./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-21 00:02:02,221 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-21 00:02:02,223 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-21 00:02:02,269 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-21 00:02:02,269 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-21 00:02:02,273 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-21 00:02:02,274 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-21 00:02:02,277 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-21 00:02:02,279 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-21 00:02:02,281 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-21 00:02:02,282 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-21 00:02:02,283 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-21 00:02:02,283 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-21 00:02:02,288 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-21 00:02:02,290 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-21 00:02:02,291 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-21 00:02:02,294 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-21 00:02:02,295 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-21 00:02:02,296 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-21 00:02:02,298 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-21 00:02:02,300 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-21 00:02:02,301 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-21 00:02:02,302 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-21 00:02:02,302 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-21 00:02:02,304 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-21 00:02:02,306 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-21 00:02:02,307 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-21 00:02:02,307 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-21 00:02:02,308 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-21 00:02:02,309 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-21 00:02:02,309 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-21 00:02:02,310 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-21 00:02:02,311 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-21 00:02:02,312 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-21 00:02:02,313 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-21 00:02:02,314 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-21 00:02:02,315 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-21 00:02:02,315 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-21 00:02:02,315 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-21 00:02:02,316 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-21 00:02:02,316 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-21 00:02:02,317 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-21 00:02:02,341 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-21 00:02:02,342 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-21 00:02:02,342 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-21 00:02:02,342 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-21 00:02:02,343 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-21 00:02:02,343 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-21 00:02:02,343 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-21 00:02:02,344 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-21 00:02:02,344 INFO L138 SettingsManager]: * Use SBE=true [2022-02-21 00:02:02,344 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-21 00:02:02,344 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-21 00:02:02,344 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-21 00:02:02,345 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-21 00:02:02,345 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-21 00:02:02,345 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-21 00:02:02,345 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-21 00:02:02,345 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-21 00:02:02,346 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-21 00:02:02,346 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-21 00:02:02,346 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-21 00:02:02,346 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-21 00:02:02,346 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-21 00:02:02,347 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-21 00:02:02,347 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-21 00:02:02,347 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-21 00:02:02,348 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-21 00:02:02,348 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-21 00:02:02,348 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-21 00:02:02,349 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-21 00:02:02,349 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-21 00:02:02,349 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde [2022-02-21 00:02:02,575 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-21 00:02:02,594 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-21 00:02:02,597 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-21 00:02:02,599 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-21 00:02:02,599 INFO L275 PluginConnector]: CDTParser initialized [2022-02-21 00:02:02,600 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:02,664 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/03e9513a3/42ba2aa7b1d245f99cffd18e17a0358a/FLAG97636460f [2022-02-21 00:02:03,135 INFO L306 CDTParser]: Found 1 translation units. [2022-02-21 00:02:03,135 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:03,155 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/03e9513a3/42ba2aa7b1d245f99cffd18e17a0358a/FLAG97636460f [2022-02-21 00:02:03,658 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/03e9513a3/42ba2aa7b1d245f99cffd18e17a0358a [2022-02-21 00:02:03,660 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-21 00:02:03,662 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-21 00:02:03,663 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-21 00:02:03,663 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-21 00:02:03,666 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-21 00:02:03,668 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.02 12:02:03" (1/1) ... [2022-02-21 00:02:03,668 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5033e6a1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:03, skipping insertion in model container [2022-02-21 00:02:03,669 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.02 12:02:03" (1/1) ... [2022-02-21 00:02:03,675 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-21 00:02:03,731 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-21 00:02:04,078 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-21 00:02:04,081 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-21 00:02:04,088 INFO L203 MainTranslator]: Completed pre-run [2022-02-21 00:02:04,188 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-21 00:02:04,192 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-21 00:02:04,206 INFO L208 MainTranslator]: Completed translation [2022-02-21 00:02:04,207 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04 WrapperNode [2022-02-21 00:02:04,208 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-21 00:02:04,209 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-21 00:02:04,210 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-21 00:02:04,210 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-21 00:02:04,216 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,237 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,298 INFO L137 Inliner]: procedures = 29, calls = 44, calls flagged for inlining = 10, calls inlined = 10, statements flattened = 663 [2022-02-21 00:02:04,298 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-21 00:02:04,299 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-21 00:02:04,299 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-21 00:02:04,300 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-21 00:02:04,307 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,307 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,318 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,318 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,333 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,349 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,361 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,365 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-21 00:02:04,372 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-21 00:02:04,372 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-21 00:02:04,372 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-21 00:02:04,375 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (1/1) ... [2022-02-21 00:02:04,380 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-21 00:02:04,390 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-21 00:02:04,409 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-21 00:02:04,432 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-21 00:02:04,447 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-21 00:02:04,449 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_Complete [2022-02-21 00:02:04,449 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_Complete [2022-02-21 00:02:04,449 INFO L130 BoogieDeclarations]: Found specification of procedure stubMoreProcessingRequired [2022-02-21 00:02:04,449 INFO L138 BoogieDeclarations]: Found implementation of procedure stubMoreProcessingRequired [2022-02-21 00:02:04,449 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_CreateClose [2022-02-21 00:02:04,449 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_CreateClose [2022-02-21 00:02:04,450 INFO L130 BoogieDeclarations]: Found specification of procedure IofCompleteRequest [2022-02-21 00:02:04,450 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCompleteRequest [2022-02-21 00:02:04,450 INFO L130 BoogieDeclarations]: Found specification of procedure errorFn [2022-02-21 00:02:04,450 INFO L138 BoogieDeclarations]: Found implementation of procedure errorFn [2022-02-21 00:02:04,450 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-21 00:02:04,450 INFO L130 BoogieDeclarations]: Found specification of procedure IofCallDriver [2022-02-21 00:02:04,451 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCallDriver [2022-02-21 00:02:04,451 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-21 00:02:04,451 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-21 00:02:04,451 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_DispatchPassThrough [2022-02-21 00:02:04,452 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_DispatchPassThrough [2022-02-21 00:02:04,610 INFO L234 CfgBuilder]: Building ICFG [2022-02-21 00:02:04,612 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-21 00:02:04,759 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:04,792 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:04,794 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:04,798 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:04,810 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:05,328 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##87: assume !false; [2022-02-21 00:02:05,328 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##86: assume false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##63: assume !false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##62: assume false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##129: assume false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##130: