheckUtils]: 13: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,584 INFO L290 TraceCheckUtils]: 14: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} is VALID [2022-02-20 23:36:40,584 INFO L290 TraceCheckUtils]: 15: Hoare triple {7031#(and (<= 4 (select |#length| |dll_insert_master_~dll#1.base|)) (= |dll_insert_master_~dll#1.offset| 0))} assume !(4 + ~dll#1.offset <= #length[~dll#1.base] && 0 <= ~dll#1.offset); {7026#false} is VALID [2022-02-20 23:36:40,585 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:40,585 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:40,585 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [606666448] [2022-02-20 23:36:40,585 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [606666448] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:40,585 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:40,585 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:36:40,585 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1570085860] [2022-02-20 23:36:40,586 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:40,586 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-02-20 23:36:40,586 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:40,586 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:40,599 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:40,600 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:36:40,600 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:40,600 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:36:40,600 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:36:40,601 INFO L87 Difference]: Start difference. First operand 289 states and 332 transitions. Second operand has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:42,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:42,070 INFO L93 Difference]: Finished difference Result 299 states and 342 transitions. [2022-02-20 23:36:42,070 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:36:42,070 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-02-20 23:36:42,071 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:42,071 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:42,074 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 327 transitions. [2022-02-20 23:36:42,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:42,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 327 transitions. [2022-02-20 23:36:42,078 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 327 transitions. [2022-02-20 23:36:42,308 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 327 edges. 327 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:42,313 INFO L225 Difference]: With dead ends: 299 [2022-02-20 23:36:42,314 INFO L226 Difference]: Without dead ends: 299 [2022-02-20 23:36:42,314 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:36:42,315 INFO L933 BasicCegarLoop]: 260 mSDtfsCounter, 80 mSDsluCounter, 756 mSDsCounter, 0 mSdLazyCounter, 697 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 1016 SdHoareTripleChecker+Invalid, 706 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 697 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:42,315 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 1016 Invalid, 706 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 697 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-02-20 23:36:42,316 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2022-02-20 23:36:42,321 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 289. [2022-02-20 23:36:42,321 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:42,322 INFO L82 GeneralOperation]: Start isEquivalent. First operand 299 states. Second operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:42,322 INFO L74 IsIncluded]: Start isIncluded. First operand 299 states. Second operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:42,323 INFO L87 Difference]: Start difference. First operand 299 states. Second operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:42,330 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:42,330 INFO L93 Difference]: Finished difference Result 299 states and 342 transitions. [2022-02-20 23:36:42,330 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 342 transitions. [2022-02-20 23:36:42,331 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:42,332 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:42,332 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 299 states. [2022-02-20 23:36:42,333 INFO L87 Difference]: Start difference. First operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 299 states. [2022-02-20 23:36:42,340 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:42,340 INFO L93 Difference]: Finished difference Result 299 states and 342 transitions. [2022-02-20 23:36:42,340 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 342 transitions. [2022-02-20 23:36:42,341 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:42,341 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:42,342 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:42,342 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:42,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 162 states have (on average 1.7345679012345678) internal successors, (281), 268 states have internal predecessors, (281), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:42,348 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 330 transitions. [2022-02-20 23:36:42,349 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 330 transitions. Word has length 16 [2022-02-20 23:36:42,349 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:42,349 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 330 transitions. [2022-02-20 23:36:42,349 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:42,350 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 330 transitions. [2022-02-20 23:36:42,350 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 23:36:42,350 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:42,350 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:42,350 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-02-20 23:36:42,351 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting dll_insert_masterErr8REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:42,351 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:42,351 INFO L85 PathProgramCache]: Analyzing trace with hash 1322891007, now seen corresponding path program 1 times [2022-02-20 23:36:42,351 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:42,351 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1041219566] [2022-02-20 23:36:42,352 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:42,352 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:42,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:42,392 INFO L290 TraceCheckUtils]: 0: Hoare triple {8224#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {8224#true} is VALID [2022-02-20 23:36:42,392 INFO L290 TraceCheckUtils]: 1: Hoare triple {8224#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {8224#true} is VALID [2022-02-20 23:36:42,392 INFO L272 TraceCheckUtils]: 2: Hoare triple {8224#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {8224#true} is VALID [2022-02-20 23:36:42,393 INFO L290 TraceCheckUtils]: 3: Hoare triple {8224#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {8224#true} is VALID [2022-02-20 23:36:42,393 INFO L272 TraceCheckUtils]: 4: Hoare triple {8224#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {8224#true} is VALID [2022-02-20 23:36:42,393 INFO L290 TraceCheckUtils]: 5: Hoare triple {8224#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {8224#true} is VALID [2022-02-20 23:36:42,393 INFO L290 TraceCheckUtils]: 6: Hoare triple {8224#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {8224#true} is VALID [2022-02-20 23:36:42,393 INFO L272 TraceCheckUtils]: 7: Hoare triple {8224#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {8224#true} is VALID [2022-02-20 23:36:42,394 INFO L290 TraceCheckUtils]: 8: Hoare triple {8224#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {8224#true} is VALID [2022-02-20 23:36:42,394 INFO L290 TraceCheckUtils]: 9: Hoare triple {8224#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {8224#true} is VALID [2022-02-20 23:36:42,394 INFO L290 TraceCheckUtils]: 10: Hoare triple {8224#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,395 INFO L290 TraceCheckUtils]: 11: Hoare triple {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,395 INFO L290 TraceCheckUtils]: 12: Hoare triple {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,396 INFO L290 TraceCheckUtils]: 13: Hoare triple {8226#(= (select |#valid| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|) 1)} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {8227#(= (select |#valid| |dll_insert_master_alloc_or_die_master_#res#1.base|) 1)} is VALID [2022-02-20 23:36:42,396 INFO L290 TraceCheckUtils]: 14: Hoare triple {8227#(= (select |#valid| |dll_insert_master_alloc_or_die_master_#res#1.base|) 1)} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,397 INFO L290 TraceCheckUtils]: 15: Hoare triple {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,397 INFO L290 TraceCheckUtils]: 16: Hoare triple {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} is VALID [2022-02-20 23:36:42,398 INFO L290 TraceCheckUtils]: 17: Hoare triple {8228#(= (select |#valid| |dll_insert_master_~item~1#1.base|) 1)} assume !(1 == #valid[~item~1#1.base]); {8225#false} is VALID [2022-02-20 23:36:42,398 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:42,398 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:42,398 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1041219566] [2022-02-20 23:36:42,398 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1041219566] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:42,399 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:42,399 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:36:42,399 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [719919615] [2022-02-20 23:36:42,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:42,399 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 23:36:42,400 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:42,400 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:42,412 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:42,413 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:36:42,413 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:42,413 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:36:42,413 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:36:42,414 INFO L87 Difference]: Start difference. First operand 289 states and 330 transitions. Second operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:43,134 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:43,135 INFO L93 Difference]: Finished difference Result 288 states and 329 transitions. [2022-02-20 23:36:43,135 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:36:43,135 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 23:36:43,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:43,136 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:43,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 289 transitions. [2022-02-20 23:36:43,140 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:43,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 289 transitions. [2022-02-20 23:36:43,148 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 289 transitions. [2022-02-20 23:36:43,332 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:43,338 INFO L225 Difference]: With dead ends: 288 [2022-02-20 23:36:43,339 INFO L226 Difference]: Without dead ends: 288 [2022-02-20 23:36:43,339 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:36:43,340 INFO L933 BasicCegarLoop]: 274 mSDtfsCounter, 40 mSDsluCounter, 539 mSDsCounter, 0 mSdLazyCounter, 290 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 813 SdHoareTripleChecker+Invalid, 292 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 290 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:43,340 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [40 Valid, 813 Invalid, 292 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 290 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:36:43,341 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2022-02-20 23:36:43,349 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 288. [2022-02-20 23:36:43,349 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:43,350 INFO L82 GeneralOperation]: Start isEquivalent. First operand 288 states. Second operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:43,354 INFO L74 IsIncluded]: Start isIncluded. First operand 288 states. Second operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:43,356 INFO L87 Difference]: Start difference. First operand 288 states. Second operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:43,364 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:43,365 INFO L93 Difference]: Finished difference Result 288 states and 329 transitions. [2022-02-20 23:36:43,365 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 329 transitions. [2022-02-20 23:36:43,367 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:43,367 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:43,367 INFO L74 IsIncluded]: Start isIncluded. First operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 288 states. [2022-02-20 23:36:43,368 INFO L87 Difference]: Start difference. First operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 288 states. [2022-02-20 23:36:43,374 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:43,375 INFO L93 Difference]: Finished difference Result 288 states and 329 transitions. [2022-02-20 23:36:43,375 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 329 transitions. [2022-02-20 23:36:43,376 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:43,376 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:43,376 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:43,376 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:43,390 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 162 states have (on average 1.728395061728395) internal successors, (280), 267 states have internal predecessors, (280), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:43,397 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 329 transitions. [2022-02-20 23:36:43,397 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 329 transitions. Word has length 18 [2022-02-20 23:36:43,398 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:43,398 INFO L470 AbstractCegarLoop]: Abstraction has 288 states and 329 transitions. [2022-02-20 23:36:43,398 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:43,399 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 329 transitions. [2022-02-20 23:36:43,399 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 23:36:43,399 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:43,399 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:43,400 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-02-20 23:36:43,400 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting dll_insert_masterErr9REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:43,400 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:43,400 INFO L85 PathProgramCache]: Analyzing trace with hash 1322891008, now seen corresponding path program 1 times [2022-02-20 23:36:43,401 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:43,401 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1236588288] [2022-02-20 23:36:43,401 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:43,401 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:43,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:43,500 INFO L290 TraceCheckUtils]: 0: Hoare triple {9387#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {9387#true} is VALID [2022-02-20 23:36:43,500 INFO L290 TraceCheckUtils]: 1: Hoare triple {9387#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {9387#true} is VALID [2022-02-20 23:36:43,501 INFO L272 TraceCheckUtils]: 2: Hoare triple {9387#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {9387#true} is VALID [2022-02-20 23:36:43,501 INFO L290 TraceCheckUtils]: 3: Hoare triple {9387#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {9387#true} is VALID [2022-02-20 23:36:43,501 INFO L272 TraceCheckUtils]: 4: Hoare triple {9387#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {9387#true} is VALID [2022-02-20 23:36:43,501 INFO L290 TraceCheckUtils]: 5: Hoare triple {9387#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {9387#true} is VALID [2022-02-20 23:36:43,501 INFO L290 TraceCheckUtils]: 6: Hoare triple {9387#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {9387#true} is VALID [2022-02-20 23:36:43,504 INFO L272 TraceCheckUtils]: 7: Hoare triple {9387#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {9387#true} is VALID [2022-02-20 23:36:43,504 INFO L290 TraceCheckUtils]: 8: Hoare triple {9387#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} is VALID [2022-02-20 23:36:43,505 INFO L290 TraceCheckUtils]: 9: Hoare triple {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} is VALID [2022-02-20 23:36:43,505 INFO L290 TraceCheckUtils]: 10: Hoare triple {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} is VALID [2022-02-20 23:36:43,505 INFO L290 TraceCheckUtils]: 11: Hoare triple {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} is VALID [2022-02-20 23:36:43,506 INFO L290 TraceCheckUtils]: 12: Hoare triple {9389#(= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {9390#(and (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0) (<= (+ |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 12) (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)))} is VALID [2022-02-20 23:36:43,507 INFO L290 TraceCheckUtils]: 13: Hoare triple {9390#(and (= |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 0) (<= (+ |dll_insert_master_alloc_or_die_master_~ptr~1#1.offset| 12) (select |#length| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)))} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {9391#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_#res#1.base|)) (= |dll_insert_master_alloc_or_die_master_#res#1.offset| 0))} is VALID [2022-02-20 23:36:43,507 INFO L290 TraceCheckUtils]: 14: Hoare triple {9391#(and (<= 12 (select |#length| |dll_insert_master_alloc_or_die_master_#res#1.base|)) (= |dll_insert_master_alloc_or_die_master_#res#1.offset| 0))} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} is VALID [2022-02-20 23:36:43,508 INFO L290 TraceCheckUtils]: 15: Hoare triple {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} is VALID [2022-02-20 23:36:43,508 INFO L290 TraceCheckUtils]: 16: Hoare triple {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} is VALID [2022-02-20 23:36:43,509 INFO L290 TraceCheckUtils]: 17: Hoare triple {9392#(and (<= 12 (select |#length| |dll_insert_master_~item~1#1.base|)) (= |dll_insert_master_~item~1#1.offset| 0))} assume !(4 + ~item~1#1.offset <= #length[~item~1#1.base] && 0 <= ~item~1#1.offset); {9388#false} is VALID [2022-02-20 23:36:43,509 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:43,510 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:43,510 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1236588288] [2022-02-20 23:36:43,510 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1236588288] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:43,510 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:43,510 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:36:43,510 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1588058506] [2022-02-20 23:36:43,510 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:43,511 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 23:36:43,511 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:43,512 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:43,524 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:43,525 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:36:43,525 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:43,525 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:36:43,526 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:36:43,526 INFO L87 Difference]: Start difference. First operand 288 states and 329 transitions. Second operand has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:44,407 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:44,407 INFO L93 Difference]: Finished difference Result 287 states and 328 transitions. [2022-02-20 23:36:44,407 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:36:44,408 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-20 23:36:44,408 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:44,408 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:44,410 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 288 transitions. [2022-02-20 23:36:44,410 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:44,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 288 transitions. [2022-02-20 23:36:44,413 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 288 transitions. [2022-02-20 23:36:44,627 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 288 edges. 