assume !false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##18: assume false; [2022-02-21 00:02:05,329 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##19: assume !false; [2022-02-21 00:02:05,330 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##113: assume !false; [2022-02-21 00:02:05,330 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##112: assume false; [2022-02-21 00:02:05,348 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:05,383 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##12: assume !false; [2022-02-21 00:02:05,383 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##11: assume false; [2022-02-21 00:02:05,391 INFO L275 CfgBuilder]: Performing block encoding [2022-02-21 00:02:05,403 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-21 00:02:05,406 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-21 00:02:05,409 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.02 12:02:05 BoogieIcfgContainer [2022-02-21 00:02:05,410 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-21 00:02:05,411 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-21 00:02:05,411 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-21 00:02:05,414 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-21 00:02:05,414 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 21.02 12:02:03" (1/3) ... [2022-02-21 00:02:05,415 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7d289c3e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.02 12:02:05, skipping insertion in model container [2022-02-21 00:02:05,415 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:04" (2/3) ... [2022-02-21 00:02:05,416 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7d289c3e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.02 12:02:05, skipping insertion in model container [2022-02-21 00:02:05,416 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.02 12:02:05" (3/3) ... [2022-02-21 00:02:05,417 INFO L111 eAbstractionObserver]: Analyzing ICFG kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:05,421 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-21 00:02:05,422 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 2 error locations. [2022-02-21 00:02:05,463 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-21 00:02:05,469 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-21 00:02:05,469 INFO L340 AbstractCegarLoop]: Starting to check reachability of 2 error locations. [2022-02-21 00:02:05,499 INFO L276 IsEmpty]: Start isEmpty. Operand has 210 states, 171 states have (on average 1.6023391812865497) internal successors, (274), 190 states have internal predecessors, (274), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-21 00:02:05,504 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2022-02-21 00:02:05,504 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:05,505 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:05,505 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:05,510 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:05,511 INFO L85 PathProgramCache]: Analyzing trace with hash -15799092, now seen corresponding path program 1 times [2022-02-21 00:02:05,518 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:05,519 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1075486390] [2022-02-21 00:02:05,519 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:05,520 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:05,642 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:05,749 INFO L290 TraceCheckUtils]: 0: Hoare triple {213#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {213#true} is VALID [2022-02-21 00:02:05,750 INFO L290 TraceCheckUtils]: 1: Hoare triple {213#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {215#(= |ULTIMATE.start_main_~status~1#1| 0)} is VALID [2022-02-21 00:02:05,751 INFO L290 TraceCheckUtils]: 2: Hoare triple {215#(= |ULTIMATE.start_main_~status~1#1| 0)} assume { :end_inline__BLAST_init } true; {215#(= |ULTIMATE.start_main_~status~1#1| 0)} is VALID [2022-02-21 00:02:05,752 INFO L290 TraceCheckUtils]: 3: Hoare triple {215#(= |ULTIMATE.start_main_~status~1#1| 0)} assume !(main_~status~1#1 >= 0); {214#false} is VALID [2022-02-21 00:02:05,752 INFO L290 TraceCheckUtils]: 4: Hoare triple {214#false} assume 1 == ~pended~0; {214#false} is VALID [2022-02-21 00:02:05,752 INFO L290 TraceCheckUtils]: 5: Hoare triple {214#false} assume ~s~0 == ~NP~0;~s~0 := ~NP~0; {214#false} is VALID [2022-02-21 00:02:05,752 INFO L290 TraceCheckUtils]: 6: Hoare triple {214#false} main_#res#1 := main_~status~1#1; {214#false} is VALID [2022-02-21 00:02:05,753 INFO L290 TraceCheckUtils]: 7: Hoare triple {214#false} assume !(#valid == main_old_#valid#1); {214#false} is VALID [2022-02-21 00:02:05,754 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:05,754 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:05,754 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1075486390] [2022-02-21 00:02:05,755 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1075486390] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:05,755 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:05,755 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:05,758 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1221007001] [2022-02-21 00:02:05,758 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:05,763 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 8 [2022-02-21 00:02:05,764 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:05,767 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:05,784 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:05,784 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:05,786 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:05,811 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:05,812 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:05,816 INFO L87 Difference]: Start difference. First operand has 210 states, 171 states have (on average 1.6023391812865497) internal successors, (274), 190 states have internal predecessors, (274), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) Second operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:06,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:06,227 INFO L93 Difference]: Finished difference Result 212 states and 315 transitions. [2022-02-21 00:02:06,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:06,234 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 8 [2022-02-21 00:02:06,234 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:06,236 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:06,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 320 transitions. [2022-02-21 00:02:06,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:06,257 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 320 transitions. [2022-02-21 00:02:06,258 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 320 transitions. [2022-02-21 00:02:06,584 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 320 edges. 320 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:06,608 INFO L225 Difference]: With dead ends: 212 [2022-02-21 00:02:06,608 INFO L226 Difference]: Without dead ends: 208 [2022-02-21 00:02:06,610 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:06,616 INFO L933 BasicCegarLoop]: 310 mSDtfsCounter, 179 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 190 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:06,617 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [190 Valid, 419 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:06,632 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-21 00:02:06,652 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 206. [2022-02-21 00:02:06,653 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:06,655 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:06,656 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:06,658 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:06,672 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:06,672 INFO L93 Difference]: Finished difference Result 208 states and 311 transitions. [2022-02-21 00:02:06,673 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 311 transitions. [2022-02-21 00:02:06,682 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:06,684 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:06,686 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 208 states. [2022-02-21 00:02:06,687 INFO L87 Difference]: Start difference. First operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 208 states. [2022-02-21 00:02:06,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:06,710 INFO L93 Difference]: Finished difference Result 208 states and 311 transitions. [2022-02-21 00:02:06,710 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 311 transitions. [2022-02-21 00:02:06,713 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:06,713 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:06,713 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:06,716 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:06,717 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:06,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 310 transitions. [2022-02-21 00:02:06,727 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 310 transitions. Word has length 8 [2022-02-21 00:02:06,728 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:06,728 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 310 transitions. [2022-02-21 00:02:06,728 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:06,728 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 310 transitions. [2022-02-21 00:02:06,729 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-21 00:02:06,729 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:06,729 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:06,729 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-21 00:02:06,730 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:06,732 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:06,732 INFO L85 PathProgramCache]: Analyzing trace with hash -191249986, now seen corresponding path program 1 times [2022-02-21 00:02:06,733 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:06,733 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [196592674] [2022-02-21 00:02:06,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:06,733 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:06,786 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:06,841 INFO L290 TraceCheckUtils]: 0: Hoare triple {1052#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {1052#true} is VALID [2022-02-21 00:02:06,842 INFO L290 TraceCheckUtils]: 1: Hoare triple {1052#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,843 INFO L290 TraceCheckUtils]: 2: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume { :end_inline__BLAST_init } true; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,844 INFO L290 TraceCheckUtils]: 3: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,844 INFO L290 TraceCheckUtils]: 4: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,845 INFO L290 TraceCheckUtils]: 5: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,846 INFO L290 TraceCheckUtils]: 6: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume { :end_inline_stub_driver_init } true; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,846 INFO L290 TraceCheckUtils]: 7: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,847 INFO L290 TraceCheckUtils]: 8: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,847 INFO L290 TraceCheckUtils]: 9: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,849 INFO L290 TraceCheckUtils]: 10: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,850 INFO L290 TraceCheckUtils]: 11: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,850 INFO L290 TraceCheckUtils]: 12: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(8 == main_~tmp_ndt_5~0#1); {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,851 INFO L290 TraceCheckUtils]: 13: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} main_#res#1 := -1; {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-21 00:02:06,851 INFO L290 TraceCheckUtils]: 14: Hoare triple {1054#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(#valid == main_old_#valid#1); {1053#false} is VALID [2022-02-21 00:02:06,851 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:06,852 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:06,852 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [196592674] [2022-02-21 00:02:06,852 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [196592674] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:06,853 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:06,853 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-21 00:02:06,853 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [292287162] [2022-02-21 00:02:06,853 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:06,855 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 15 [2022-02-21 00:02:06,855 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:06,855 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:06,868 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:06,869 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:06,869 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:06,870 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:06,870 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:06,871 INFO L87 Difference]: Start difference. First operand 206 states and 310 transitions. Second operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:07,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:07,218 INFO L93 Difference]: Finished difference Result 205 states and 309 transitions. [2022-02-21 00:02:07,219 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:07,219 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 15 [2022-02-21 00:02:07,219 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:07,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:07,226 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 310 transitions. [2022-02-21 00:02:07,226 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:07,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 310 transitions. [2022-02-21 00:02:07,233 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 310 transitions. [2022-02-21 00:02:07,527 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 310 edges. 310 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:07,533 INFO L225 Difference]: With dead ends: 205 [2022-02-21 00:02:07,534 INFO L226 Difference]: Without dead ends: 201 [2022-02-21 00:02:07,538 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:07,541 INFO L933 BasicCegarLoop]: 309 mSDtfsCounter, 199 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 210 SdHoareTripleChecker+Valid, 373 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:07,541 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [210 Valid, 373 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:07,545 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 201 states. [2022-02-21 00:02:07,554 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 201 to 201. [2022-02-21 00:02:07,559 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:07,561 INFO L82 GeneralOperation]: Start isEquivalent. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:07,563 INFO L74 IsIncluded]: Start isIncluded. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:07,563 INFO L87 Difference]: Start difference. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:07,573 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:07,574 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-21 00:02:07,574 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:07,575 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:07,576 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:07,577 INFO L74 IsIncluded]: Start isIncluded. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-21 00:02:07,578 INFO L87 Difference]: Start difference. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-21 00:02:07,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:07,593 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-21 00:02:07,594 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:07,595 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:07,596 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:07,596 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:07,596 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:07,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:07,606 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 296 transitions. [2022-02-21 00:02:07,606 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 296 transitions. Word has length 15 [2022-02-21 00:02:07,607 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:07,608 INFO L470 AbstractCegarLoop]: Abstraction has 201 states and 296 transitions. [2022-02-21 00:02:07,608 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:07,608 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:07,609 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-21 00:02:07,609 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:07,609 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:07,609 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-21 00:02:07,609 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:07,610 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:07,610 INFO L85 PathProgramCache]: Analyzing trace with hash 509601447, now seen corresponding path program 1 times [2022-02-21 00:02:07,610 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:07,611 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [666159361] [2022-02-21 00:02:07,611 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:07,611 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:07,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:07,675 INFO L290 TraceCheckUtils]: 0: Hoare triple {1865#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {1865#true} is VALID [2022-02-21 00:02:07,676 INFO L290 TraceCheckUtils]: 1: Hoare triple {1865#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1865#true} is VALID [2022-02-21 00:02:07,676 INFO L290 TraceCheckUtils]: 2: Hoare triple {1865#true} assume { :end_inline__BLAST_init } true; {1865#true} is VALID [2022-02-21 00:02:07,676 INFO L290 TraceCheckUtils]: 3: Hoare triple {1865#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {1865#true} is VALID [2022-02-21 00:02:07,676 INFO L290 TraceCheckUtils]: 4: Hoare triple {1865#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {1865#true} is VALID [2022-02-21 00:02:07,677 INFO L290 TraceCheckUtils]: 5: Hoare triple {1865#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,677 INFO L290 TraceCheckUtils]: 6: Hoare triple {1867#(= ~s~0 ~NP~0)} assume { :end_inline_stub_driver_init } true; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,678 INFO L290 TraceCheckUtils]: 7: Hoare triple {1867#(= ~s~0 ~NP~0)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,678 INFO L290 TraceCheckUtils]: 8: Hoare triple {1867#(= ~s~0 ~NP~0)} assume 0 == main_~tmp_ndt_1~0#1; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,679 INFO L272 TraceCheckUtils]: 9: Hoare triple {1867#(= ~s~0 ~NP~0)} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,680 INFO L290 TraceCheckUtils]: 10: Hoare triple {1867#(= ~s~0 ~NP~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet41 && #t~nondet41 <= 2147483647;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;assume -2147483648 <= #t~nondet42 && #t~nondet42 <= 2147483647;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,680 INFO L290 TraceCheckUtils]: 11: Hoare triple {1867#(= ~s~0 ~NP~0)} assume 0 == ~irpStack__MajorFunction~0; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,680 INFO L290 TraceCheckUtils]: 12: Hoare triple {1867#(= ~s~0 ~NP~0)} assume 0 == ~devExt__UpperConnectData__ClassService~0;~status~2 := -1073741436; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,681 INFO L290 TraceCheckUtils]: 13: Hoare triple {1867#(= ~s~0 ~NP~0)} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,682 INFO L272 TraceCheckUtils]: 14: Hoare triple {1867#(= ~s~0 ~NP~0)} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,682 INFO L290 TraceCheckUtils]: 15: Hoare triple {1867#(= ~s~0 ~NP~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {1867#(= ~s~0 ~NP~0)} is VALID [2022-02-21 00:02:07,683 INFO L290 TraceCheckUtils]: 16: Hoare triple {1867#(= ~s~0 ~NP~0)} assume !(~s~0 == ~NP~0); {1866#false} is VALID [2022-02-21 00:02:07,683 INFO L272 TraceCheckUtils]: 17: Hoare triple {1866#false} call errorFn(); {1866#false} is VALID [2022-02-21 00:02:07,683 INFO L290 TraceCheckUtils]: 18: Hoare triple {1866#false} assume !false; {1866#false} is VALID [2022-02-21 00:02:07,684 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:07,684 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:07,684 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [666159361] [2022-02-21 00:02:07,684 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [666159361] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:07,684 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:07,684 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:07,685 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [959393185] [2022-02-21 00:02:07,685 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:07,685 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-21 00:02:07,686 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:07,686 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:07,701 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:07,701 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:07,701 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:07,702 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:07,702 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:07,702 INFO L87 Difference]: Start difference. First operand 201 states and 296 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:08,084 INFO L93 Difference]: Finished difference Result 269 states and 381 transitions. [2022-02-21 00:02:08,085 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:08,085 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-21 00:02:08,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:08,085 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,091 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 391 transitions. [2022-02-21 00:02:08,092 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 391 transitions. [2022-02-21 00:02:08,097 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 391 transitions. [2022-02-21 00:02:08,413 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 391 edges. 391 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:08,420 INFO L225 Difference]: With dead ends: 269 [2022-02-21 00:02:08,420 INFO L226 Difference]: Without dead ends: 268 [2022-02-21 00:02:08,421 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:08,422 INFO L933 BasicCegarLoop]: 329 mSDtfsCounter, 205 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 70 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 205 SdHoareTripleChecker+Valid, 438 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 70 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:08,422 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [205 Valid, 438 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 70 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:08,423 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-21 00:02:08,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 252. [2022-02-21 00:02:08,433 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:08,434 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:08,435 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:08,436 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:08,445 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:08,446 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-21 00:02:08,446 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-21 00:02:08,447 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:08,447 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:08,448 INFO L74 IsIncluded]: Start isIncluded. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-21 00:02:08,449 INFO L87 Difference]: Start difference. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-21 00:02:08,459 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:08,459 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-21 00:02:08,459 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-21 00:02:08,460 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:08,461 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:08,461 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:08,461 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:08,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:08,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 361 transitions. [2022-02-21 00:02:08,470 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 361 transitions. Word has length 19 [2022-02-21 00:02:08,471 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:08,471 INFO L470 AbstractCegarLoop]: Abstraction has 252 states and 361 transitions. [2022-02-21 00:02:08,471 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,471 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 361 transitions. [2022-02-21 00:02:08,472 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-21 00:02:08,472 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:08,472 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:08,472 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-21 00:02:08,473 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:08,473 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:08,473 INFO L85 PathProgramCache]: Analyzing trace with hash -2016043468, now seen corresponding path program 1 times [2022-02-21 00:02:08,474 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:08,474 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [437430347] [2022-02-21 00:02:08,474 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:08,474 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:08,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:08,527 INFO L290 TraceCheckUtils]: 0: Hoare triple {2927#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {2927#true} is VALID [2022-02-21 00:02:08,527 INFO L290 TraceCheckUtils]: 1: Hoare triple {2927#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {2927#true} is VALID [2022-02-21 00:02:08,527 INFO L290 TraceCheckUtils]: 2: Hoare triple {2927#true} assume { :end_inline__BLAST_init } true; {2927#true} is VALID [2022-02-21 00:02:08,528 INFO L290 TraceCheckUtils]: 3: Hoare triple {2927#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {2927#true} is VALID [2022-02-21 00:02:08,528 INFO L290 TraceCheckUtils]: 4: Hoare triple {2927#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {2927#true} is VALID [2022-02-21 00:02:08,528 INFO L290 TraceCheckUtils]: 5: Hoare triple {2927#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,529 INFO L290 TraceCheckUtils]: 6: Hoare triple {2929#(= ~compRegistered~0 0)} assume { :end_inline_stub_driver_init } true; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,529 INFO L290 TraceCheckUtils]: 7: Hoare triple {2929#(= ~compRegistered~0 0)} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,530 INFO L290 TraceCheckUtils]: 8: Hoare triple {2929#(= ~compRegistered~0 0)} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,530 INFO L290 TraceCheckUtils]: 9: Hoare triple {2929#(= ~compRegistered~0 0)} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,531 INFO L290 TraceCheckUtils]: 10: Hoare triple {2929#(= ~compRegistered~0 0)} assume 3 == main_~tmp_ndt_3~0#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,531 INFO L290 TraceCheckUtils]: 11: Hoare triple {2929#(= ~compRegistered~0 0)} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,532 INFO L290 TraceCheckUtils]: 12: Hoare triple {2929#(= ~compRegistered~0 0)} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,532 INFO L290 TraceCheckUtils]: 13: Hoare triple {2929#(= ~compRegistered~0 0)} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,533 INFO L290 TraceCheckUtils]: 14: Hoare triple {2929#(= ~compRegistered~0 0)} assume !(~s~0 != ~NP~0); {2929#(= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:08,533 INFO L290 TraceCheckUtils]: 15: Hoare triple {2929#(= ~compRegistered~0 0)} assume 0 != ~compRegistered~0; {2928#false} is VALID [2022-02-21 00:02:08,533 INFO L272 TraceCheckUtils]: 16: Hoare triple {2928#false} call errorFn(); {2928#false} is VALID [2022-02-21 00:02:08,533 INFO L290 TraceCheckUtils]: 17: Hoare triple {2928#false} assume !false; {2928#false} is VALID [2022-02-21 00:02:08,534 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:08,534 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:08,534 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [437430347] [2022-02-21 00:02:08,534 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [437430347] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:08,535 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:08,535 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:08,535 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1082663366] [2022-02-21 00:02:08,535 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:08,536 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-21 00:02:08,536 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:08,536 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,549 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:08,550 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:08,550 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:08,550 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:08,551 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:08,551 INFO L87 Difference]: Start difference. First operand 252 states and 361 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,800 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:08,801 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:08,801 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:08,801 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-21 00:02:08,802 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:08,802 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,806 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 350 transitions. [2022-02-21 00:02:08,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:08,811 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 350 transitions. [2022-02-21 00:02:08,811 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 350 transitions. [2022-02-21 00:02:09,079 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 350 edges. 350 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:09,087 INFO L225 Difference]: With dead ends: 312 [2022-02-21 00:02:09,088 INFO L226 Difference]: Without dead ends: 312 [2022-02-21 00:02:09,089 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:09,098 INFO L933 BasicCegarLoop]: 272 mSDtfsCounter, 242 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:09,099 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [242 Valid, 360 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:09,100 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2022-02-21 00:02:09,108 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 290. [2022-02-21 00:02:09,108 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:09,109 INFO L82 GeneralOperation]: Start isEquivalent. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,110 INFO L74 IsIncluded]: Start isIncluded. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,111 INFO L87 Difference]: Start difference. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,122 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:09,123 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:09,123 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-21 00:02:09,124 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:09,124 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:09,125 INFO L74 IsIncluded]: Start isIncluded. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-21 00:02:09,126 INFO L87 Difference]: Start difference. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-21 00:02:09,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:09,137 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:09,137 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-21 00:02:09,138 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:09,139 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:09,139 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:09,139 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:09,140 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,149 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 290 states to 290 states and 410 transitions. [2022-02-21 00:02:09,150 INFO L78 Accepts]: Start accepts. Automaton has 290 states and 410 transitions. Word has length 18 [2022-02-21 00:02:09,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:09,150 INFO L470 AbstractCegarLoop]: Abstraction has 290 states and 410 transitions. [2022-02-21 00:02:09,151 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,151 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 410 transitions. [2022-02-21 00:02:09,151 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-21 00:02:09,152 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:09,152 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:09,152 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-21 00:02:09,152 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:09,153 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:09,153 INFO L85 PathProgramCache]: Analyzing trace with hash 1363549369, now seen corresponding path program 1 times [2022-02-21 00:02:09,153 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:09,153 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1419950035] [2022-02-21 00:02:09,153 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:09,154 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:09,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:09,224 INFO L290 TraceCheckUtils]: 0: Hoare triple {4158#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {4158#true} is VALID [2022-02-21 00:02:09,224 INFO L290 TraceCheckUtils]: 1: Hoare triple {4158#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {4158#true} is VALID [2022-02-21 00:02:09,224 INFO L290 TraceCheckUtils]: 2: Hoare triple {4158#true} assume { :end_inline__BLAST_init } true; {4158#true} is VALID [2022-02-21 00:02:09,225 INFO L290 TraceCheckUtils]: 3: Hoare triple {4158#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {4158#true} is VALID [2022-02-21 00:02:09,225 INFO L290 TraceCheckUtils]: 4: Hoare triple {4158#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {4158#true} is VALID [2022-02-21 00:02:09,225 INFO L290 TraceCheckUtils]: 5: Hoare triple {4158#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {4158#true} is VALID [2022-02-21 00:02:09,225 INFO L290 TraceCheckUtils]: 6: Hoare triple {4158#true} assume { :end_inline_stub_driver_init } true; {4158#true} is VALID [2022-02-21 00:02:09,226 INFO