288 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:44,632 INFO L225 Difference]: With dead ends: 287 [2022-02-20 23:36:44,633 INFO L226 Difference]: Without dead ends: 287 [2022-02-20 23:36:44,633 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:36:44,633 INFO L933 BasicCegarLoop]: 276 mSDtfsCounter, 43 mSDsluCounter, 821 mSDsCounter, 0 mSdLazyCounter, 272 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 1097 SdHoareTripleChecker+Invalid, 274 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 272 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:44,634 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [43 Valid, 1097 Invalid, 274 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 272 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:36:44,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 287 states. [2022-02-20 23:36:44,639 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 287 to 287. [2022-02-20 23:36:44,639 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:44,640 INFO L82 GeneralOperation]: Start isEquivalent. First operand 287 states. Second operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:44,640 INFO L74 IsIncluded]: Start isIncluded. First operand 287 states. Second operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:44,641 INFO L87 Difference]: Start difference. First operand 287 states. Second operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:44,647 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:44,648 INFO L93 Difference]: Finished difference Result 287 states and 328 transitions. [2022-02-20 23:36:44,648 INFO L276 IsEmpty]: Start isEmpty. Operand 287 states and 328 transitions. [2022-02-20 23:36:44,649 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:44,649 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:44,650 INFO L74 IsIncluded]: Start isIncluded. First operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 287 states. [2022-02-20 23:36:44,650 INFO L87 Difference]: Start difference. First operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) Second operand 287 states. [2022-02-20 23:36:44,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:44,657 INFO L93 Difference]: Finished difference Result 287 states and 328 transitions. [2022-02-20 23:36:44,657 INFO L276 IsEmpty]: Start isEmpty. Operand 287 states and 328 transitions. [2022-02-20 23:36:44,658 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:44,658 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:44,658 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:44,658 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:44,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 287 states, 162 states have (on average 1.7222222222222223) internal successors, (279), 266 states have internal predecessors, (279), 30 states have call successors, (30), 10 states have call predecessors, (30), 7 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-02-20 23:36:44,665 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 287 states to 287 states and 328 transitions. [2022-02-20 23:36:44,665 INFO L78 Accepts]: Start accepts. Automaton has 287 states and 328 transitions. Word has length 18 [2022-02-20 23:36:44,666 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:44,666 INFO L470 AbstractCegarLoop]: Abstraction has 287 states and 328 transitions. [2022-02-20 23:36:44,666 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.0) internal successors, (15), 6 states have internal predecessors, (15), 1 states have call successors, (3), 1 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:44,666 INFO L276 IsEmpty]: Start isEmpty. Operand 287 states and 328 transitions. [2022-02-20 23:36:44,666 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:36:44,666 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:44,667 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:44,667 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-02-20 23:36:44,667 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting dll_insert_masterErr10REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:44,667 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:44,668 INFO L85 PathProgramCache]: Analyzing trace with hash -12061856, now seen corresponding path program 1 times [2022-02-20 23:36:44,668 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:44,668 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1954355771] [2022-02-20 23:36:44,668 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:44,668 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:44,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:44,885 INFO L290 TraceCheckUtils]: 0: Hoare triple {10547#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {10547#true} is VALID [2022-02-20 23:36:44,886 INFO L290 TraceCheckUtils]: 1: Hoare triple {10547#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {10547#true} is VALID [2022-02-20 23:36:44,886 INFO L272 TraceCheckUtils]: 2: Hoare triple {10547#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {10547#true} is VALID [2022-02-20 23:36:44,888 INFO L290 TraceCheckUtils]: 3: Hoare triple {10547#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {10549#(and (= (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:44,889 INFO L272 TraceCheckUtils]: 4: Hoare triple {10549#(and (= (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {10550#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:36:44,899 INFO L290 TraceCheckUtils]: 5: Hoare triple {10550#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {10551#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:36:44,902 INFO L290 TraceCheckUtils]: 6: Hoare triple {10551#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {10551#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:36:44,904 INFO L272 TraceCheckUtils]: 7: Hoare triple {10551#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} call dll_insert_master(#~10#1.base, #~10#1.offset); {10552#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_#in~dll#1.base|) |dll_insert_master_#in~dll#1.offset|) 0) (= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_#in~dll#1.base|) |dll_insert_master_#in~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,905 INFO L290 TraceCheckUtils]: 8: Hoare triple {10552#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_#in~dll#1.base|) |dll_insert_master_#in~dll#1.offset|) 0) (= (select |#valid| |dll_insert_master_#in~dll#1.base|) 1) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_#in~dll#1.base|) |dll_insert_master_#in~dll#1.offset|) 0))} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,905 INFO L290 TraceCheckUtils]: 9: Hoare triple {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,906 INFO L290 TraceCheckUtils]: 10: Hoare triple {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,907 INFO L290 TraceCheckUtils]: 11: Hoare triple {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,908 INFO L290 TraceCheckUtils]: 12: Hoare triple {10553#(and (not (= |dll_insert_master_~dll#1.base| |dll_insert_master_alloc_or_die_master_~ptr~1#1.base|)) (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,909 INFO L290 TraceCheckUtils]: 13: Hoare triple {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,909 INFO L290 TraceCheckUtils]: 14: Hoare triple {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} is VALID [2022-02-20 23:36:44,910 INFO L290 TraceCheckUtils]: 15: Hoare triple {10554#(and (= (select (select |#memory_$Pointer$.base| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_insert_master_~dll#1.base|) |dll_insert_master_~dll#1.offset|) 0))} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {10555#(and (= |dll_insert_master_#t~mem19#1.offset| 0) (= |dll_insert_master_#t~mem19#1.base| 0))} is VALID [2022-02-20 23:36:44,910 INFO L290 TraceCheckUtils]: 16: Hoare triple {10555#(and (= |dll_insert_master_#t~mem19#1.offset| 0) (= |dll_insert_master_#t~mem19#1.base| 0))} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {10556#(and (= |dll_insert_master_~next~3#1.base| 0) (= |dll_insert_master_~next~3#1.offset| 0))} is VALID [2022-02-20 23:36:44,911 INFO L290 TraceCheckUtils]: 17: Hoare triple {10556#(and (= |dll_insert_master_~next~3#1.base| 0) (= |dll_insert_master_~next~3#1.offset| 0))} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {10556#(and (= |dll_insert_master_~next~3#1.base| 0) (= |dll_insert_master_~next~3#1.offset| 0))} is VALID [2022-02-20 23:36:44,912 INFO L290 TraceCheckUtils]: 18: Hoare triple {10556#(and (= |dll_insert_master_~next~3#1.base| 0) (= |dll_insert_master_~next~3#1.offset| 0))} assume ~next~3#1.base != 0 || ~next~3#1.offset != 0; {10548#false} is VALID [2022-02-20 23:36:44,912 INFO L290 TraceCheckUtils]: 19: Hoare triple {10548#false} assume !(1 == #valid[~next~3#1.base]); {10548#false} is VALID [2022-02-20 23:36:44,912 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:36:44,912 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:44,913 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1954355771] [2022-02-20 23:36:44,913 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1954355771] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:44,913 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:44,913 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-02-20 23:36:44,913 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1427783133] [2022-02-20 23:36:44,913 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:44,914 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-02-20 23:36:44,914 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:44,914 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:44,930 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:44,930 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:36:44,930 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:44,931 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:36:44,931 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:36:44,931 INFO L87 Difference]: Start difference. First operand 287 states and 328 transitions. Second operand has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:46,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:46,570 INFO L93 Difference]: Finished difference Result 326 states and 372 transitions. [2022-02-20 23:36:46,570 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:36:46,570 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-02-20 23:36:46,571 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:46,571 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:46,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 331 transitions. [2022-02-20 23:36:46,574 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:46,576 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 331 transitions. [2022-02-20 23:36:46,576 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 331 transitions. [2022-02-20 23:36:46,837 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 331 edges. 331 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:46,843 INFO L225 Difference]: With dead ends: 326 [2022-02-20 23:36:46,843 INFO L226 Difference]: Without dead ends: 326 [2022-02-20 23:36:46,843 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=41, Invalid=141, Unknown=0, NotChecked=0, Total=182 [2022-02-20 23:36:46,844 INFO L933 BasicCegarLoop]: 272 mSDtfsCounter, 45 mSDsluCounter, 1514 mSDsCounter, 0 mSdLazyCounter, 529 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 1786 SdHoareTripleChecker+Invalid, 551 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 529 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:46,845 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [46 Valid, 1786 Invalid, 551 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 529 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-02-20 23:36:46,847 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 326 states. [2022-02-20 23:36:46,855 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 326 to 307. [2022-02-20 23:36:46,855 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:46,856 INFO L82 GeneralOperation]: Start isEquivalent. First operand 326 states. Second operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:46,856 INFO L74 IsIncluded]: Start isIncluded. First operand 326 states. Second operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:46,856 INFO L87 Difference]: Start difference. First operand 326 states. Second operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:46,866 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:46,866 INFO L93 Difference]: Finished difference Result 326 states and 372 transitions. [2022-02-20 23:36:46,866 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 372 transitions. [2022-02-20 23:36:46,868 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:46,868 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:46,869 INFO L74 IsIncluded]: Start isIncluded. First operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 326 states. [2022-02-20 23:36:46,869 INFO L87 Difference]: Start difference. First operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 326 states. [2022-02-20 23:36:46,877 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:46,878 INFO L93 Difference]: Finished difference Result 326 states and 372 transitions. [2022-02-20 23:36:46,878 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 372 transitions. [2022-02-20 23:36:46,879 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:46,879 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:46,880 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:46,880 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:46,880 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 307 states, 179 states have (on average 1.681564245810056) internal successors, (301), 283 states have internal predecessors, (301), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:46,887 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 307 states to 307 states and 356 transitions. [2022-02-20 23:36:46,887 INFO L78 Accepts]: Start accepts. Automaton has 307 states and 356 transitions. Word has length 20 [2022-02-20 23:36:46,887 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:46,887 INFO L470 AbstractCegarLoop]: Abstraction has 307 states and 356 transitions. [2022-02-20 23:36:46,888 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 1.8888888888888888) internal successors, (17), 8 states have internal predecessors, (17), 3 states have call successors, (3), 3 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:46,888 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 356 transitions. [2022-02-20 23:36:46,888 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:36:46,888 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:46,888 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:46,889 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-02-20 23:36:46,889 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ##fun~$Pointer$~TO~VOIDErr1REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:46,889 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:46,889 INFO L85 PathProgramCache]: Analyzing trace with hash 551710607, now seen corresponding path program 1 times [2022-02-20 23:36:46,889 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:46,890 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1311766057] [2022-02-20 23:36:46,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:46,890 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:46,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:46,955 INFO L290 TraceCheckUtils]: 0: Hoare triple {11852#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {11852#true} is VALID [2022-02-20 23:36:46,956 INFO L290 TraceCheckUtils]: 1: Hoare triple {11852#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,956 INFO L272 TraceCheckUtils]: 2: Hoare triple {11852#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {11852#true} is VALID [2022-02-20 23:36:46,956 INFO L290 TraceCheckUtils]: 3: Hoare triple {11852#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {11852#true} is VALID [2022-02-20 23:36:46,956 INFO L272 TraceCheckUtils]: 4: Hoare triple {11852#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L290 TraceCheckUtils]: 5: Hoare triple {11852#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L290 TraceCheckUtils]: 6: Hoare triple {11852#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L272 TraceCheckUtils]: 7: Hoare triple {11852#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L290 TraceCheckUtils]: 8: Hoare triple {11852#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L290 TraceCheckUtils]: 9: Hoare triple {11852#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {11852#true} is VALID [2022-02-20 23:36:46,957 INFO L290 TraceCheckUtils]: 10: Hoare triple {11852#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {11852#true} is VALID [2022-02-20 23:36:46,958 INFO L290 TraceCheckUtils]: 11: Hoare triple {11852#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {11852#true} is VALID [2022-02-20 23:36:46,958 INFO L290 TraceCheckUtils]: 12: Hoare triple {11852#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {11852#true} is VALID [2022-02-20 23:36:46,958 INFO L290 TraceCheckUtils]: 13: Hoare triple {11852#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,958 INFO L290 TraceCheckUtils]: 14: Hoare triple {11852#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,958 INFO L290 TraceCheckUtils]: 15: Hoare triple {11852#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L290 TraceCheckUtils]: 16: Hoare triple {11852#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L290 TraceCheckUtils]: 17: Hoare triple {11852#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L290 TraceCheckUtils]: 18: Hoare triple {11852#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L272 TraceCheckUtils]: 19: Hoare triple {11852#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L272 TraceCheckUtils]: 20: Hoare triple {11852#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {11852#true} is VALID [2022-02-20 23:36:46,959 INFO L290 TraceCheckUtils]: 21: Hoare triple {11852#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {11852#true} is VALID [2022-02-20 23:36:46,960 INFO L272 TraceCheckUtils]: 22: Hoare triple {11852#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {11852#true} is VALID [2022-02-20 23:36:46,960 INFO L290 TraceCheckUtils]: 23: Hoare triple {11852#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {11852#true} is VALID [2022-02-20 23:36:46,961 INFO L290 TraceCheckUtils]: 24: Hoare triple {11852#true} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {11854#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (+ (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (- 8)) 0))} is VALID [2022-02-20 23:36:46,961 INFO L290 TraceCheckUtils]: 25: Hoare triple {11854#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (+ (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (- 8)) 0))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {11854#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (+ (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (- 8)) 0))} is VALID [2022-02-20 23:36:46,962 INFO L290 TraceCheckUtils]: 26: Hoare triple {11854#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (+ (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (- 8)) 0))} assume !(4 + alloc_or_die_slave_~ptr~0#1.offset <= #length[alloc_or_die_slave_~ptr~0#1.base] && 0 <= alloc_or_die_slave_~ptr~0#1.offset); {11853#false} is VALID [2022-02-20 23:36:46,962 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:36:46,962 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:46,963 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1311766057] [2022-02-20 23:36:46,963 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1311766057] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:46,963 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:46,963 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:36:46,963 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [963621172] [2022-02-20 23:36:46,963 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:46,964 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 27 [2022-02-20 23:36:46,965 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:46,965 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:46,981 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:46,981 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:36:46,981 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:46,982 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:36:46,982 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:46,982 INFO L87 Difference]: Start difference. First operand 307 states and 356 transitions. Second operand has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:47,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:47,313 INFO L93 Difference]: Finished difference Result 305 states and 354 transitions. [2022-02-20 23:36:47,313 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:36:47,313 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 27 [2022-02-20 23:36:47,313 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:47,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:47,316 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 23:36:47,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:47,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 291 transitions. [2022-02-20 23:36:47,319 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 291 transitions. [2022-02-20 23:36:47,526 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 291 edges. 291 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:47,532 INFO L225 Difference]: With dead ends: 305 [2022-02-20 23:36:47,532 INFO L226 Difference]: Without dead ends: 305 [2022-02-20 23:36:47,532 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:36:47,533 INFO L933 BasicCegarLoop]: 274 mSDtfsCounter, 21 mSDsluCounter, 184 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 458 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:47,533 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [21 Valid, 458 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:36:47,533 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2022-02-20 23:36:47,538 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 305. [2022-02-20 23:36:47,539 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:47,539 INFO L82 GeneralOperation]: Start isEquivalent. First operand 305 states. Second operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:47,540 INFO L74 IsIncluded]: Start isIncluded. First operand 305 states. Second operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:47,540 INFO L87 Difference]: Start difference. First operand 305 states. Second operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:47,547 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:47,547 INFO L93 Difference]: Finished difference Result 305 states and 354 transitions. [2022-02-20 23:36:47,548 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 354 transitions. [2022-02-20 23:36:47,548 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:47,549 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:47,549 INFO L74 IsIncluded]: Start isIncluded. First operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 305 states. [2022-02-20 23:36:47,550 INFO L87 Difference]: Start difference. First operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 305 states. [2022-02-20 23:36:47,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:47,557 INFO L93 Difference]: Finished difference Result 305 states and 354 transitions. [2022-02-20 23:36:47,557 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 354 transitions. [2022-02-20 23:36:47,558 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:47,558 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:47,559 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:47,559 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:47,559 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 305 states, 179 states have (on average 1.670391061452514) internal successors, (299), 281 states have internal predecessors, (299), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:47,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 305 states to 305 states and 354 transitions. [2022-02-20 23:36:47,566 INFO L78 Accepts]: Start accepts. Automaton has 305 states and 354 transitions. Word has length 27 [2022-02-20 23:36:47,566 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:47,566 INFO L470 AbstractCegarLoop]: Abstraction has 305 states and 354 transitions. [2022-02-20 23:36:47,567 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 9.5) internal successors, (19), 3 states have internal predecessors, (19), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:47,567 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 354 transitions. [2022-02-20 23:36:47,567 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 23:36:47,567 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:47,568 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:47,568 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-02-20 23:36:47,568 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ##fun~$Pointer$~TO~VOIDErr5REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:47,568 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:47,568 INFO L85 PathProgramCache]: Analyzing trace with hash 67060467, now seen corresponding path program 1 times [2022-02-20 23:36:47,569 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:47,569 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1065190898] [2022-02-20 23:36:47,569 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:47,569 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:47,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:47,668 INFO L290 TraceCheckUtils]: 0: Hoare triple {13077#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {13077#true} is VALID [2022-02-20 23:36:47,669 INFO L290 TraceCheckUtils]: 1: Hoare triple {13077#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,669 INFO L272 TraceCheckUtils]: 2: Hoare triple {13077#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {13077#true} is VALID [2022-02-20 23:36:47,669 INFO L290 TraceCheckUtils]: 3: Hoare triple {13077#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {13077#true} is VALID [2022-02-20 23:36:47,669 INFO L272 TraceCheckUtils]: 4: Hoare triple {13077#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {13077#true} is VALID [2022-02-20 23:36:47,669 INFO L290 TraceCheckUtils]: 5: Hoare triple {13077#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L290 TraceCheckUtils]: 6: Hoare triple {13077#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L272 TraceCheckUtils]: 7: Hoare triple {13077#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L290 TraceCheckUtils]: 8: Hoare triple {13077#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L290 TraceCheckUtils]: 9: Hoare triple {13077#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L290 TraceCheckUtils]: 10: Hoare triple {13077#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {13077#true} is VALID [2022-02-20 23:36:47,670 INFO L290 TraceCheckUtils]: 11: Hoare triple {13077#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {13077#true} is VALID [2022-02-20 23:36:47,671 INFO L290 TraceCheckUtils]: 12: Hoare triple {13077#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {13077#true} is VALID [2022-02-20 23:36:47,671 INFO L290 TraceCheckUtils]: 13: Hoare triple {13077#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,671 INFO L290 TraceCheckUtils]: 14: Hoare triple {13077#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,671 INFO L290 TraceCheckUtils]: 15: Hoare triple {13077#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {13077#true} is VALID [2022-02-20 23:36:47,671 INFO L290 TraceCheckUtils]: 16: Hoare triple {13077#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {13077#true} is VALID [2022-02-20 23:36:47,672 INFO L290 TraceCheckUtils]: 17: Hoare triple {13077#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {13077#true} is VALID [2022-02-20 23:36:47,672 INFO L290 TraceCheckUtils]: 18: Hoare triple {13077#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {13077#true} is VALID [2022-02-20 23:36:47,672 INFO L272 TraceCheckUtils]: 19: Hoare triple {13077#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {13077#true} is VALID [2022-02-20 23:36:47,672 INFO L272 TraceCheckUtils]: 20: Hoare triple {13077#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {13077#true} is VALID [2022-02-20 23:36:47,673 INFO L290 TraceCheckUtils]: 21: Hoare triple {13077#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {13079#(and (<= 4 (select |#length| |dll_create_generic_~#dll~0.base|)) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:47,674 INFO L272 TraceCheckUtils]: 22: Hoare triple {13079#(and (<= 4 (select |#length| |dll_create_generic_~#dll~0.base|)) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {13080#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)))} is VALID [2022-02-20 23:36:47,675 INFO L290 TraceCheckUtils]: 23: Hoare triple {13080#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {13081#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} is VALID [2022-02-20 23:36:47,676 INFO L290 TraceCheckUtils]: 24: Hoare triple {13081#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_#~10#1.base|)))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,676 INFO L290 TraceCheckUtils]: 25: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,677 INFO L290 TraceCheckUtils]: 26: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,678 INFO L290 TraceCheckUtils]: 27: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,679 INFO L290 TraceCheckUtils]: 28: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,679 INFO L290 TraceCheckUtils]: 29: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} is VALID [2022-02-20 23:36:47,680 INFO L290 TraceCheckUtils]: 30: Hoare triple {13082#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))} assume !(4 + dll_insert_slave_~dll#1.offset <= #length[dll_insert_slave_~dll#1.base] && 0 <= dll_insert_slave_~dll#1.offset); {13078#false} is VALID [2022-02-20 23:36:47,680 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:36:47,680 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:47,680 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1065190898] [2022-02-20 23:36:47,681 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1065190898] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:47,681 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:47,681 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:36:47,681 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1901746969] [2022-02-20 23:36:47,681 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:47,682 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 31 [2022-02-20 23:36:47,682 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:47,682 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:47,707 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:47,707 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:36:47,707 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:47,708 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:36:47,708 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:36:47,708 INFO L87 Difference]: Start difference. First operand 305 states and 354 transitions. Second operand has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:48,781 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:48,782 INFO L93 Difference]: Finished difference Result 304 states and 353 transitions. [2022-02-20 23:36:48,782 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:36:48,782 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 31 [2022-02-20 23:36:48,782 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:48,783 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:48,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 302 transitions. [2022-02-20 23:36:48,786 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:48,788 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 302 transitions. [2022-02-20 23:36:48,788 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 302 transitions. [2022-02-20 23:36:48,998 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 302 edges. 302 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:49,007 INFO L225 Difference]: With dead ends: 304 [2022-02-20 23:36:49,007 INFO L226 Difference]: Without dead ends: 304 [2022-02-20 23:36:49,007 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:36:49,008 INFO L933 BasicCegarLoop]: 268 mSDtfsCounter, 62 mSDsluCounter, 605 mSDsCounter, 0 mSdLazyCounter, 499 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 873 SdHoareTripleChecker+Invalid, 507 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 499 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:49,008 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [62 Valid, 873 Invalid, 507 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 499 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-02-20 23:36:49,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 304 states. [2022-02-20 23:36:49,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 304 to 303. [2022-02-20 23:36:49,016 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:49,016 INFO L82 GeneralOperation]: Start isEquivalent. First operand 304 states. Second operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:49,017 INFO L74 IsIncluded]: Start isIncluded. First operand 304 states. Second operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:49,017 INFO L87 Difference]: Start difference. First operand 304 states. Second operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:49,024 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:49,024 INFO L93 Difference]: Finished difference Result 304 states and 353 transitions. [2022-02-20 23:36:49,024 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 353 transitions. [2022-02-20 23:36:49,025 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:49,025 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:49,026 INFO L74 IsIncluded]: Start isIncluded. First operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 304 states. [2022-02-20 23:36:49,026 INFO L87 Difference]: Start difference. First operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 304 states. [2022-02-20 23:36:49,032 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:49,033 INFO L93 Difference]: Finished difference Result 304 states and 353 transitions. [2022-02-20 23:36:49,033 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 353 transitions. [2022-02-20 23:36:49,034 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:49,034 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:49,034 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:49,034 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:49,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 303 states, 179 states have (on average 1.6592178770949721) internal successors, (297), 279 states have internal predecessors, (297), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:49,041 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 303 states to 303 states and 352 transitions. [2022-02-20 23:36:49,041 INFO L78 Accepts]: Start accepts. Automaton has 303 states and 352 transitions. Word has length 31 [2022-02-20 23:36:49,041 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:49,042 INFO L470 AbstractCegarLoop]: Abstraction has 303 states and 352 transitions. [2022-02-20 23:36:49,042 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:49,042 INFO L276 IsEmpty]: Start isEmpty. Operand 303 states and 352 transitions. [2022-02-20 23:36:49,043 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 23:36:49,044 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:49,044 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:49,044 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2022-02-20 23:36:49,044 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ##fun~$Pointer$~TO~VOIDErr4REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:49,044 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:49,045 INFO L85 PathProgramCache]: Analyzing trace with hash 67060466, now seen corresponding path program 1 times [2022-02-20 23:36:49,045 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:49,045 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [684520622] [2022-02-20 23:36:49,045 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:49,045 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:49,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:49,146 INFO L290 TraceCheckUtils]: 0: Hoare triple {14304#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {14304#true} is VALID [2022-02-20 23:36:49,146 INFO L290 TraceCheckUtils]: 1: Hoare triple {14304#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,147 INFO L272 TraceCheckUtils]: 2: Hoare triple {14304#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {14304#true} is VALID [2022-02-20 23:36:49,147 INFO L290 TraceCheckUtils]: 3: Hoare triple {14304#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {14304#true} is VALID [2022-02-20 23:36:49,147 INFO L272 TraceCheckUtils]: 4: Hoare triple {14304#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {14304#true} is VALID [2022-02-20 23:36:49,147 INFO L290 TraceCheckUtils]: 5: Hoare triple {14304#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,147 INFO L290 TraceCheckUtils]: 6: Hoare triple {14304#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {14304#true} is VALID [2022-02-20 23:36:49,148 INFO L272 TraceCheckUtils]: 7: Hoare triple {14304#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {14304#true} is VALID [2022-02-20 23:36:49,148 INFO L290 TraceCheckUtils]: 8: Hoare triple {14304#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,151 INFO L290 TraceCheckUtils]: 9: Hoare triple {14304#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {14304#true} is VALID [2022-02-20 23:36:49,151 INFO L290 TraceCheckUtils]: 10: Hoare triple {14304#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 11: Hoare triple {14304#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 12: Hoare triple {14304#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 13: Hoare triple {14304#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 14: Hoare triple {14304#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 15: Hoare triple {14304#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {14304#true} is VALID [2022-02-20 23:36:49,152 INFO L290 TraceCheckUtils]: 16: Hoare triple {14304#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {14304#true} is VALID [2022-02-20 23:36:49,153 INFO L290 TraceCheckUtils]: 17: Hoare triple {14304#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {14304#true} is VALID [2022-02-20 23:36:49,153 INFO L290 TraceCheckUtils]: 18: Hoare triple {14304#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {14304#true} is VALID [2022-02-20 23:36:49,153 INFO L272 TraceCheckUtils]: 19: Hoare triple {14304#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {14304#true} is VALID [2022-02-20 23:36:49,153 INFO L272 TraceCheckUtils]: 20: Hoare triple {14304#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {14304#true} is VALID [2022-02-20 23:36:49,154 INFO L290 TraceCheckUtils]: 21: Hoare triple {14304#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {14306#(= (select |#valid| |dll_create_generic_~#dll~0.base|) 1)} is VALID [2022-02-20 23:36:49,155 INFO L272 TraceCheckUtils]: 22: Hoare triple {14306#(= (select |#valid| |dll_create_generic_~#dll~0.base|) 1)} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {14307#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1)} is VALID [2022-02-20 23:36:49,155 INFO L290 TraceCheckUtils]: 23: Hoare triple {14307#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1)} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {14308#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} is VALID [2022-02-20 23:36:49,156 INFO L290 TraceCheckUtils]: 24: Hoare triple {14308#(= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1)} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {14309#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} is VALID [2022-02-20 23:36:49,157 INFO L290 TraceCheckUtils]: 25: Hoare triple {14309#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {14309#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} is VALID [2022-02-20 23:36:49,157 INFO L290 TraceCheckUtils]: 26: Hoare triple {14309#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:49,158 INFO L290 TraceCheckUtils]: 27: Hoare triple {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:49,158 INFO L290 TraceCheckUtils]: 28: Hoare triple {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:49,159 INFO L290 TraceCheckUtils]: 29: Hoare triple {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} is VALID [2022-02-20 23:36:49,159 INFO L290 TraceCheckUtils]: 30: Hoare triple {14310#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)} assume !(1 == #valid[dll_insert_slave_~dll#1.base]); {14305#false} is VALID [2022-02-20 23:36:49,160 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:36:49,160 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:49,161 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [684520622] [2022-02-20 23:36:49,161 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [684520622] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:49,161 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:49,161 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:36:49,161 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1685916847] [2022-02-20 23:36:49,161 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:49,162 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 31 [2022-02-20 23:36:49,162 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:49,162 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:49,182 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:49,182 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:36:49,182 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:49,183 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:36:49,183 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:36:49,183 INFO L87 Difference]: Start difference. First operand 303 states and 352 transitions. Second operand has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:50,075 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:50,075 INFO L93 Difference]: Finished difference Result 301 states and 350 transitions. [2022-02-20 23:36:50,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:36:50,076 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 31 [2022-02-20 23:36:50,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:50,076 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:50,079 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 299 transitions. [2022-02-20 23:36:50,079 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:50,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 299 transitions. [2022-02-20 23:36:50,081 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 299 transitions. [2022-02-20 23:36:50,270 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 299 edges. 