L290 TraceCheckUtils]: 7: Hoare triple {4158#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {4158#true} is VALID [2022-02-21 00:02:09,226 INFO L290 TraceCheckUtils]: 8: Hoare triple {4158#true} assume 0 == main_~tmp_ndt_1~0#1; {4158#true} is VALID [2022-02-21 00:02:09,226 INFO L272 TraceCheckUtils]: 9: Hoare triple {4158#true} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {4158#true} is VALID [2022-02-21 00:02:09,226 INFO L290 TraceCheckUtils]: 10: Hoare triple {4158#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet41 && #t~nondet41 <= 2147483647;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;assume -2147483648 <= #t~nondet42 && #t~nondet42 <= 2147483647;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {4158#true} is VALID [2022-02-21 00:02:09,226 INFO L290 TraceCheckUtils]: 11: Hoare triple {4158#true} assume 0 == ~irpStack__MajorFunction~0; {4158#true} is VALID [2022-02-21 00:02:09,227 INFO L290 TraceCheckUtils]: 12: Hoare triple {4158#true} assume 0 == ~devExt__UpperConnectData__ClassService~0;~status~2 := -1073741436; {4158#true} is VALID [2022-02-21 00:02:09,227 INFO L290 TraceCheckUtils]: 13: Hoare triple {4158#true} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {4158#true} is VALID [2022-02-21 00:02:09,227 INFO L272 TraceCheckUtils]: 14: Hoare triple {4158#true} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {4158#true} is VALID [2022-02-21 00:02:09,227 INFO L290 TraceCheckUtils]: 15: Hoare triple {4158#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {4158#true} is VALID [2022-02-21 00:02:09,228 INFO L290 TraceCheckUtils]: 16: Hoare triple {4158#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,229 INFO L290 TraceCheckUtils]: 17: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,230 INFO L272 TraceCheckUtils]: 18: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,230 INFO L290 TraceCheckUtils]: 19: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,231 INFO L290 TraceCheckUtils]: 20: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} assume !(0 != ~compRegistered~0); {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,231 INFO L290 TraceCheckUtils]: 21: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,232 INFO L290 TraceCheckUtils]: 22: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} assume 0 == ~tmp_ndt_6~0; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,232 INFO L290 TraceCheckUtils]: 23: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} ~returnVal2~0 := 0; {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,233 INFO L290 TraceCheckUtils]: 24: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~NP~0); {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,233 INFO L290 TraceCheckUtils]: 25: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~MPR1~0); {4160#(= ~SKIP1~0 ~s~0)} is VALID [2022-02-21 00:02:09,234 INFO L290 TraceCheckUtils]: 26: Hoare triple {4160#(= ~SKIP1~0 ~s~0)} assume !(~s~0 == ~SKIP1~0); {4159#false} is VALID [2022-02-21 00:02:09,234 INFO L272 TraceCheckUtils]: 27: Hoare triple {4159#false} call errorFn(); {4159#false} is VALID [2022-02-21 00:02:09,234 INFO L290 TraceCheckUtils]: 28: Hoare triple {4159#false} assume !false; {4159#false} is VALID [2022-02-21 00:02:09,234 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:09,235 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:09,235 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1419950035] [2022-02-21 00:02:09,235 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1419950035] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:09,235 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:09,235 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:09,236 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1881141424] [2022-02-21 00:02:09,236 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:09,236 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-21 00:02:09,237 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:09,237 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,257 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:09,257 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:09,257 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:09,258 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:09,258 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:09,258 INFO L87 Difference]: Start difference. First operand 290 states and 410 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:09,558 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:09,558 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:09,558 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-21 00:02:09,558 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:09,559 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 289 transitions. [2022-02-21 00:02:09,563 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 289 transitions. [2022-02-21 00:02:09,566 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 289 transitions. [2022-02-21 00:02:09,777 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:09,783 INFO L225 Difference]: With dead ends: 289 [2022-02-21 00:02:09,783 INFO L226 Difference]: Without dead ends: 289 [2022-02-21 00:02:09,783 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:09,785 INFO L933 BasicCegarLoop]: 271 mSDtfsCounter, 25 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 476 SdHoareTripleChecker+Invalid, 55 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:09,787 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [25 Valid, 476 Invalid, 55 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:09,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2022-02-21 00:02:09,797 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 289. [2022-02-21 00:02:09,797 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:09,798 INFO L82 GeneralOperation]: Start isEquivalent. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,799 INFO L74 IsIncluded]: Start isIncluded. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,800 INFO L87 Difference]: Start difference. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,809 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:09,810 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:09,810 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:09,811 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:09,811 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:09,812 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-21 00:02:09,812 INFO L87 Difference]: Start difference. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-21 00:02:09,821 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:09,821 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:09,822 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:09,823 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:09,823 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:09,823 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:09,823 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:09,824 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:09,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 407 transitions. [2022-02-21 00:02:09,833 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 407 transitions. Word has length 29 [2022-02-21 00:02:09,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:09,834 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 407 transitions. [2022-02-21 00:02:09,834 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:09,834 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:09,836 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-21 00:02:09,836 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:09,836 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:09,836 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-21 00:02:09,836 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:09,837 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:09,837 INFO L85 PathProgramCache]: Analyzing trace with hash -1270637010, now seen corresponding path program 1 times [2022-02-21 00:02:09,837 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:09,837 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1479989374] [2022-02-21 00:02:09,837 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:09,838 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:09,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:09,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:09,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:10,007 INFO L290 TraceCheckUtils]: 0: Hoare triple {5327#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5319#true} is VALID [2022-02-21 00:02:10,008 INFO L290 TraceCheckUtils]: 1: Hoare triple {5319#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:10,008 INFO L290 TraceCheckUtils]: 2: Hoare triple {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:10,009 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} #744#return; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,010 INFO L290 TraceCheckUtils]: 0: Hoare triple {5319#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {5319#true} is VALID [2022-02-21 00:02:10,010 INFO L290 TraceCheckUtils]: 1: Hoare triple {5319#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,011 INFO L290 TraceCheckUtils]: 2: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :end_inline__BLAST_init } true; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,011 INFO L290 TraceCheckUtils]: 3: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,012 INFO L290 TraceCheckUtils]: 4: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,012 INFO L290 TraceCheckUtils]: 5: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,013 INFO L290 TraceCheckUtils]: 6: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :end_inline_stub_driver_init } true; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,013 INFO L290 TraceCheckUtils]: 7: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,014 INFO L290 TraceCheckUtils]: 8: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,014 INFO L290 TraceCheckUtils]: 9: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,015 INFO L290 TraceCheckUtils]: 10: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,015 INFO L290 TraceCheckUtils]: 11: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,016 INFO L290 TraceCheckUtils]: 12: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 8 == main_~tmp_ndt_5~0#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,018 INFO L290 TraceCheckUtils]: 13: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,019 INFO L290 TraceCheckUtils]: 14: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,019 INFO L290 TraceCheckUtils]: 15: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,020 INFO L290 TraceCheckUtils]: 16: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} is VALID [2022-02-21 00:02:10,021 INFO L272 TraceCheckUtils]: 17: Hoare triple {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {5327#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:10,021 INFO L290 TraceCheckUtils]: 18: Hoare triple {5327#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5319#true} is VALID [2022-02-21 00:02:10,022 INFO L290 TraceCheckUtils]: 19: Hoare triple {5319#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:10,023 INFO L290 TraceCheckUtils]: 20: Hoare triple {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:10,024 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5328#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {5321#(and (not (= ~SKIP2~0 2)) (= 2 ~DC~0))} #744#return; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,024 INFO L290 TraceCheckUtils]: 22: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,025 INFO L290 TraceCheckUtils]: 23: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,025 INFO L290 TraceCheckUtils]: 24: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(1 == ~pended~0); {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,026 INFO L290 TraceCheckUtils]: 25: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(1 == ~pended~0); {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,026 INFO L290 TraceCheckUtils]: 26: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume ~s~0 != ~UNLOADED~0; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,027 INFO L290 TraceCheckUtils]: 27: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume -1 != main_~status~1#1; {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} is VALID [2022-02-21 00:02:10,027 INFO L290 TraceCheckUtils]: 28: Hoare triple {5326#(and (not (= ~SKIP2~0 2)) (= 2 ~s~0))} assume !