299 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:50,275 INFO L225 Difference]: With dead ends: 301 [2022-02-20 23:36:50,276 INFO L226 Difference]: Without dead ends: 301 [2022-02-20 23:36:50,276 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:36:50,276 INFO L933 BasicCegarLoop]: 270 mSDtfsCounter, 74 mSDsluCounter, 705 mSDsCounter, 0 mSdLazyCounter, 392 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 975 SdHoareTripleChecker+Invalid, 402 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 392 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:50,277 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [74 Valid, 975 Invalid, 402 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 392 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:36:50,277 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2022-02-20 23:36:50,282 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 301. [2022-02-20 23:36:50,282 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:50,282 INFO L82 GeneralOperation]: Start isEquivalent. First operand 301 states. Second operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:50,283 INFO L74 IsIncluded]: Start isIncluded. First operand 301 states. Second operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:50,283 INFO L87 Difference]: Start difference. First operand 301 states. Second operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:50,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:50,291 INFO L93 Difference]: Finished difference Result 301 states and 350 transitions. [2022-02-20 23:36:50,291 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 350 transitions. [2022-02-20 23:36:50,292 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:50,292 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:50,292 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 301 states. [2022-02-20 23:36:50,293 INFO L87 Difference]: Start difference. First operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 301 states. [2022-02-20 23:36:50,299 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:50,300 INFO L93 Difference]: Finished difference Result 301 states and 350 transitions. [2022-02-20 23:36:50,300 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 350 transitions. [2022-02-20 23:36:50,301 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:50,301 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:50,301 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:50,301 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:50,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 179 states have (on average 1.6480446927374302) internal successors, (295), 277 states have internal predecessors, (295), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:50,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 350 transitions. [2022-02-20 23:36:50,308 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 350 transitions. Word has length 31 [2022-02-20 23:36:50,308 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:50,308 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 350 transitions. [2022-02-20 23:36:50,309 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:50,309 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 350 transitions. [2022-02-20 23:36:50,309 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 23:36:50,309 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:50,309 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:50,310 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2022-02-20 23:36:50,310 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ##fun~$Pointer$~TO~VOIDErr6REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:50,310 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:50,310 INFO L85 PathProgramCache]: Analyzing trace with hash 20600531, now seen corresponding path program 1 times [2022-02-20 23:36:50,310 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:50,311 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1611571927] [2022-02-20 23:36:50,311 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:50,311 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:50,337 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:50,376 INFO L290 TraceCheckUtils]: 0: Hoare triple {15521#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {15521#true} is VALID [2022-02-20 23:36:50,376 INFO L290 TraceCheckUtils]: 1: Hoare triple {15521#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,376 INFO L272 TraceCheckUtils]: 2: Hoare triple {15521#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {15521#true} is VALID [2022-02-20 23:36:50,376 INFO L290 TraceCheckUtils]: 3: Hoare triple {15521#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {15521#true} is VALID [2022-02-20 23:36:50,376 INFO L272 TraceCheckUtils]: 4: Hoare triple {15521#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 5: Hoare triple {15521#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 6: Hoare triple {15521#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L272 TraceCheckUtils]: 7: Hoare triple {15521#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 8: Hoare triple {15521#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 9: Hoare triple {15521#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 10: Hoare triple {15521#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 11: Hoare triple {15521#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 12: Hoare triple {15521#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 13: Hoare triple {15521#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,377 INFO L290 TraceCheckUtils]: 14: Hoare triple {15521#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L290 TraceCheckUtils]: 15: Hoare triple {15521#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L290 TraceCheckUtils]: 16: Hoare triple {15521#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L290 TraceCheckUtils]: 17: Hoare triple {15521#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L290 TraceCheckUtils]: 18: Hoare triple {15521#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L272 TraceCheckUtils]: 19: Hoare triple {15521#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L272 TraceCheckUtils]: 20: Hoare triple {15521#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L290 TraceCheckUtils]: 21: Hoare triple {15521#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {15521#true} is VALID [2022-02-20 23:36:50,378 INFO L272 TraceCheckUtils]: 22: Hoare triple {15521#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {15521#true} is VALID [2022-02-20 23:36:50,379 INFO L290 TraceCheckUtils]: 23: Hoare triple {15521#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,379 INFO L290 TraceCheckUtils]: 24: Hoare triple {15521#true} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {15521#true} is VALID [2022-02-20 23:36:50,379 INFO L290 TraceCheckUtils]: 25: Hoare triple {15521#true} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {15521#true} is VALID [2022-02-20 23:36:50,381 INFO L290 TraceCheckUtils]: 26: Hoare triple {15521#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {15523#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} is VALID [2022-02-20 23:36:50,381 INFO L290 TraceCheckUtils]: 27: Hoare triple {15523#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {15523#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} is VALID [2022-02-20 23:36:50,381 INFO L290 TraceCheckUtils]: 28: Hoare triple {15523#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {15524#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1)} is VALID [2022-02-20 23:36:50,384 INFO L290 TraceCheckUtils]: 29: Hoare triple {15524#(= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1)} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} is VALID [2022-02-20 23:36:50,384 INFO L290 TraceCheckUtils]: 30: Hoare triple {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} is VALID [2022-02-20 23:36:50,385 INFO L290 TraceCheckUtils]: 31: Hoare triple {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} is VALID [2022-02-20 23:36:50,385 INFO L290 TraceCheckUtils]: 32: Hoare triple {15525#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)} assume !(1 == #valid[dll_insert_slave_~item~0#1.base]); {15522#false} is VALID [2022-02-20 23:36:50,385 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:36:50,385 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:50,385 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1611571927] [2022-02-20 23:36:50,385 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1611571927] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:50,386 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:50,386 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:36:50,386 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1209516018] [2022-02-20 23:36:50,386 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:50,386 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 33 [2022-02-20 23:36:50,386 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:50,387 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:50,405 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:50,405 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:36:50,406 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:50,406 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:36:50,406 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:36:50,406 INFO L87 Difference]: Start difference. First operand 301 states and 350 transitions. Second operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:51,094 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:51,094 INFO L93 Difference]: Finished difference Result 300 states and 349 transitions. [2022-02-20 23:36:51,094 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:36:51,095 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 33 [2022-02-20 23:36:51,096 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:51,096 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:51,098 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 285 transitions. [2022-02-20 23:36:51,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:51,100 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 285 transitions. [2022-02-20 23:36:51,100 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 285 transitions. [2022-02-20 23:36:51,301 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 285 edges. 285 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:51,306 INFO L225 Difference]: With dead ends: 300 [2022-02-20 23:36:51,307 INFO L226 Difference]: Without dead ends: 300 [2022-02-20 23:36:51,307 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:36:51,308 INFO L933 BasicCegarLoop]: 270 mSDtfsCounter, 38 mSDsluCounter, 531 mSDsCounter, 0 mSdLazyCounter, 281 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 801 SdHoareTripleChecker+Invalid, 282 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 281 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:51,308 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [38 Valid, 801 Invalid, 282 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 281 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:36:51,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states. [2022-02-20 23:36:51,312 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 300. [2022-02-20 23:36:51,313 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:51,313 INFO L82 GeneralOperation]: Start isEquivalent. First operand 300 states. Second operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:51,314 INFO L74 IsIncluded]: Start isIncluded. First operand 300 states. Second operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:51,314 INFO L87 Difference]: Start difference. First operand 300 states. Second operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:51,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:51,321 INFO L93 Difference]: Finished difference Result 300 states and 349 transitions. [2022-02-20 23:36:51,321 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 349 transitions. [2022-02-20 23:36:51,322 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:51,322 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:51,322 INFO L74 IsIncluded]: Start isIncluded. First operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 300 states. [2022-02-20 23:36:51,323 INFO L87 Difference]: Start difference. First operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 300 states. [2022-02-20 23:36:51,329 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:51,329 INFO L93 Difference]: Finished difference Result 300 states and 349 transitions. [2022-02-20 23:36:51,329 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 349 transitions. [2022-02-20 23:36:51,330 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:51,330 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:51,331 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:51,331 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:51,331 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 300 states, 179 states have (on average 1.6424581005586592) internal successors, (294), 276 states have internal predecessors, (294), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:51,337 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 300 states to 300 states and 349 transitions. [2022-02-20 23:36:51,337 INFO L78 Accepts]: Start accepts. Automaton has 300 states and 349 transitions. Word has length 33 [2022-02-20 23:36:51,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:51,338 INFO L470 AbstractCegarLoop]: Abstraction has 300 states and 349 transitions. [2022-02-20 23:36:51,338 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:51,338 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 349 transitions. [2022-02-20 23:36:51,338 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 23:36:51,338 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:51,339 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:51,339 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2022-02-20 23:36:51,339 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ##fun~$Pointer$~TO~VOIDErr7REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:51,339 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:51,340 INFO L85 PathProgramCache]: Analyzing trace with hash 20600532, now seen corresponding path program 1 times [2022-02-20 23:36:51,340 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:51,340 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [450990733] [2022-02-20 23:36:51,340 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:51,340 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:51,366 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:51,417 INFO L290 TraceCheckUtils]: 0: Hoare triple {16732#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {16732#true} is VALID [2022-02-20 23:36:51,417 INFO L290 TraceCheckUtils]: 1: Hoare triple {16732#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,417 INFO L272 TraceCheckUtils]: 2: Hoare triple {16732#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {16732#true} is VALID [2022-02-20 23:36:51,417 INFO L290 TraceCheckUtils]: 3: Hoare triple {16732#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L272 TraceCheckUtils]: 4: Hoare triple {16732#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L290 TraceCheckUtils]: 5: Hoare triple {16732#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L290 TraceCheckUtils]: 6: Hoare triple {16732#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L272 TraceCheckUtils]: 7: Hoare triple {16732#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L290 TraceCheckUtils]: 8: Hoare triple {16732#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,418 INFO L290 TraceCheckUtils]: 9: Hoare triple {16732#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {16732#true} is VALID [2022-02-20 23:36:51,419 INFO L290 TraceCheckUtils]: 10: Hoare triple {16732#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {16732#true} is VALID [2022-02-20 23:36:51,419 INFO L290 TraceCheckUtils]: 11: Hoare triple {16732#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {16732#true} is VALID [2022-02-20 23:36:51,419 INFO L290 TraceCheckUtils]: 12: Hoare triple {16732#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {16732#true} is VALID [2022-02-20 23:36:51,419 INFO L290 TraceCheckUtils]: 13: Hoare triple {16732#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,419 INFO L290 TraceCheckUtils]: 14: Hoare triple {16732#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L290 TraceCheckUtils]: 15: Hoare triple {16732#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L290 TraceCheckUtils]: 16: Hoare triple {16732#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L290 TraceCheckUtils]: 17: Hoare triple {16732#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L290 TraceCheckUtils]: 18: Hoare triple {16732#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L272 TraceCheckUtils]: 19: Hoare triple {16732#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L272 TraceCheckUtils]: 20: Hoare triple {16732#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {16732#true} is VALID [2022-02-20 23:36:51,420 INFO L290 TraceCheckUtils]: 21: Hoare triple {16732#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {16732#true} is VALID [2022-02-20 23:36:51,421 INFO L272 TraceCheckUtils]: 22: Hoare triple {16732#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {16732#true} is VALID [2022-02-20 23:36:51,421 INFO L290 TraceCheckUtils]: 23: Hoare triple {16732#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {16732#true} is VALID [2022-02-20 23:36:51,421 INFO L290 TraceCheckUtils]: 24: Hoare triple {16732#true} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {16734#(= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0)} is VALID [2022-02-20 23:36:51,422 INFO L290 TraceCheckUtils]: 25: Hoare triple {16734#(= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0)} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {16734#(= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0)} is VALID [2022-02-20 23:36:51,422 INFO L290 TraceCheckUtils]: 26: Hoare triple {16734#(= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {16735#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4) (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} is VALID [2022-02-20 23:36:51,423 INFO L290 TraceCheckUtils]: 27: Hoare triple {16735#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4) (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {16735#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4) (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} is VALID [2022-02-20 23:36:51,424 INFO L290 TraceCheckUtils]: 28: Hoare triple {16735#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4) (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {16736#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|)))} is VALID [2022-02-20 23:36:51,424 INFO L290 TraceCheckUtils]: 29: Hoare triple {16736#(and (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|)))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} is VALID [2022-02-20 23:36:51,425 INFO L290 TraceCheckUtils]: 30: Hoare triple {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} is VALID [2022-02-20 23:36:51,425 INFO L290 TraceCheckUtils]: 31: Hoare triple {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} is VALID [2022-02-20 23:36:51,426 INFO L290 TraceCheckUtils]: 32: Hoare triple {16737#(and (<= 4 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0))} assume !(4 + dll_insert_slave_~item~0#1.offset <= #length[dll_insert_slave_~item~0#1.base] && 0 <= dll_insert_slave_~item~0#1.offset); {16733#false} is VALID [2022-02-20 23:36:51,426 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:36:51,426 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:51,426 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [450990733] [2022-02-20 23:36:51,426 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [450990733] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:51,427 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:51,427 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:36:51,427 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [271253378] [2022-02-20 23:36:51,427 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:51,427 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 33 [2022-02-20 23:36:51,428 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:51,428 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:51,450 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:51,450 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:36:51,450 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:51,451 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:36:51,451 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:36:51,451 INFO L87 Difference]: Start difference. First operand 300 states and 349 transitions. Second operand has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:52,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:52,241 INFO L93 Difference]: Finished difference Result 299 states and 348 transitions. [2022-02-20 23:36:52,241 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:36:52,241 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 33 [2022-02-20 23:36:52,242 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:52,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:52,244 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 284 transitions. [2022-02-20 23:36:52,244 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:52,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 284 transitions. [2022-02-20 23:36:52,247 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 284 transitions. [2022-02-20 23:36:52,460 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 284 edges. 284 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:52,465 INFO L225 Difference]: With dead ends: 299 [2022-02-20 23:36:52,466 INFO L226 Difference]: Without dead ends: 299 [2022-02-20 23:36:52,466 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:36:52,467 INFO L933 BasicCegarLoop]: 270 mSDtfsCounter, 37 mSDsluCounter, 816 mSDsCounter, 0 mSdLazyCounter, 259 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 1086 SdHoareTripleChecker+Invalid, 260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 259 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:52,467 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 1086 Invalid, 260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 259 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:36:52,468 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2022-02-20 23:36:52,472 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 299. [2022-02-20 23:36:52,472 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:52,473 INFO L82 GeneralOperation]: Start isEquivalent. First operand 299 states. Second operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:52,473 INFO L74 IsIncluded]: Start isIncluded. First operand 299 states. Second operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:52,474 INFO L87 Difference]: Start difference. First operand 299 states. Second operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:52,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:52,480 INFO L93 Difference]: Finished difference Result 299 states and 348 transitions. [2022-02-20 23:36:52,480 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 348 transitions. [2022-02-20 23:36:52,481 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:52,481 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:52,482 INFO L74 IsIncluded]: Start isIncluded. First operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 299 states. [2022-02-20 23:36:52,482 INFO L87 Difference]: Start difference. First operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 299 states. [2022-02-20 23:36:52,488 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:52,489 INFO L93 Difference]: Finished difference Result 299 states and 348 transitions. [2022-02-20 23:36:52,489 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 348 transitions. [2022-02-20 23:36:52,490 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:52,490 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:52,490 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:52,490 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:52,491 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 299 states, 179 states have (on average 1.6368715083798884) internal successors, (293), 275 states have internal predecessors, (293), 32 states have call successors, (32), 12 states have call predecessors, (32), 8 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:36:52,496 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 348 transitions. [2022-02-20 23:36:52,497 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 348 transitions. Word has length 33 [2022-02-20 23:36:52,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:52,497 INFO L470 AbstractCegarLoop]: Abstraction has 299 states and 348 transitions. [2022-02-20 23:36:52,497 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 5.0) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (5), 1 states have call predecessors, (5), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:52,497 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 348 transitions. [2022-02-20 23:36:52,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 23:36:52,498 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:52,498 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:52,498 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2022-02-20 23:36:52,498 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting ##fun~$Pointer$~TO~VOIDErr8REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:52,499 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:52,499 INFO L85 PathProgramCache]: Analyzing trace with hash -1677723852, now seen corresponding path program 1 times [2022-02-20 23:36:52,499 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:52,499 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [640829553] [2022-02-20 23:36:52,499 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:52,500 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:52,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:52,681 INFO L290 TraceCheckUtils]: 0: Hoare triple {17940#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {17940#true} is VALID [2022-02-20 23:36:52,681 INFO L290 TraceCheckUtils]: 1: Hoare triple {17940#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L272 TraceCheckUtils]: 2: Hoare triple {17940#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L290 TraceCheckUtils]: 3: Hoare triple {17940#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L272 TraceCheckUtils]: 4: Hoare triple {17940#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L290 TraceCheckUtils]: 5: Hoare triple {17940#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L290 TraceCheckUtils]: 6: Hoare triple {17940#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {17940#true} is VALID [2022-02-20 23:36:52,682 INFO L272 TraceCheckUtils]: 7: Hoare triple {17940#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 8: Hoare triple {17940#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 9: Hoare triple {17940#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 10: Hoare triple {17940#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 11: Hoare triple {17940#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 12: Hoare triple {17940#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {17940#true} is VALID [2022-02-20 23:36:52,683 INFO L290 TraceCheckUtils]: 13: Hoare triple {17940#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,684 INFO L290 TraceCheckUtils]: 14: Hoare triple {17940#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,685 INFO L290 TraceCheckUtils]: 15: Hoare triple {17940#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {17940#true} is VALID [2022-02-20 23:36:52,685 INFO L290 TraceCheckUtils]: 16: Hoare triple {17940#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {17940#true} is VALID [2022-02-20 23:36:52,685 INFO L290 TraceCheckUtils]: 17: Hoare triple {17940#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {17940#true} is VALID [2022-02-20 23:36:52,685 INFO L290 TraceCheckUtils]: 18: Hoare triple {17940#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {17940#true} is VALID [2022-02-20 23:36:52,685 INFO L272 TraceCheckUtils]: 19: Hoare triple {17940#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {17940#true} is VALID [2022-02-20 23:36:52,686 INFO L272 TraceCheckUtils]: 20: Hoare triple {17940#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {17940#true} is VALID [2022-02-20 23:36:52,687 INFO L290 TraceCheckUtils]: 21: Hoare triple {17940#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {17942#(and (= (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:52,688 INFO L272 TraceCheckUtils]: 22: Hoare triple {17942#(and (= (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {17943#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:36:52,688 INFO L290 TraceCheckUtils]: 23: Hoare triple {17943#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {17944#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:36:52,689 INFO L290 TraceCheckUtils]: 24: Hoare triple {17944#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,690 INFO L290 TraceCheckUtils]: 25: Hoare triple {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,691 INFO L290 TraceCheckUtils]: 26: Hoare triple {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,692 INFO L290 TraceCheckUtils]: 27: Hoare triple {17945#(and (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,692 INFO L290 TraceCheckUtils]: 28: Hoare triple {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,693 INFO L290 TraceCheckUtils]: 29: Hoare triple {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:52,693 INFO L290 TraceCheckUtils]: 30: Hoare triple {17946#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0) (= 0 (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {17947#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base| 0))} is VALID [2022-02-20 23:36:52,694 INFO L290 TraceCheckUtils]: 31: Hoare triple {17947#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base| 0))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {17948#(and (= 0 |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} is VALID [2022-02-20 23:36:52,695 INFO L290 TraceCheckUtils]: 32: Hoare triple {17948#(and (= 0 |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {17948#(and (= 0 |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} is VALID [2022-02-20 23:36:52,695 INFO L290 TraceCheckUtils]: 33: Hoare triple {17948#(and (= 0 |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {17941#false} is VALID [2022-02-20 23:36:52,695 INFO L290 TraceCheckUtils]: 34: Hoare triple {17941#false} assume !(1 == #valid[dll_insert_slave_~next~0#1.base]); {17941#false} is VALID [2022-02-20 23:36:52,696 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:36:52,696 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:52,696 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [640829553] [2022-02-20 23:36:52,698 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [640829553] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:36:52,698 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:36:52,698 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-20 23:36:52,698 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1136873121] [2022-02-20 23:36:52,698 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:36:52,699 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 35 [2022-02-20 23:36:52,699 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:36:52,699 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:52,726 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:52,726 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:36:52,726 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:36:52,727 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:36:52,727 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:36:52,727 INFO L87 Difference]: Start difference. First operand 299 states and 348 transitions. Second operand has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:53,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:53,985 INFO L93 Difference]: Finished difference Result 313 states and 363 transitions. [2022-02-20 23:36:53,985 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:36:53,985 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 35 [2022-02-20 23:36:53,985 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:36:53,986 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:53,987 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 301 transitions. [2022-02-20 23:36:53,987 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:53,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 301 transitions. [2022-02-20 23:36:53,989 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 301 transitions. [2022-02-20 23:36:54,176 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 301 edges. 301 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:36:54,181 INFO L225 Difference]: With dead ends: 313 [2022-02-20 23:36:54,181 INFO L226 Difference]: Without dead ends: 313 [2022-02-20 23:36:54,181 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=111, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:36:54,182 INFO L933 BasicCegarLoop]: 271 mSDtfsCounter, 24 mSDsluCounter, 1322 mSDsCounter, 0 mSdLazyCounter, 378 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 1593 SdHoareTripleChecker+Invalid, 397 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 378 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:36:54,182 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [24 Valid, 1593 Invalid, 397 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 378 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:36:54,183 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 313 states. [2022-02-20 23:36:54,187 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 313 to 312. [2022-02-20 23:36:54,187 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:36:54,188 INFO L82 GeneralOperation]: Start isEquivalent. First operand 313 states. Second operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) [2022-02-20 23:36:54,188 INFO L74 IsIncluded]: Start isIncluded. First operand 313 states. Second operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) [2022-02-20 23:36:54,189 INFO L87 Difference]: Start difference. First operand 313 states. Second operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) [2022-02-20 23:36:54,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:54,195 INFO L93 Difference]: Finished difference Result 313 states and 363 transitions. [2022-02-20 23:36:54,195 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 363 transitions. [2022-02-20 23:36:54,196 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:54,197 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:54,197 INFO L74 IsIncluded]: Start isIncluded. First operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) Second operand 313 states. [2022-02-20 23:36:54,198 INFO L87 Difference]: Start difference. First operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) Second operand 313 states. [2022-02-20 23:36:54,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:36:54,204 INFO L93 Difference]: Finished difference Result 313 states and 363 transitions. [2022-02-20 23:36:54,204 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 363 transitions. [2022-02-20 23:36:54,205 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:36:54,205 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:36:54,205 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:36:54,206 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:36:54,206 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 312 states, 191 states have (on average 1.5968586387434556) internal successors, (305), 288 states have internal predecessors, (305), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (25), 14 states have call predecessors, (25), 18 states have call successors, (25) [2022-02-20 23:36:54,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 312 states to 312 states and 362 transitions. [2022-02-20 23:36:54,212 INFO L78 Accepts]: Start accepts. Automaton has 312 states and 362 transitions. Word has length 35 [2022-02-20 23:36:54,213 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:36:54,213 INFO L470 AbstractCegarLoop]: Abstraction has 312 states and 362 transitions. [2022-02-20 23:36:54,213 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 3.625) internal successors, (29), 8 states have internal predecessors, (29), 2 states have call successors, (6), 2 states have call predecessors, (6), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:36:54,213 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 362 transitions. [2022-02-20 23:36:54,214 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-02-20 23:36:54,214 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:36:54,214 INFO L514 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:36:54,214 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2022-02-20 23:36:54,214 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting ##fun~$Pointer$~TO~VOIDErr8REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:36:54,215 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:36:54,215 INFO L85 PathProgramCache]: Analyzing trace with hash 1451018694, now seen corresponding path program 1 times [2022-02-20 23:36:54,215 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:36:54,215 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1949302483] [2022-02-20 23:36:54,215 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:54,215 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:36:54,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:54,425 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-02-20 23:36:54,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:54,603 INFO L290 TraceCheckUtils]: 0: Hoare triple {19237#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:36:54,604 INFO L290 TraceCheckUtils]: 1: Hoare triple {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,605 INFO L290 TraceCheckUtils]: 2: Hoare triple {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,605 INFO L290 TraceCheckUtils]: 3: Hoare triple {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:54,606 INFO L290 TraceCheckUtils]: 4: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:54,607 INFO L290 TraceCheckUtils]: 5: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} is VALID [2022-02-20 23:36:54,607 INFO L290 TraceCheckUtils]: 6: Hoare triple {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,608 INFO L290 TraceCheckUtils]: 7: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,608 INFO L290 TraceCheckUtils]: 8: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,609 INFO L290 TraceCheckUtils]: 9: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,610 INFO L290 TraceCheckUtils]: 10: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,611 INFO L290 TraceCheckUtils]: 11: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,611 INFO L290 TraceCheckUtils]: 12: Hoare triple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume { :end_inline_dll_insert_slave } true; {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,612 INFO L290 TraceCheckUtils]: 13: Hoare triple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume true; {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,613 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} {19210#true} #593#return; {19227#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:54,613 INFO L290 TraceCheckUtils]: 0: Hoare triple {19210#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {19210#true} is VALID [2022-02-20 23:36:54,613 INFO L290 TraceCheckUtils]: 1: Hoare triple {19210#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,613 INFO L272 TraceCheckUtils]: 2: Hoare triple {19210#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L290 TraceCheckUtils]: 3: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L272 TraceCheckUtils]: 4: Hoare triple {19210#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L290 TraceCheckUtils]: 5: Hoare triple {19210#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L290 TraceCheckUtils]: 6: Hoare triple {19210#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L272 TraceCheckUtils]: 7: Hoare triple {19210#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {19210#true} is VALID [2022-02-20 23:36:54,614 INFO L290 TraceCheckUtils]: 8: Hoare triple {19210#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 9: Hoare triple {19210#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 10: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 11: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 12: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 13: Hoare triple {19210#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,615 INFO L290 TraceCheckUtils]: 14: Hoare triple {19210#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L290 TraceCheckUtils]: 15: Hoare triple {19210#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L290 TraceCheckUtils]: 16: Hoare triple {19210#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L290 TraceCheckUtils]: 17: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L290 TraceCheckUtils]: 18: Hoare triple {19210#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L272 TraceCheckUtils]: 19: Hoare triple {19210#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {19210#true} is VALID [2022-02-20 23:36:54,616 INFO L272 TraceCheckUtils]: 20: Hoare triple {19210#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {19210#true} is VALID [2022-02-20 23:36:54,617 INFO L290 TraceCheckUtils]: 21: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19210#true} is VALID [2022-02-20 23:36:54,618 INFO L272 TraceCheckUtils]: 22: Hoare triple {19210#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19237#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:36:54,619 INFO L290 TraceCheckUtils]: 23: Hoare triple {19237#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:36:54,619 INFO L290 TraceCheckUtils]: 24: Hoare triple {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,620 INFO L290 TraceCheckUtils]: 25: Hoare triple {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,621 INFO L290 TraceCheckUtils]: 26: Hoare triple {19239#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:54,621 INFO L290 TraceCheckUtils]: 27: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:54,622 INFO L290 TraceCheckUtils]: 28: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} is VALID [2022-02-20 23:36:54,622 INFO L290 TraceCheckUtils]: 29: Hoare triple {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:54,623 INFO L290 TraceCheckUtils]: 30: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,623 INFO L290 TraceCheckUtils]: 31: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,624 INFO L290 TraceCheckUtils]: 32: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,625 INFO L290 TraceCheckUtils]: 33: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:36:54,626 INFO L290 TraceCheckUtils]: 34: Hoare triple {19243#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,626 INFO L290 TraceCheckUtils]: 35: Hoare triple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume { :end_inline_dll_insert_slave } true; {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,631 INFO L290 TraceCheckUtils]: 36: Hoare triple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume true; {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,633 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} {19210#true} #593#return; {19227#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:36:54,634 INFO L272 TraceCheckUtils]: 38: Hoare triple {19227#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,635 INFO L290 TraceCheckUtils]: 39: Hoare triple {19228#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19229#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 1) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:36:54,636 INFO L290 TraceCheckUtils]: 40: Hoare triple {19229#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 1) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} is VALID [2022-02-20 23:36:54,636 INFO L290 TraceCheckUtils]: 41: Hoare triple {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} is VALID [2022-02-20 23:36:54,637 INFO L290 TraceCheckUtils]: 42: Hoare triple {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} is VALID [2022-02-20 23:36:54,638 INFO L290 TraceCheckUtils]: 43: Hoare triple {19230#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19231#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} is VALID [2022-02-20 23:36:54,639 INFO L290 TraceCheckUtils]: 44: Hoare triple {19231#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19232#(or (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1))} is VALID [2022-02-20 23:36:54,640 INFO L290 TraceCheckUtils]: 45: Hoare triple {19232#(or (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19233#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} is VALID [2022-02-20 23:36:54,640 INFO L290 TraceCheckUtils]: 46: Hoare triple {19233#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19234#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|))} is VALID [2022-02-20 23:36:54,641 INFO L290 TraceCheckUtils]: 47: Hoare triple {19234#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19235#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|))} is VALID [2022-02-20 23:36:54,642 INFO L290 TraceCheckUtils]: 48: Hoare triple {19235#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:36:54,642 INFO L290 TraceCheckUtils]: 49: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:36:54,642 INFO L290 TraceCheckUtils]: 50: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume !(1 == #valid[dll_insert_slave_~next~0#1.base]); {19211#false} is VALID [2022-02-20 23:36:54,643 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:36:54,643 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:36:54,643 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1949302483] [2022-02-20 23:36:54,643 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1949302483] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:36:54,643 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [373354239] [2022-02-20 23:36:54,644 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:36:54,644 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:36:54,644 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:36:54,651 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:36:54,654 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-02-20 23:36:54,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:54,842 INFO L263 TraceCheckSpWp]: Trace formula consists of 495 conjuncts, 65 conjunts are in the unsatisfiable core [2022-02-20 23:36:54,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:36:54,898 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:36:55,077 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:36:55,193 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:36:55,419 INFO L356 Elim1Store]: treesize reduction 19, result has 47.2 percent of original size [2022-02-20 23:36:55,419 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 26 [2022-02-20 23:36:55,498 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:36:55,499 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 24 [2022-02-20 23:36:55,529 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:36:55,531 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 24 [2022-02-20 23:36:55,693 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 13 [2022-02-20 23:36:55,738 INFO L290 TraceCheckUtils]: 0: Hoare triple {19210#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {19210#true} is VALID [2022-02-20 23:36:55,739 INFO L290 TraceCheckUtils]: 1: Hoare triple {19210#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,739 INFO L272 TraceCheckUtils]: 2: Hoare triple {19210#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {19210#true} is VALID [2022-02-20 23:36:55,739 INFO L290 TraceCheckUtils]: 3: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19210#true} is VALID [2022-02-20 23:36:55,739 INFO L272 TraceCheckUtils]: 4: Hoare triple {19210#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L290 TraceCheckUtils]: 5: Hoare triple {19210#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L290 TraceCheckUtils]: 6: Hoare triple {19210#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L272 TraceCheckUtils]: 7: Hoare triple {19210#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L290 TraceCheckUtils]: 8: Hoare triple {19210#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L290 TraceCheckUtils]: 9: Hoare triple {19210#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {19210#true} is VALID [2022-02-20 23:36:55,740 INFO L290 TraceCheckUtils]: 10: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 11: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 12: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 13: Hoare triple {19210#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 14: Hoare triple {19210#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 15: Hoare triple {19210#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {19210#true} is VALID [2022-02-20 23:36:55,741 INFO L290 TraceCheckUtils]: 16: Hoare triple {19210#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {19210#true} is VALID [2022-02-20 23:36:55,742 INFO L290 TraceCheckUtils]: 17: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {19210#true} is VALID [2022-02-20 23:36:55,742 INFO L290 TraceCheckUtils]: 18: Hoare triple {19210#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {19210#true} is VALID [2022-02-20 23:36:55,742 INFO L272 TraceCheckUtils]: 19: Hoare triple {19210#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {19210#true} is VALID [2022-02-20 23:36:55,742 INFO L272 TraceCheckUtils]: 20: Hoare triple {19210#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {19210#true} is VALID [2022-02-20 23:36:55,743 INFO L290 TraceCheckUtils]: 21: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19310#(and (< |#StackHeapBarrier| |dll_create_generic_~#dll~0.base|) (= |dll_create_generic_~#dll~0.offset| 0))} is VALID [2022-02-20 23:36:55,743 INFO L272 TraceCheckUtils]: 22: Hoare triple {19310#(and (< |#StackHeapBarrier| |dll_create_generic_~#dll~0.base|) (= |dll_create_generic_~#dll~0.offset| 0))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19210#true} is VALID [2022-02-20 23:36:55,743 INFO L290 TraceCheckUtils]: 23: Hoare triple {19210#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:36:55,744 INFO L290 TraceCheckUtils]: 24: Hoare triple {19238#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:55,745 INFO L290 TraceCheckUtils]: 25: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:55,746 INFO L290 TraceCheckUtils]: 26: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:55,747 INFO L290 TraceCheckUtils]: 27: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:36:55,747 INFO L290 TraceCheckUtils]: 28: Hoare triple {19240#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} is VALID [2022-02-20 23:36:55,748 INFO L290 TraceCheckUtils]: 29: Hoare triple {19241#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,749 INFO L290 TraceCheckUtils]: 30: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,749 INFO L290 TraceCheckUtils]: 31: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,750 INFO L290 TraceCheckUtils]: 32: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,750 INFO L290 TraceCheckUtils]: 33: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,751 INFO L290 TraceCheckUtils]: 34: Hoare triple {19242#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} is VALID [2022-02-20 23:36:55,752 INFO L290 TraceCheckUtils]: 35: Hoare triple {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} assume { :end_inline_dll_insert_slave } true; {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} is VALID [2022-02-20 23:36:55,752 INFO L290 TraceCheckUtils]: 36: Hoare triple {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} assume true; {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} is VALID [2022-02-20 23:36:55,753 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {19350#(= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)} {19310#(and (< |#StackHeapBarrier| |dll_create_generic_~#dll~0.base|) (= |dll_create_generic_~#dll~0.offset| 0))} #593#return; {19360#(and (< |#StackHeapBarrier| |dll_create_generic_~#dll~0.base|) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1))} is VALID [2022-02-20 23:36:55,755 INFO L272 TraceCheckUtils]: 38: Hoare triple {19360#(and (< |#StackHeapBarrier| |dll_create_generic_~#dll~0.base|) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19364#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (< |#StackHeapBarrier| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:36:55,755 INFO L290 TraceCheckUtils]: 39: Hoare triple {19364#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (< |#StackHeapBarrier| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19368#(and (< |#StackHeapBarrier| |##fun~$Pointer$~TO~VOID_#~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0)) 1))} is VALID [2022-02-20 23:36:55,756 INFO L290 TraceCheckUtils]: 40: Hoare triple {19368#(and (< |#StackHeapBarrier| |##fun~$Pointer$~TO~VOID_#~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0)) 1))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} is VALID [2022-02-20 23:36:55,757 INFO L290 TraceCheckUtils]: 41: Hoare triple {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} is VALID [2022-02-20 23:36:55,758 INFO L290 TraceCheckUtils]: 42: Hoare triple {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} is VALID [2022-02-20 23:36:55,759 INFO L290 TraceCheckUtils]: 43: Hoare triple {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} is VALID [2022-02-20 23:36:55,760 INFO L290 TraceCheckUtils]: 44: Hoare triple {19372#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ 1 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (or (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19385#(and (< (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| 1) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (or (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} is VALID [2022-02-20 23:36:55,761 INFO L290 TraceCheckUtils]: 45: Hoare triple {19385#(and (< (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| 1) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (or (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19389#(and (or (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| 1) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:36:55,762 INFO L290 TraceCheckUtils]: 46: Hoare triple {19389#(and (or (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0)) 1)) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (< (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| 1) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19234#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|))} is VALID [2022-02-20 23:36:55,762 INFO L290 TraceCheckUtils]: 47: Hoare triple {19234#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19235#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|))} is VALID [2022-02-20 23:36:55,763 INFO L290 TraceCheckUtils]: 48: Hoare triple {19235#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:36:55,763 INFO L290 TraceCheckUtils]: 49: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:36:55,764 INFO L290 TraceCheckUtils]: 50: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume !(1 == #valid[dll_insert_slave_~next~0#1.base]); {19211#false} is VALID [2022-02-20 23:36:55,764 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 5 proven. 10 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:36:55,764 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:36:56,111 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (= (select (store |c_#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |c_#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |c_##fun~$Pointer$~TO~VOID_#~10#1.base|) |c_##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 1) (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |c_#StackHeapBarrier|)))) is different from false [2022-02-20 23:36:56,182 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |c_#StackHeapBarrier|)) (= (select (store |c_#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |c_#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |c_##fun~$Pointer$~TO~VOID_#in~10#1.base|) |c_##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) is different from false [2022-02-20 23:36:56,244 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |c_#StackHeapBarrier|)) (= (select (store |c_#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |c_#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |c_dll_create_generic_~#dll~0.base|) |c_dll_create_generic_~#dll~0.offset|)) 1))) is different from false [2022-02-20 23:36:56,465 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:36:56,466 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 26 treesize of output 27 [2022-02-20 23:36:56,486 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 34 [2022-02-20 23:36:56,509 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 42 treesize of output 38 [2022-02-20 23:36:56,534 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2022-02-20 23:36:56,879 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:36:56,879 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 23 treesize of output 24 [2022-02-20 23:36:56,894 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:36:56,901 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:36:56,902 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 21 treesize of output 24 [2022-02-20 23:37:01,307 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 21 [2022-02-20 23:37:01,412 INFO L290 TraceCheckUtils]: 50: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume !(1 == #valid[dll_insert_slave_~next~0#1.base]); {19211#false} is VALID [2022-02-20 23:37:01,412 INFO L290 TraceCheckUtils]: 49: Hoare triple {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:37:01,413 INFO L290 TraceCheckUtils]: 48: Hoare triple {19411#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19236#(= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1)} is VALID [2022-02-20 23:37:01,414 INFO L290 TraceCheckUtils]: 47: Hoare triple {19415#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19411#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,414 INFO L290 TraceCheckUtils]: 46: Hoare triple {19419#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19415#(or (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,415 INFO L290 TraceCheckUtils]: 45: Hoare triple {19423#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1)))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19419#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,415 INFO L290 TraceCheckUtils]: 44: Hoare triple {19427#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19423#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1)))} is VALID [2022-02-20 23:37:01,416 INFO L290 TraceCheckUtils]: 43: Hoare triple {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19427#(or (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,418 WARN L290 TraceCheckUtils]: 42: Hoare triple {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} is UNKNOWN [2022-02-20 23:37:01,419 INFO L290 TraceCheckUtils]: 41: Hoare triple {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,420 INFO L290 TraceCheckUtils]: 40: Hoare triple {19441#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 1)))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19431#(or (forall ((v_ArrVal_578 (Array Int Int))) (= (select |#valid| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) 1)) (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1)))} is VALID [2022-02-20 23:37:01,420 INFO L290 TraceCheckUtils]: 39: Hoare triple {19445#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19441#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 1)))} is VALID [2022-02-20 23:37:01,422 INFO L272 TraceCheckUtils]: 38: Hoare triple {19449#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|))))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19445#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1)))} is VALID [2022-02-20 23:37:01,423 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} {19453#(not (< |dll_create_generic_~#dll~0.base| |#StackHeapBarrier|))} #593#return; {19449#(forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|))))} is VALID [2022-02-20 23:37:01,424 INFO L290 TraceCheckUtils]: 36: Hoare triple {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} assume true; {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:37:01,424 INFO L290 TraceCheckUtils]: 35: Hoare triple {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} assume { :end_inline_dll_insert_slave } true; {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:37:01,426 INFO L290 TraceCheckUtils]: 34: Hoare triple {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {19457#(or (forall ((v_ArrVal_578 (Array Int Int)) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| v_ArrVal_578) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))) (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:37:01,439 INFO L290 TraceCheckUtils]: 33: Hoare triple {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,441 INFO L290 TraceCheckUtils]: 32: Hoare triple {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,443 INFO L290 TraceCheckUtils]: 31: Hoare triple {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,444 INFO L290 TraceCheckUtils]: 30: Hoare triple {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,446 INFO L290 TraceCheckUtils]: 29: Hoare triple {19483#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {19467#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,447 INFO L290 TraceCheckUtils]: 28: Hoare triple {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {19483#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| v_arrayElimCell_8))) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1))))} is VALID [2022-02-20 23:37:01,449 INFO L290 TraceCheckUtils]: 27: Hoare triple {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} is VALID [2022-02-20 23:37:01,451 INFO L290 TraceCheckUtils]: 26: Hoare triple {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} is VALID [2022-02-20 23:37:01,452 INFO L290 TraceCheckUtils]: 25: Hoare triple {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} is VALID [2022-02-20 23:37:01,454 INFO L290 TraceCheckUtils]: 24: Hoare triple {19500#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {19487#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (forall ((v_arrayElimCell_8 Int) (|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| Int)) (or (not (< |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| |#StackHeapBarrier|)) (= (select (store |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_12| 1) v_arrayElimCell_8) 1) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (not (= v_arrayElimCell_8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))))))} is VALID [2022-02-20 23:37:01,454 INFO L290 TraceCheckUtils]: 23: Hoare triple {19210#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19500#(or (< |##fun~$Pointer$~TO~VOID_#in~10#1.base| |#StackHeapBarrier|) (and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)))} is VALID [2022-02-20 23:37:01,455 INFO L272 TraceCheckUtils]: 22: Hoare triple {19453#(not (< |dll_create_generic_~#dll~0.base| |#StackHeapBarrier|))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19210#true} is VALID [2022-02-20 23:37:01,456 INFO L290 TraceCheckUtils]: 21: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19453#(not (< |dll_create_generic_~#dll~0.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:37:01,456 INFO L272 TraceCheckUtils]: 20: Hoare triple {19210#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {19210#true} is VALID [2022-02-20 23:37:01,456 INFO L272 TraceCheckUtils]: 19: Hoare triple {19210#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {19210#true} is VALID [2022-02-20 23:37:01,456 INFO L290 TraceCheckUtils]: 18: Hoare triple {19210#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {19210#true} is VALID [2022-02-20 23:37:01,456 INFO L290 TraceCheckUtils]: 17: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {19210#true} is VALID [2022-02-20 23:37:01,456 INFO L290 TraceCheckUtils]: 16: Hoare triple {19210#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 15: Hoare triple {19210#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 14: Hoare triple {19210#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 13: Hoare triple {19210#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 12: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 11: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {19210#true} is VALID [2022-02-20 23:37:01,457 INFO L290 TraceCheckUtils]: 10: Hoare triple {19210#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L290 TraceCheckUtils]: 9: Hoare triple {19210#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L290 TraceCheckUtils]: 8: Hoare triple {19210#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L272 TraceCheckUtils]: 7: Hoare triple {19210#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L290 TraceCheckUtils]: 6: Hoare triple {19210#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L290 TraceCheckUtils]: 5: Hoare triple {19210#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,458 INFO L272 TraceCheckUtils]: 4: Hoare triple {19210#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {19210#true} is VALID [2022-02-20 23:37:01,459 INFO L290 TraceCheckUtils]: 3: Hoare triple {19210#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {19210#true} is VALID [2022-02-20 23:37:01,459 INFO L272 TraceCheckUtils]: 2: Hoare triple {19210#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {19210#true} is VALID [2022-02-20 23:37:01,459 INFO L290 TraceCheckUtils]: 1: Hoare triple {19210#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {19210#true} is VALID [2022-02-20 23:37:01,459 INFO L290 TraceCheckUtils]: 0: Hoare triple {19210#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {19210#true} is VALID [2022-02-20 23:37:01,460 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 5 proven. 9 refuted. 0 times theorem prover too weak. 2 trivial. 1 not checked. [2022-02-20 23:37:01,460 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [373354239] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:37:01,460 INFO L191 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-02-20 23:37:01,460 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 16, 17] total 41 [2022-02-20 23:37:01,461 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [309428293] [2022-02-20 23:37:01,461 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-02-20 23:37:01,462 INFO L78 Accepts]: Start accepts. Automaton has has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2022-02-20 23:37:01,463 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:37:01,464 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:37:01,579 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 101 edges. 100 inductive. 0 not inductive. 1 times theorem prover too weak to decide inductivity. [2022-02-20 23:37:01,579 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 42 states [2022-02-20 23:37:01,579 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:37:01,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 42 interpolants. [2022-02-20 23:37:01,580 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=1373, Unknown=4, NotChecked=228, Total=1722 [2022-02-20 23:37:01,580 INFO L87 Difference]: Start difference. First operand 312 states and 362 transitions. Second operand has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:37:10,017 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:37:10,017 INFO L93 Difference]: Finished difference Result 316 states and 365 transitions. [2022-02-20 23:37:10,017 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2022-02-20 23:37:10,018 INFO L78 Accepts]: Start accepts. Automaton has has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2022-02-20 23:37:10,018 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:37:10,018 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:37:10,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 309 transitions. [2022-02-20 23:37:10,021 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:37:10,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19 states to 19 states and 309 transitions. [2022-02-20 23:37:10,023 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 19 states and 309 transitions. [2022-02-20 23:37:10,263 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 309 edges. 