(~s~0 != ~SKIP2~0); {5320#false} is VALID [2022-02-21 00:02:10,027 INFO L290 TraceCheckUtils]: 29: Hoare triple {5320#false} assume 1 == ~pended~0; {5320#false} is VALID [2022-02-21 00:02:10,028 INFO L290 TraceCheckUtils]: 30: Hoare triple {5320#false} assume 259 != main_~status~1#1; {5320#false} is VALID [2022-02-21 00:02:10,028 INFO L272 TraceCheckUtils]: 31: Hoare triple {5320#false} call errorFn(); {5320#false} is VALID [2022-02-21 00:02:10,028 INFO L290 TraceCheckUtils]: 32: Hoare triple {5320#false} assume !false; {5320#false} is VALID [2022-02-21 00:02:10,029 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:10,029 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:10,029 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1479989374] [2022-02-21 00:02:10,029 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1479989374] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:10,029 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:10,030 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-21 00:02:10,030 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2106098787] [2022-02-21 00:02:10,030 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:10,032 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-21 00:02:10,032 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:10,032 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:10,061 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:10,061 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-21 00:02:10,061 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:10,062 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-21 00:02:10,062 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-21 00:02:10,062 INFO L87 Difference]: Start difference. First operand 289 states and 407 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:11,136 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:11,136 INFO L93 Difference]: Finished difference Result 307 states and 427 transitions. [2022-02-21 00:02:11,136 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:11,137 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-21 00:02:11,137 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:11,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:11,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 307 transitions. [2022-02-21 00:02:11,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:11,143 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 307 transitions. [2022-02-21 00:02:11,143 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 307 transitions. [2022-02-21 00:02:11,399 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 307 edges. 307 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:11,406 INFO L225 Difference]: With dead ends: 307 [2022-02-21 00:02:11,406 INFO L226 Difference]: Without dead ends: 306 [2022-02-21 00:02:11,406 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-21 00:02:11,407 INFO L933 BasicCegarLoop]: 255 mSDtfsCounter, 323 mSDsluCounter, 568 mSDsCounter, 0 mSdLazyCounter, 216 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 325 SdHoareTripleChecker+Valid, 823 SdHoareTripleChecker+Invalid, 251 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:11,408 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [325 Valid, 823 Invalid, 251 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 216 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-21 00:02:11,409 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-21 00:02:11,416 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-21 00:02:11,416 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:11,417 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:11,418 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:11,419 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:11,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:11,427 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-21 00:02:11,428 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-21 00:02:11,429 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:11,429 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:11,430 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:11,431 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:11,440 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:11,440 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-21 00:02:11,441 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-21 00:02:11,442 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:11,442 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:11,442 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:11,442 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:11,444 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:11,451 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 422 transitions. [2022-02-21 00:02:11,452 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 422 transitions. Word has length 33 [2022-02-21 00:02:11,452 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:11,452 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 422 transitions. [2022-02-21 00:02:11,452 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:11,453 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 422 transitions. [2022-02-21 00:02:11,454 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:11,454 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:11,454 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:11,455 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-21 00:02:11,455 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:11,455 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:11,455 INFO L85 PathProgramCache]: Analyzing trace with hash -1113906492, now seen corresponding path program 1 times [2022-02-21 00:02:11,456 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:11,456 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1266110096] [2022-02-21 00:02:11,456 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:11,456 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:11,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:11,608 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:11,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:11,643 INFO L290 TraceCheckUtils]: 0: Hoare triple {6566#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {6558#true} is VALID [2022-02-21 00:02:11,644 INFO L290 TraceCheckUtils]: 1: Hoare triple {6558#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:11,644 INFO L290 TraceCheckUtils]: 2: Hoare triple {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:11,645 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} #744#return; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,645 INFO L290 TraceCheckUtils]: 0: Hoare triple {6558#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {6558#true} is VALID [2022-02-21 00:02:11,646 INFO L290 TraceCheckUtils]: 1: Hoare triple {6558#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,647 INFO L290 TraceCheckUtils]: 2: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :end_inline__BLAST_init } true; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,647 INFO L290 TraceCheckUtils]: 3: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,648 INFO L290 TraceCheckUtils]: 4: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,648 INFO L290 TraceCheckUtils]: 5: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,649 INFO L290 TraceCheckUtils]: 6: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :end_inline_stub_driver_init } true; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,650 INFO L290 TraceCheckUtils]: 7: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,651 INFO L290 TraceCheckUtils]: 8: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,651 INFO L290 TraceCheckUtils]: 9: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,652 INFO L290 TraceCheckUtils]: 10: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,652 INFO L290 TraceCheckUtils]: 11: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,653 INFO L290 TraceCheckUtils]: 12: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 8 == main_~tmp_ndt_5~0#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,654 INFO L290 TraceCheckUtils]: 13: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,654 INFO L290 TraceCheckUtils]: 14: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,655 INFO L290 TraceCheckUtils]: 15: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,656 INFO L290 TraceCheckUtils]: 16: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,657 INFO L272 TraceCheckUtils]: 17: Hoare triple {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {6566#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:11,657 INFO L290 TraceCheckUtils]: 18: Hoare triple {6566#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {6558#true} is VALID [2022-02-21 00:02:11,657 INFO L290 TraceCheckUtils]: 19: Hoare triple {6558#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:11,658 INFO L290 TraceCheckUtils]: 20: Hoare triple {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} assume true; {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} is VALID [2022-02-21 00:02:11,659 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {6567#(and (or (not (<= ~s~0 1)) (<= ~DC~0 ~s~0)) (or (<= ~s~0 ~DC~0) (<= ~s~0 2)))} {6560#(and (= 2 ~DC~0) (not (= ~IPC~0 2)))} #744#return; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,659 INFO L290 TraceCheckUtils]: 22: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,660 INFO L290 TraceCheckUtils]: 23: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,660 INFO L290 TraceCheckUtils]: 24: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(1 == ~pended~0); {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,661 INFO L290 TraceCheckUtils]: 25: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(1 == ~pended~0); {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,661 INFO L290 TraceCheckUtils]: 26: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume ~s~0 != ~UNLOADED~0; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,662 INFO L290 TraceCheckUtils]: 27: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume -1 != main_~status~1#1; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,662 INFO L290 TraceCheckUtils]: 28: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume ~s~0 != ~SKIP2~0; {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} is VALID [2022-02-21 00:02:11,663 INFO L290 TraceCheckUtils]: 29: Hoare triple {6565#(and (= 2 ~s~0) (not (= ~IPC~0 2)))} assume !(~s~0 != ~IPC~0); {6559#false} is VALID [2022-02-21 00:02:11,663 INFO L290 TraceCheckUtils]: 30: Hoare triple {6559#false} assume 1 == ~pended~0; {6559#false} is VALID [2022-02-21 00:02:11,663 INFO L290 TraceCheckUtils]: 31: Hoare triple {6559#false} assume 259 != main_~status~1#1; {6559#false} is VALID [2022-02-21 00:02:11,663 INFO L272 TraceCheckUtils]: 32: Hoare triple {6559#false} call errorFn(); {6559#false} is VALID [2022-02-21 00:02:11,663 INFO L290 TraceCheckUtils]: 33: Hoare triple {6559#false} assume !false; {6559#false} is VALID [2022-02-21 00:02:11,664 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:11,664 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:11,664 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1266110096] [2022-02-21 00:02:11,664 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1266110096] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:11,664 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:11,665 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-21 00:02:11,665 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [546346430] [2022-02-21 00:02:11,665 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:11,666 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:11,666 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:11,666 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:11,692 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:11,693 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-21 00:02:11,693 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:11,693 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-21 00:02:11,693 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-21 00:02:11,694 INFO L87 Difference]: Start difference. First operand 301 states and 422 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:12,475 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:12,475 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:12,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:12,476 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:12,476 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:12,477 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:12,479 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 304 transitions. [2022-02-21 00:02:12,480 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:12,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 304 transitions. [2022-02-21 00:02:12,482 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 304 transitions. [2022-02-21 00:02:12,754 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 304 edges. 304 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:12,760 INFO L225 Difference]: With dead ends: 306 [2022-02-21 00:02:12,761 INFO L226 Difference]: Without dead ends: 306 [2022-02-21 00:02:12,761 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-21 00:02:12,762 INFO L933 BasicCegarLoop]: 255 mSDtfsCounter, 331 mSDsluCounter, 377 mSDsCounter, 0 mSdLazyCounter, 142 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 333 SdHoareTripleChecker+Valid, 632 SdHoareTripleChecker+Invalid, 179 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:12,762 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [333 Valid, 632 Invalid, 179 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 142 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:12,763 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-21 00:02:12,769 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-21 00:02:12,769 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:12,770 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:12,771 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:12,771 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:12,779 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:12,780 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:12,780 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-21 00:02:12,781 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:12,781 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:12,782 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:12,783 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:12,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:12,792 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:12,792 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-21 00:02:12,793 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:12,793 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:12,793 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:12,794 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:12,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:12,802 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 421 transitions. [2022-02-21 00:02:12,802 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 421 transitions. Word has length 34 [2022-02-21 00:02:12,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:12,803 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 421 transitions. [2022-02-21 00:02:12,803 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:12,803 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 421 transitions. [2022-02-21 00:02:12,804 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:12,805 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:12,805 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:12,805 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-02-21 00:02:12,805 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:12,806 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:12,806 INFO L85 PathProgramCache]: Analyzing trace with hash 2136327390, now seen corresponding path program 1 times [2022-02-21 00:02:12,806 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:12,806 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [848057114] [2022-02-21 00:02:12,806 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:12,807 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:12,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:12,874 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:12,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:12,891 INFO L290 TraceCheckUtils]: 0: Hoare triple {7808#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {7796#true} is VALID [2022-02-21 00:02:12,892 INFO L290 TraceCheckUtils]: 1: Hoare triple {7796#true} assume !(0 != ~compRegistered~0); {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,892 INFO L290 TraceCheckUtils]: 2: Hoare triple {7809#(<= ~compRegistered~0 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,893 INFO L290 TraceCheckUtils]: 3: Hoare triple {7809#(<= ~compRegistered~0 0)} assume 0 == ~tmp_ndt_6~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,893 INFO L290 TraceCheckUtils]: 4: Hoare triple {7809#(<= ~compRegistered~0 0)} ~returnVal2~0 := 0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,893 INFO L290 TraceCheckUtils]: 5: Hoare triple {7809#(<= ~compRegistered~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,894 INFO L290 TraceCheckUtils]: 6: Hoare triple {7809#(<= ~compRegistered~0 0)} #res := ~returnVal2~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,894 INFO L290 TraceCheckUtils]: 7: Hoare triple {7809#(<= ~compRegistered~0 0)} assume true; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,896 INFO L284 TraceCheckUtils]: 8: Hoare quadruple {7809#(<= ~compRegistered~0 0)} {7798#(= ~compRegistered~0 1)} #718#return; {7797#false} is VALID [2022-02-21 00:02:12,896 INFO L290 TraceCheckUtils]: 0: Hoare triple {7796#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {7796#true} is VALID [2022-02-21 00:02:12,896 INFO L290 TraceCheckUtils]: 1: Hoare triple {7796#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {7796#true} is VALID [2022-02-21 00:02:12,896 INFO L290 TraceCheckUtils]: 2: Hoare triple {7796#true} assume { :end_inline__BLAST_init } true; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 3: Hoare triple {7796#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 4: Hoare triple {7796#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 5: Hoare triple {7796#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 6: Hoare triple {7796#true} assume { :end_inline_stub_driver_init } true; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 7: Hoare triple {7796#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {7796#true} is VALID [2022-02-21 00:02:12,897 INFO L290 TraceCheckUtils]: 8: Hoare triple {7796#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {7796#true} is VALID [2022-02-21 00:02:12,898 INFO L290 TraceCheckUtils]: 9: Hoare triple {7796#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {7796#true} is VALID [2022-02-21 00:02:12,898 INFO L290 TraceCheckUtils]: 10: Hoare triple {7796#true} assume 3 == main_~tmp_ndt_3~0#1; {7796#true} is VALID [2022-02-21 00:02:12,898 INFO L290 TraceCheckUtils]: 11: Hoare triple {7796#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {7796#true} is VALID [2022-02-21 00:02:12,898 INFO L290 TraceCheckUtils]: 12: Hoare triple {7796#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {7796#true} is VALID [2022-02-21 00:02:12,898 INFO L290 TraceCheckUtils]: 13: Hoare triple {7796#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {7796#true} is VALID [2022-02-21 00:02:12,899 INFO L290 TraceCheckUtils]: 14: Hoare triple {7796#true} assume !(~s~0 != ~NP~0); {7796#true} is VALID [2022-02-21 00:02:12,899 INFO L290 TraceCheckUtils]: 15: Hoare triple {7796#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {7798#(= ~compRegistered~0 1)} is VALID [2022-02-21 00:02:12,900 INFO L290 TraceCheckUtils]: 16: Hoare triple {7798#(= ~compRegistered~0 1)} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {7798#(= ~compRegistered~0 1)} is VALID [2022-02-21 00:02:12,900 INFO L272 TraceCheckUtils]: 17: Hoare triple {7798#(= ~compRegistered~0 1)} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {7808#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:12,901 INFO L290 TraceCheckUtils]: 18: Hoare triple {7808#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {7796#true} is VALID [2022-02-21 00:02:12,907 INFO L290 TraceCheckUtils]: 19: Hoare triple {7796#true} assume !(0 != ~compRegistered~0); {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,908 INFO L290 TraceCheckUtils]: 20: Hoare triple {7809#(<= ~compRegistered~0 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,908 INFO L290 TraceCheckUtils]: 21: Hoare triple {7809#(<= ~compRegistered~0 0)} assume 0 == ~tmp_ndt_6~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,908 INFO L290 TraceCheckUtils]: 22: Hoare triple {7809#(<= ~compRegistered~0 0)} ~returnVal2~0 := 0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,909 INFO L290 TraceCheckUtils]: 23: Hoare triple {7809#(<= ~compRegistered~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,909 INFO L290 TraceCheckUtils]: 24: Hoare triple {7809#(<= ~compRegistered~0 0)} #res := ~returnVal2~0; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,910 INFO L290 TraceCheckUtils]: 25: Hoare triple {7809#(<= ~compRegistered~0 0)} assume true; {7809#(<= ~compRegistered~0 0)} is VALID [2022-02-21 00:02:12,910 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {7809#(<= ~compRegistered~0 0)} {7798#(= ~compRegistered~0 1)} #718#return; {7797#false} is VALID [2022-02-21 00:02:12,911 INFO L290 TraceCheckUtils]: 27: Hoare triple {7797#false} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {7797#false} is VALID [2022-02-21 00:02:12,911 INFO L290 TraceCheckUtils]: 28: Hoare triple {7797#false} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {7797#false} is VALID [2022-02-21 00:02:12,911 INFO L290 TraceCheckUtils]: 29: Hoare triple {7797#false} assume !(~s~0 == ~MPR3~0); {7797#false} is VALID [2022-02-21 00:02:12,911 INFO L290 TraceCheckUtils]: 30: Hoare triple {7797#false} assume !