309 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:37:10,268 INFO L225 Difference]: With dead ends: 316 [2022-02-20 23:37:10,269 INFO L226 Difference]: Without dead ends: 316 [2022-02-20 23:37:10,269 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 84 SyntacticMatches, 1 SemanticMatches, 54 ConstructedPredicates, 3 IntricatePredicates, 0 DeprecatedPredicates, 436 ImplicationChecksByTransitivity, 3.6s TimeCoverageRelationStatistics Valid=379, Invalid=2326, Unknown=63, NotChecked=312, Total=3080 [2022-02-20 23:37:10,270 INFO L933 BasicCegarLoop]: 235 mSDtfsCounter, 250 mSDsluCounter, 3920 mSDsCounter, 0 mSdLazyCounter, 3291 mSolverCounterSat, 116 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 254 SdHoareTripleChecker+Valid, 4155 SdHoareTripleChecker+Invalid, 4789 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 116 IncrementalHoareTripleChecker+Valid, 3291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 1382 IncrementalHoareTripleChecker+Unchecked, 2.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:37:10,270 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [254 Valid, 4155 Invalid, 4789 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [116 Valid, 3291 Invalid, 0 Unknown, 1382 Unchecked, 2.9s Time] [2022-02-20 23:37:10,271 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 316 states. [2022-02-20 23:37:10,275 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 316 to 311. [2022-02-20 23:37:10,275 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:37:10,276 INFO L82 GeneralOperation]: Start isEquivalent. First operand 316 states. Second operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:37:10,276 INFO L74 IsIncluded]: Start isIncluded. First operand 316 states. Second operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:37:10,276 INFO L87 Difference]: Start difference. First operand 316 states. Second operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:37:10,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:37:10,283 INFO L93 Difference]: Finished difference Result 316 states and 365 transitions. [2022-02-20 23:37:10,284 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 365 transitions. [2022-02-20 23:37:10,285 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:37:10,285 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:37:10,285 INFO L74 IsIncluded]: Start isIncluded. First operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 316 states. [2022-02-20 23:37:10,286 INFO L87 Difference]: Start difference. First operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) Second operand 316 states. [2022-02-20 23:37:10,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:37:10,292 INFO L93 Difference]: Finished difference Result 316 states and 365 transitions. [2022-02-20 23:37:10,292 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 365 transitions. [2022-02-20 23:37:10,293 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:37:10,293 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:37:10,294 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:37:10,294 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:37:10,294 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 191 states have (on average 1.5916230366492146) internal successors, (304), 287 states have internal predecessors, (304), 32 states have call successors, (32), 12 states have call predecessors, (32), 9 states have return successors, (23), 14 states have call predecessors, (23), 18 states have call successors, (23) [2022-02-20 23:37:10,300 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 359 transitions. [2022-02-20 23:37:10,300 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 359 transitions. Word has length 51 [2022-02-20 23:37:10,300 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:37:10,300 INFO L470 AbstractCegarLoop]: Abstraction has 311 states and 359 transitions. [2022-02-20 23:37:10,301 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 42 states, 36 states have (on average 2.4166666666666665) internal successors, (87), 36 states have internal predecessors, (87), 6 states have call successors, (11), 5 states have call predecessors, (11), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:37:10,301 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 359 transitions. [2022-02-20 23:37:10,301 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-02-20 23:37:10,301 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:37:10,301 INFO L514 BasicCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:37:10,329 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-02-20 23:37:10,515 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable16 [2022-02-20 23:37:10,515 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting ##fun~$Pointer$~TO~VOIDErr9REQUIRES_VIOLATION === [dll_insert_masterErr0REQUIRES_VIOLATION, dll_insert_masterErr1REQUIRES_VIOLATION, dll_insert_masterErr2REQUIRES_VIOLATION (and 95 more)] === [2022-02-20 23:37:10,516 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:37:10,516 INFO L85 PathProgramCache]: Analyzing trace with hash 1451018695, now seen corresponding path program 1 times [2022-02-20 23:37:10,516 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:37:10,516 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1111884084] [2022-02-20 23:37:10,516 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:37:10,516 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:37:10,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:37:10,766 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-02-20 23:37:10,776 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:37:10,925 INFO L290 TraceCheckUtils]: 0: Hoare triple {20885#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:37:10,926 INFO L290 TraceCheckUtils]: 1: Hoare triple {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,926 INFO L290 TraceCheckUtils]: 2: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,927 INFO L290 TraceCheckUtils]: 3: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,928 INFO L290 TraceCheckUtils]: 4: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,928 INFO L290 TraceCheckUtils]: 5: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {20888#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,929 INFO L290 TraceCheckUtils]: 6: Hoare triple {20888#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {20889#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,930 INFO L290 TraceCheckUtils]: 7: Hoare triple {20889#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,930 INFO L290 TraceCheckUtils]: 8: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,931 INFO L290 TraceCheckUtils]: 9: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,932 INFO L290 TraceCheckUtils]: 10: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,935 INFO L290 TraceCheckUtils]: 11: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,935 INFO L290 TraceCheckUtils]: 12: Hoare triple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} assume { :end_inline_dll_insert_slave } true; {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,936 INFO L290 TraceCheckUtils]: 13: Hoare triple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} assume true; {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,937 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} {20861#true} #593#return; {20878#(and (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 8) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:37:10,937 INFO L290 TraceCheckUtils]: 0: Hoare triple {20861#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {20861#true} is VALID [2022-02-20 23:37:10,937 INFO L290 TraceCheckUtils]: 1: Hoare triple {20861#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,937 INFO L272 TraceCheckUtils]: 2: Hoare triple {20861#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 3: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L272 TraceCheckUtils]: 4: Hoare triple {20861#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 5: Hoare triple {20861#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 6: Hoare triple {20861#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L272 TraceCheckUtils]: 7: Hoare triple {20861#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 8: Hoare triple {20861#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 9: Hoare triple {20861#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 10: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 11: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 12: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {20861#true} is VALID [2022-02-20 23:37:10,938 INFO L290 TraceCheckUtils]: 13: Hoare triple {20861#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 14: Hoare triple {20861#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 15: Hoare triple {20861#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 16: Hoare triple {20861#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 17: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 18: Hoare triple {20861#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L272 TraceCheckUtils]: 19: Hoare triple {20861#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L272 TraceCheckUtils]: 20: Hoare triple {20861#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {20861#true} is VALID [2022-02-20 23:37:10,939 INFO L290 TraceCheckUtils]: 21: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20861#true} is VALID [2022-02-20 23:37:10,941 INFO L272 TraceCheckUtils]: 22: Hoare triple {20861#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20885#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:37:10,941 INFO L290 TraceCheckUtils]: 23: Hoare triple {20885#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:37:10,942 INFO L290 TraceCheckUtils]: 24: Hoare triple {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,943 INFO L290 TraceCheckUtils]: 25: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,944 INFO L290 TraceCheckUtils]: 26: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,944 INFO L290 TraceCheckUtils]: 27: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,945 INFO L290 TraceCheckUtils]: 28: Hoare triple {20887#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {20888#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,946 INFO L290 TraceCheckUtils]: 29: Hoare triple {20888#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {20889#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} is VALID [2022-02-20 23:37:10,946 INFO L290 TraceCheckUtils]: 30: Hoare triple {20889#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,947 INFO L290 TraceCheckUtils]: 31: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,948 INFO L290 TraceCheckUtils]: 32: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,948 INFO L290 TraceCheckUtils]: 33: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} is VALID [2022-02-20 23:37:10,949 INFO L290 TraceCheckUtils]: 34: Hoare triple {20890#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,950 INFO L290 TraceCheckUtils]: 35: Hoare triple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} assume { :end_inline_dll_insert_slave } true; {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,950 INFO L290 TraceCheckUtils]: 36: Hoare triple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} assume true; {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,951 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} {20861#true} #593#return; {20878#(and (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 8) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:37:10,952 INFO L272 TraceCheckUtils]: 38: Hoare triple {20878#(and (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 8) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} is VALID [2022-02-20 23:37:10,953 INFO L290 TraceCheckUtils]: 39: Hoare triple {20879#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20880#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:37:10,954 INFO L290 TraceCheckUtils]: 40: Hoare triple {20880#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) 8) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,954 INFO L290 TraceCheckUtils]: 41: Hoare triple {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,955 INFO L290 TraceCheckUtils]: 42: Hoare triple {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,955 INFO L290 TraceCheckUtils]: 43: Hoare triple {20881#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,956 INFO L290 TraceCheckUtils]: 44: Hoare triple {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,956 INFO L290 TraceCheckUtils]: 45: Hoare triple {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} is VALID [2022-02-20 23:37:10,957 INFO L290 TraceCheckUtils]: 46: Hoare triple {20882#(and (= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 0))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {20883#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 8))} is VALID [2022-02-20 23:37:10,957 INFO L290 TraceCheckUtils]: 47: Hoare triple {20883#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|) 8))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} is VALID [2022-02-20 23:37:10,958 INFO L290 TraceCheckUtils]: 48: Hoare triple {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} is VALID [2022-02-20 23:37:10,958 INFO L290 TraceCheckUtils]: 49: Hoare triple {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} is VALID [2022-02-20 23:37:10,958 INFO L290 TraceCheckUtils]: 50: Hoare triple {20884#(and (= (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|) 8) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0))} assume !(4 + (4 + dll_insert_slave_~next~0#1.offset) <= #length[dll_insert_slave_~next~0#1.base] && 0 <= 4 + dll_insert_slave_~next~0#1.offset); {20862#false} is VALID [2022-02-20 23:37:10,959 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:37:10,959 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:37:10,959 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1111884084] [2022-02-20 23:37:10,959 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1111884084] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:37:10,959 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [923971805] [2022-02-20 23:37:10,959 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:37:10,959 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:37:10,960 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:37:10,960 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:37:10,961 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-02-20 23:37:11,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:37:11,118 INFO L263 TraceCheckSpWp]: Trace formula consists of 495 conjuncts, 87 conjunts are in the unsatisfiable core [2022-02-20 23:37:11,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:37:11,148 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:37:11,243 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:37:11,247 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:37:11,557 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:37:11,565 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:37:11,848 INFO L356 Elim1Store]: treesize reduction 19, result has 47.2 percent of original size [2022-02-20 23:37:11,849 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 26 [2022-02-20 23:37:11,884 INFO L356 Elim1Store]: treesize reduction 20, result has 39.4 percent of original size [2022-02-20 23:37:11,884 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 20 treesize of output 22 [2022-02-20 23:37:11,983 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 16 [2022-02-20 23:37:11,993 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 24 [2022-02-20 23:37:12,026 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 16 [2022-02-20 23:37:12,037 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 24 treesize of output 24 [2022-02-20 23:37:12,198 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:37:12,209 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:37:12,297 INFO L290 TraceCheckUtils]: 0: Hoare triple {20861#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {20861#true} is VALID [2022-02-20 23:37:12,297 INFO L290 TraceCheckUtils]: 1: Hoare triple {20861#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L272 TraceCheckUtils]: 2: Hoare triple {20861#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 3: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L272 TraceCheckUtils]: 4: Hoare triple {20861#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 5: Hoare triple {20861#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 6: Hoare triple {20861#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L272 TraceCheckUtils]: 7: Hoare triple {20861#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 8: Hoare triple {20861#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 9: Hoare triple {20861#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 10: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 11: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 12: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {20861#true} is VALID [2022-02-20 23:37:12,298 INFO L290 TraceCheckUtils]: 13: Hoare triple {20861#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L290 TraceCheckUtils]: 14: Hoare triple {20861#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L290 TraceCheckUtils]: 15: Hoare triple {20861#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L290 TraceCheckUtils]: 16: Hoare triple {20861#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L290 TraceCheckUtils]: 17: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L290 TraceCheckUtils]: 18: Hoare triple {20861#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {20861#true} is VALID [2022-02-20 23:37:12,307 INFO L272 TraceCheckUtils]: 19: Hoare triple {20861#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {20861#true} is VALID [2022-02-20 23:37:12,308 INFO L272 TraceCheckUtils]: 20: Hoare triple {20861#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {20861#true} is VALID [2022-02-20 23:37:12,308 INFO L290 TraceCheckUtils]: 21: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20957#(= |dll_create_generic_~#dll~0.offset| 0)} is VALID [2022-02-20 23:37:12,308 INFO L272 TraceCheckUtils]: 22: Hoare triple {20957#(= |dll_create_generic_~#dll~0.offset| 0)} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20861#true} is VALID [2022-02-20 23:37:12,309 INFO L290 TraceCheckUtils]: 23: Hoare triple {20861#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:37:12,310 INFO L290 TraceCheckUtils]: 24: Hoare triple {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:37:12,310 INFO L290 TraceCheckUtils]: 25: Hoare triple {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:37:12,311 INFO L290 TraceCheckUtils]: 26: Hoare triple {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:37:12,312 INFO L290 TraceCheckUtils]: 27: Hoare triple {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} is VALID [2022-02-20 23:37:12,313 INFO L290 TraceCheckUtils]: 28: Hoare triple {20967#(and (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 0) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|) 1))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {20980#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} is VALID [2022-02-20 23:37:12,313 INFO L290 TraceCheckUtils]: 29: Hoare triple {20980#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|) 1))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {20984#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} is VALID [2022-02-20 23:37:12,314 INFO L290 TraceCheckUtils]: 30: Hoare triple {20984#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} is VALID [2022-02-20 23:37:12,314 INFO L290 TraceCheckUtils]: 31: Hoare triple {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} is VALID [2022-02-20 23:37:12,315 INFO L290 TraceCheckUtils]: 32: Hoare triple {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} is VALID [2022-02-20 23:37:12,316 INFO L290 TraceCheckUtils]: 33: Hoare triple {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} is VALID [2022-02-20 23:37:12,317 INFO L290 TraceCheckUtils]: 34: Hoare triple {20988#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|) 1) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|)))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:37:12,318 INFO L290 TraceCheckUtils]: 35: Hoare triple {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume { :end_inline_dll_insert_slave } true; {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:37:12,318 INFO L290 TraceCheckUtils]: 36: Hoare triple {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} assume true; {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:37:12,320 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {21001#(and (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} {20957#(= |dll_create_generic_~#dll~0.offset| 0)} #593#return; {21011#(and (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|))) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} is VALID [2022-02-20 23:37:12,321 INFO L272 TraceCheckUtils]: 38: Hoare triple {21011#(and (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|))) (= (select (select |#memory_$Pointer$.offset| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 0) (= |dll_create_generic_~#dll~0.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|)) 1) (= (select |#valid| |dll_create_generic_~#dll~0.base|) 1))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {21015#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} is VALID [2022-02-20 23:37:12,322 INFO L290 TraceCheckUtils]: 39: Hoare triple {21015#(and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| 0) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|)) 1))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {21019#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0) 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0))) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0)) 1) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} is VALID [2022-02-20 23:37:12,323 INFO L290 TraceCheckUtils]: 40: Hoare triple {21019#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0) 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0))) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 0)) 1) (= (select |#valid| |##fun~$Pointer$~TO~VOID_#~10#1.base|) 1))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,324 INFO L290 TraceCheckUtils]: 41: Hoare triple {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,325 INFO L290 TraceCheckUtils]: 42: Hoare triple {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,326 INFO L290 TraceCheckUtils]: 43: Hoare triple {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,327 INFO L290 TraceCheckUtils]: 44: Hoare triple {21023#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (not (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (not (= (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|)) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {21036#(and (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,328 INFO L290 TraceCheckUtils]: 45: Hoare triple {21036#(and (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))) (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {21040#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} is VALID [2022-02-20 23:37:12,328 INFO L290 TraceCheckUtils]: 46: Hoare triple {21040#(and (= (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0) 0) (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset| 0) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 0))))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {21044#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|)))} is VALID [2022-02-20 23:37:12,329 INFO L290 TraceCheckUtils]: 47: Hoare triple {21044#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|)))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} is VALID [2022-02-20 23:37:12,329 INFO L290 TraceCheckUtils]: 48: Hoare triple {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} is VALID [2022-02-20 23:37:12,330 INFO L290 TraceCheckUtils]: 49: Hoare triple {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} is VALID [2022-02-20 23:37:12,330 INFO L290 TraceCheckUtils]: 50: Hoare triple {21048#(and (= |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 0) (<= 8 (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)))} assume !(4 + (4 + dll_insert_slave_~next~0#1.offset) <= #length[dll_insert_slave_~next~0#1.base] && 0 <= 4 + dll_insert_slave_~next~0#1.offset); {20862#false} is VALID [2022-02-20 23:37:12,331 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 5 proven. 10 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:37:12,331 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:37:12,528 WARN L838 $PredicateComparison]: unable to prove that (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |c_#memory_$Pointer$.offset| |c_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ (select (select (store |c_#memory_$Pointer$.offset| |c_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |c_#length| (select (select (store |c_#memory_$Pointer$.base| |c_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |c_##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))) is different from false [2022-02-20 23:37:13,412 INFO L356 Elim1Store]: treesize reduction 7, result has 12.5 percent of original size [2022-02-20 23:37:13,413 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 64 treesize of output 1 [2022-02-20 23:37:13,701 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:37:13,701 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 61 treesize of output 62 [2022-02-20 23:37:13,711 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:37:13,711 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 62 treesize of output 54 [2022-02-20 23:37:13,728 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:37:13,729 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 80 treesize of output 83 [2022-02-20 23:37:13,761 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:37:13,761 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 137 treesize of output 132 [2022-02-20 23:37:13,783 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 101 treesize of output 97 [2022-02-20 23:37:13,797 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 97 treesize of output 93 [2022-02-20 23:37:13,811 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 93 treesize of output 91 [2022-02-20 23:37:15,310 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:37:15,345 INFO L356 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2022-02-20 23:37:15,345 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 25 treesize of output 24 [2022-02-20 23:37:15,417 INFO L290 TraceCheckUtils]: 50: Hoare triple {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} assume !(4 + (4 + dll_insert_slave_~next~0#1.offset) <= #length[dll_insert_slave_~next~0#1.base] && 0 <= 4 + dll_insert_slave_~next~0#1.offset); {20862#false} is VALID [2022-02-20 23:37:15,418 INFO L290 TraceCheckUtils]: 49: Hoare triple {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} assume dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0; {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} is VALID [2022-02-20 23:37:15,419 INFO L290 TraceCheckUtils]: 48: Hoare triple {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} is VALID [2022-02-20 23:37:15,419 INFO L290 TraceCheckUtils]: 47: Hoare triple {21068#(and (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 4)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|)))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {21058#(and (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~next~0#1.offset| 4)))} is VALID [2022-02-20 23:37:15,420 INFO L290 TraceCheckUtils]: 46: Hoare triple {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {21068#(and (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 4)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.offset| 8) (select |#length| |##fun~$Pointer$~TO~VOID_dll_insert_slave_#t~mem6#1.base|)))} is VALID [2022-02-20 23:37:15,421 INFO L290 TraceCheckUtils]: 45: Hoare triple {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} is VALID [2022-02-20 23:37:15,421 INFO L290 TraceCheckUtils]: 44: Hoare triple {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} is VALID [2022-02-20 23:37:15,423 INFO L290 TraceCheckUtils]: 43: Hoare triple {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {21072#(and (<= 0 (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4)) (<= (+ (select (select |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|))))} is VALID [2022-02-20 23:37:15,428 WARN L290 TraceCheckUtils]: 42: Hoare triple {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} is UNKNOWN [2022-02-20 23:37:15,429 INFO L290 TraceCheckUtils]: 41: Hoare triple {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} is VALID [2022-02-20 23:37:15,431 INFO L290 TraceCheckUtils]: 40: Hoare triple {21092#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {21082#(and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int))) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)) (select |#length| (select (select (store |#memory_$Pointer$.base| |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|)))))} is VALID [2022-02-20 23:37:15,432 INFO L290 TraceCheckUtils]: 39: Hoare triple {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {21092#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ 8 (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|)) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#~10#1.base|) |##fun~$Pointer$~TO~VOID_#~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,434 INFO L272 TraceCheckUtils]: 38: Hoare triple {21100#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,435 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} {20861#true} #593#return; {21100#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |dll_create_generic_~#dll~0.base|) |dll_create_generic_~#dll~0.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,436 INFO L290 TraceCheckUtils]: 36: Hoare triple {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} assume true; {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,436 INFO L290 TraceCheckUtils]: 35: Hoare triple {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} assume { :end_inline_dll_insert_slave } true; {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,438 INFO L290 TraceCheckUtils]: 34: Hoare triple {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} SUMMARY for call write~$Pointer$(dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L582 {21096#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (forall ((v_ArrVal_769 (Array Int Int))) (<= 0 (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 4))) (forall ((v_ArrVal_769 (Array Int Int)) (v_ArrVal_770 (Array Int Int)) (v_ArrVal_766 Int)) (<= (+ (select (select (store |#memory_$Pointer$.offset| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_769) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|) 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) (select (select (store |#memory_$Pointer$.base| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_770) |##fun~$Pointer$~TO~VOID_#in~10#1.base|) |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))))) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,439 INFO L290 TraceCheckUtils]: 33: Hoare triple {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} assume !(dll_insert_slave_~next~0#1.base != 0 || dll_insert_slave_~next~0#1.offset != 0); {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,440 INFO L290 TraceCheckUtils]: 32: Hoare triple {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} SUMMARY for call write~$Pointer$(dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, 4); srcloc: L581 {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,461 INFO L290 TraceCheckUtils]: 31: Hoare triple {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset := dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset;havoc dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset; {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,463 INFO L290 TraceCheckUtils]: 30: Hoare triple {21129#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)))))} SUMMARY for call dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset := read~$Pointer$(dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, 4); srcloc: L580 {21116#(forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (not (= |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| |##fun~$Pointer$~TO~VOID_#in~10#1.base|)) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0))))} is VALID [2022-02-20 23:37:15,464 INFO L290 TraceCheckUtils]: 29: Hoare triple {21133#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (<= 0 (+ 4 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset|)) (forall ((v_ArrVal_766 Int)) (<= (+ 8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset|) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|))) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset := alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;assume { :end_inline_alloc_or_die_slave } true;dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset := dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset; {21129#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_dll_insert_slave_~item~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)) (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)))))} is VALID [2022-02-20 23:37:15,465 INFO L290 TraceCheckUtils]: 28: Hoare triple {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset := alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset; {21133#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (<= 0 (+ 4 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset|)) (forall ((v_ArrVal_766 Int)) (<= (+ 8 |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.offset|) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_#res#1.base|))) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} is VALID [2022-02-20 23:37:15,466 INFO L290 TraceCheckUtils]: 27: Hoare triple {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L558 {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} is VALID [2022-02-20 23:37:15,467 INFO L290 TraceCheckUtils]: 26: Hoare triple {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset, 4); srcloc: L556-2 {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} is VALID [2022-02-20 23:37:15,468 INFO L290 TraceCheckUtils]: 25: Hoare triple {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} assume !(alloc_or_die_slave_~ptr~0#1.base == 0 && alloc_or_die_slave_~ptr~0#1.offset == 0); {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} is VALID [2022-02-20 23:37:15,469 INFO L290 TraceCheckUtils]: 24: Hoare triple {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} assume !(#in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset);assume { :begin_inline_dll_insert_slave } true;dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset := #~10#1.base, #~10#1.offset;havoc dll_insert_slave_#t~ret5#1.base, dll_insert_slave_#t~ret5#1.offset, dll_insert_slave_#t~mem6#1.base, dll_insert_slave_#t~mem6#1.offset, dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset, dll_insert_slave_~item~0#1.base, dll_insert_slave_~item~0#1.offset, dll_insert_slave_~next~0#1.base, dll_insert_slave_~next~0#1.offset;dll_insert_slave_~dll#1.base, dll_insert_slave_~dll#1.offset := dll_insert_slave_#in~dll#1.base, dll_insert_slave_#in~dll#1.offset;assume { :begin_inline_alloc_or_die_slave } true;havoc alloc_or_die_slave_#res#1.base, alloc_or_die_slave_#res#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset, alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset;call alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset := #Ultimate.allocOnHeap(8);alloc_or_die_slave_~ptr~0#1.base, alloc_or_die_slave_~ptr~0#1.offset := alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset;havoc alloc_or_die_slave_#t~malloc3#1.base, alloc_or_die_slave_#t~malloc3#1.offset; {21137#(or (not (= (select |#valid| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|) 1)) (forall ((|v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| Int)) (or (not (= (select |#valid| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17|) 0)) (and (= |##fun~$Pointer$~TO~VOID_#in~10#1.offset| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.offset|) (forall ((v_ArrVal_766 Int)) (<= (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 8) (select (store |#length| |v_##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base_17| v_ArrVal_766) |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.base|))) (<= 0 (+ |##fun~$Pointer$~TO~VOID_alloc_or_die_slave_~ptr~0#1.offset| 4)) (= |##fun~$Pointer$~TO~VOID_#in~10#1.base| |##fun~$Pointer$~TO~VOID_dll_insert_slave_~dll#1.base|)))))} is VALID [2022-02-20 23:37:15,470 INFO L290 TraceCheckUtils]: 23: Hoare triple {20861#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20886#(and (= |##fun~$Pointer$~TO~VOID_#~10#1.base| |##fun~$Pointer$~TO~VOID_#in~10#1.base|) (= |##fun~$Pointer$~TO~VOID_#~10#1.offset| |##fun~$Pointer$~TO~VOID_#in~10#1.offset|))} is VALID [2022-02-20 23:37:15,470 INFO L272 TraceCheckUtils]: 22: Hoare triple {20861#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20861#true} is VALID [2022-02-20 23:37:15,471 INFO L290 TraceCheckUtils]: 21: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20861#true} is VALID [2022-02-20 23:37:15,471 INFO L272 TraceCheckUtils]: 20: Hoare triple {20861#true} call #t~ret12.base, #t~ret12.offset := dll_create_generic(#funAddr~dll_insert_slave.base, #funAddr~dll_insert_slave.offset); {20861#true} is VALID [2022-02-20 23:37:15,471 INFO L272 TraceCheckUtils]: 19: Hoare triple {20861#true} call #t~ret20#1.base, #t~ret20#1.offset := dll_create_slave(); {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 18: Hoare triple {20861#true} assume !(~next~3#1.base != 0 || ~next~3#1.offset != 0); {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 17: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(~next~3#1.base, ~next~3#1.offset, ~item~1#1.base, ~item~1#1.offset, 4); srcloc: L633 {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 16: Hoare triple {20861#true} ~next~3#1.base, ~next~3#1.offset := #t~mem19#1.base, #t~mem19#1.offset;havoc #t~mem19#1.base, #t~mem19#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 15: Hoare triple {20861#true} SUMMARY for call #t~mem19#1.base, #t~mem19#1.offset := read~$Pointer$(~dll#1.base, ~dll#1.offset, 4); srcloc: L632 {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 14: Hoare triple {20861#true} #t~ret18#1.base, #t~ret18#1.offset := alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;assume { :end_inline_alloc_or_die_master } true;~item~1#1.base, ~item~1#1.offset := #t~ret18#1.base, #t~ret18#1.offset;havoc #t~ret18#1.base, #t~ret18#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 13: Hoare triple {20861#true} alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset := alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,472 INFO L290 TraceCheckUtils]: 12: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 8 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L573 {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 11: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, 4 + alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L572 {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 10: Hoare triple {20861#true} SUMMARY for call write~$Pointer$(0, 0, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset, 4); srcloc: L570-2 {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 9: Hoare triple {20861#true} assume !(alloc_or_die_master_~ptr~1#1.base == 0 && alloc_or_die_master_~ptr~1#1.offset == 0); {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 8: Hoare triple {20861#true} ~dll#1.base, ~dll#1.offset := #in~dll#1.base, #in~dll#1.offset;assume { :begin_inline_alloc_or_die_master } true;havoc alloc_or_die_master_#res#1.base, alloc_or_die_master_#res#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset, alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset;call alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset := #Ultimate.allocOnHeap(12);alloc_or_die_master_~ptr~1#1.base, alloc_or_die_master_~ptr~1#1.offset := alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset;havoc alloc_or_die_master_#t~malloc4#1.base, alloc_or_die_master_#t~malloc4#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L272 TraceCheckUtils]: 7: Hoare triple {20861#true} call dll_insert_master(#~10#1.base, #~10#1.offset); {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 6: Hoare triple {20861#true} assume #in~#fp#1.base == #funAddr~dll_insert_master.base && #in~#fp#1.offset == #funAddr~dll_insert_master.offset; {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 5: Hoare triple {20861#true} #~10#1.base, #~10#1.offset := #in~10#1.base, #in~10#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L272 TraceCheckUtils]: 4: Hoare triple {20861#true} call ##fun~$Pointer$~TO~VOID(~#dll~0.base, ~#dll~0.offset, ~insert_fnc.base, ~insert_fnc.offset); {20861#true} is VALID [2022-02-20 23:37:15,473 INFO L290 TraceCheckUtils]: 3: Hoare triple {20861#true} ~insert_fnc.base, ~insert_fnc.offset := #in~insert_fnc.base, #in~insert_fnc.offset;call ~#dll~0.base, ~#dll~0.offset := #Ultimate.allocOnStack(4);call write~init~$Pointer$(0, 0, ~#dll~0.base, ~#dll~0.offset, 4); {20861#true} is VALID [2022-02-20 23:37:15,474 INFO L272 TraceCheckUtils]: 2: Hoare triple {20861#true} call dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset := dll_create_generic(#funAddr~dll_insert_master.base, #funAddr~dll_insert_master.offset); {20861#true} is VALID [2022-02-20 23:37:15,474 INFO L290 TraceCheckUtils]: 1: Hoare triple {20861#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret46#1.base, main_#t~ret46#1.offset, main_~dll~1#1.base, main_~dll~1#1.offset;assume { :begin_inline_dll_create_master } true;havoc dll_create_master_#res#1.base, dll_create_master_#res#1.offset;havoc dll_create_master_#t~ret21#1.base, dll_create_master_#t~ret21#1.offset; {20861#true} is VALID [2022-02-20 23:37:15,474 INFO L290 TraceCheckUtils]: 0: Hoare triple {20861#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(15, 2); {20861#true} is VALID [2022-02-20 23:37:15,474 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 4 proven. 7 refuted. 0 times theorem prover too weak. 3 trivial. 3 not checked. [2022-02-20 23:37:15,475 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [923971805] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:37:15,475 INFO L191 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-02-20 23:37:15,475 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 16, 13] total 39 [2022-02-20 23:37:15,476 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [393011368] [2022-02-20 23:37:15,476 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-02-20 23:37:15,476 INFO L78 Accepts]: Start accepts. Automaton has has 40 states, 35 states have (on average 2.6857142857142855) internal successors, (94), 35 states have internal predecessors, (94), 5 states have call successors, (10), 5 states have call predecessors, (10), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-02-20 23:37:15,477 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:37:15,477 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 40 states, 35 states have (on average 2.6857142857142855) internal successors, (94), 35 states have internal predecessors, (94), 5 states have call successors, (10), 5 states have call predecessors, (10), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:37:15,589 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 107 edges. 106 inductive. 0 not inductive. 1 times theorem prover too weak to decide inductivity. [2022-02-20 23:37:15,589 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 40 states [2022-02-20 23:37:15,590 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:37:15,590 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 40 interpolants. [2022-02-20 23:37:15,590 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=105, Invalid=1376, Unknown=5, NotChecked=74, Total=1560 [2022-02-20 23:37:15,591 INFO L87 Difference]: Start difference. First operand 311 states and 359 transitions. Second operand has 40 states, 35 states have (on average 2.6857142857142855) internal successors, (94), 35 states have internal predecessors, (94), 5 states have call successors, (10), 5 states have call predecessors, (10), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3)