(1 == ~customIrp~0); {7797#false} is VALID [2022-02-21 00:02:12,912 INFO L290 TraceCheckUtils]: 31: Hoare triple {7797#false} assume ~s~0 == ~MPR3~0; {7797#false} is VALID [2022-02-21 00:02:12,912 INFO L272 TraceCheckUtils]: 32: Hoare triple {7797#false} call errorFn(); {7797#false} is VALID [2022-02-21 00:02:12,912 INFO L290 TraceCheckUtils]: 33: Hoare triple {7797#false} assume !false; {7797#false} is VALID [2022-02-21 00:02:12,912 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:12,913 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:12,913 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [848057114] [2022-02-21 00:02:12,913 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [848057114] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:12,913 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:12,913 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:12,913 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [608426781] [2022-02-21 00:02:12,913 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:12,914 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:12,914 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:12,915 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:12,937 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:12,938 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:12,938 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:12,939 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:12,939 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:12,939 INFO L87 Difference]: Start difference. First operand 301 states and 421 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:13,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:13,633 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:13,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-21 00:02:13,633 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:13,633 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:13,634 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:13,637 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 309 transitions. [2022-02-21 00:02:13,637 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:13,640 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 309 transitions. [2022-02-21 00:02:13,640 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 309 transitions. [2022-02-21 00:02:13,873 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 309 edges. 309 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:13,879 INFO L225 Difference]: With dead ends: 282 [2022-02-21 00:02:13,879 INFO L226 Difference]: Without dead ends: 282 [2022-02-21 00:02:13,879 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:13,880 INFO L933 BasicCegarLoop]: 292 mSDtfsCounter, 317 mSDsluCounter, 447 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 317 SdHoareTripleChecker+Valid, 739 SdHoareTripleChecker+Invalid, 167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:13,880 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [317 Valid, 739 Invalid, 167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:13,881 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-02-21 00:02:13,888 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 268. [2022-02-21 00:02:13,888 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:13,893 INFO L82 GeneralOperation]: Start isEquivalent. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:13,896 INFO L74 IsIncluded]: Start isIncluded. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:13,897 INFO L87 Difference]: Start difference. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:13,904 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:13,905 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:13,905 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-21 00:02:13,906 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:13,906 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:13,907 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-21 00:02:13,907 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-21 00:02:13,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:13,915 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:13,915 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-21 00:02:13,916 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:13,916 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:13,916 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:13,916 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:13,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:13,923 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 370 transitions. [2022-02-21 00:02:13,924 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 370 transitions. Word has length 34 [2022-02-21 00:02:13,924 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:13,924 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 370 transitions. [2022-02-21 00:02:13,924 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:13,924 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 370 transitions. [2022-02-21 00:02:13,925 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:13,925 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:13,926 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:13,926 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-02-21 00:02:13,926 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:13,927 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:13,927 INFO L85 PathProgramCache]: Analyzing trace with hash -2069817048, now seen corresponding path program 1 times [2022-02-21 00:02:13,927 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:13,927 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [504979637] [2022-02-21 00:02:13,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:13,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:13,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:14,000 INFO L290 TraceCheckUtils]: 0: Hoare triple {8932#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {8932#true} is VALID [2022-02-21 00:02:14,001 INFO L290 TraceCheckUtils]: 1: Hoare triple {8932#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,001 INFO L290 TraceCheckUtils]: 2: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume { :end_inline__BLAST_init } true; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,002 INFO L290 TraceCheckUtils]: 3: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,002 INFO L290 TraceCheckUtils]: 4: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,003 INFO L290 TraceCheckUtils]: 5: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,003 INFO L290 TraceCheckUtils]: 6: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume { :end_inline_stub_driver_init } true; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,003 INFO L290 TraceCheckUtils]: 7: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,004 INFO L290 TraceCheckUtils]: 8: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,004 INFO L290 TraceCheckUtils]: 9: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,005 INFO L290 TraceCheckUtils]: 10: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,005 INFO L290 TraceCheckUtils]: 11: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume 4 == main_~tmp_ndt_4~0#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,005 INFO L290 TraceCheckUtils]: 12: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;assume -2147483648 <= KbFilter_Power_#t~nondet50#1 && KbFilter_Power_#t~nondet50#1 <= 2147483647;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;assume -2147483648 <= KbFilter_Power_#t~nondet51#1 && KbFilter_Power_#t~nondet51#1 <= 2147483647;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;assume -2147483648 <= KbFilter_Power_#t~nondet52#1 && KbFilter_Power_#t~nondet52#1 <= 2147483647;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;assume -2147483648 <= KbFilter_Power_#t~nondet53#1 && KbFilter_Power_#t~nondet53#1 <= 2147483647;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;assume -2147483648 <= KbFilter_Power_#t~nondet54#1 && KbFilter_Power_#t~nondet54#1 <= 2147483647;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;assume -2147483648 <= KbFilter_Power_#t~nondet55#1 && KbFilter_Power_#t~nondet55#1 <= 2147483647;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,006 INFO L290 TraceCheckUtils]: 13: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume 2 == KbFilter_Power_~irpStack__MinorFunction~1#1; {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,006 INFO L290 TraceCheckUtils]: 14: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {8934#(not (= ~SKIP1~0 ~NP~0))} is VALID [2022-02-21 00:02:14,007 INFO L290 TraceCheckUtils]: 15: Hoare triple {8934#(not (= ~SKIP1~0 ~NP~0))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,007 INFO L290 TraceCheckUtils]: 16: Hoare triple {8935#(not (= ~s~0 ~NP~0))} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := 1 + KbFilter_Power_#t~post56#1;havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := 1 + KbFilter_Power_#t~post57#1;havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;assume -2147483648 <= PoCallDriver_#t~nondet59#1 && PoCallDriver_#t~nondet59#1 <= 2147483647;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,008 INFO L290 TraceCheckUtils]: 17: Hoare triple {8935#(not (= ~s~0 ~NP~0))} assume !(0 != ~compRegistered~0); {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,008 INFO L290 TraceCheckUtils]: 18: Hoare triple {8935#(not (= ~s~0 ~NP~0))} havoc PoCallDriver_~tmp_ndt_9~0#1;assume -2147483648 <= PoCallDriver_#t~nondet61#1 && PoCallDriver_#t~nondet61#1 <= 2147483647;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,009 INFO L290 TraceCheckUtils]: 19: Hoare triple {8935#(not (= ~s~0 ~NP~0))} assume 0 == PoCallDriver_~tmp_ndt_9~0#1; {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,009 INFO L290 TraceCheckUtils]: 20: Hoare triple {8935#(not (= ~s~0 ~NP~0))} PoCallDriver_~returnVal~0#1 := 0; {8935#(not (= ~s~0 ~NP~0))} is VALID [2022-02-21 00:02:14,010 INFO L290 TraceCheckUtils]: 21: Hoare triple {8935#(not (= ~s~0 ~NP~0))} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {8933#false} is VALID [2022-02-21 00:02:14,010 INFO L290 TraceCheckUtils]: 22: Hoare triple {8933#false} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {8933#false} is VALID [2022-02-21 00:02:14,011 INFO L290 TraceCheckUtils]: 23: Hoare triple {8933#false} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;assume -2147483648 <= KbFilter_Power_#t~ret58#1 && KbFilter_Power_#t~ret58#1 <= 2147483647;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {8933#false} is VALID [2022-02-21 00:02:14,011 INFO L290 TraceCheckUtils]: 24: Hoare triple {8933#false} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;assume -2147483648 <= main_#t~ret32#1 && main_#t~ret32#1 <= 2147483647;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {8933#false} is VALID [2022-02-21 00:02:14,011 INFO L290 TraceCheckUtils]: 25: Hoare triple {8933#false} assume !(1 == ~pended~0); {8933#false} is VALID [2022-02-21 00:02:14,011 INFO L290 TraceCheckUtils]: 26: Hoare triple {8933#false} assume !(1 == ~pended~0); {8933#false} is VALID [2022-02-21 00:02:14,011 INFO L290 TraceCheckUtils]: 27: Hoare triple {8933#false} assume ~s~0 != ~UNLOADED~0; {8933#false} is VALID [2022-02-21 00:02:14,012 INFO L290 TraceCheckUtils]: 28: Hoare triple {8933#false} assume -1 != main_~status~1#1; {8933#false} is VALID [2022-02-21 00:02:14,017 INFO L290 TraceCheckUtils]: 29: Hoare triple {8933#false} assume !(~s~0 != ~SKIP2~0); {8933#false} is VALID [2022-02-21 00:02:14,017 INFO L290 TraceCheckUtils]: 30: Hoare triple {8933#false} assume 1 == ~pended~0; {8933#false} is VALID [2022-02-21 00:02:14,018 INFO L290 TraceCheckUtils]: 31: Hoare triple {8933#false} assume 259 != main_~status~1#1; {8933#false} is VALID [2022-02-21 00:02:14,019 INFO L272 TraceCheckUtils]: 32: Hoare triple {8933#false} call errorFn(); {8933#false} is VALID [2022-02-21 00:02:14,021 INFO L290 TraceCheckUtils]: 33: Hoare triple {8933#false} assume !false; {8933#false} is VALID [2022-02-21 00:02:14,022 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:14,022 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:14,022 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [504979637] [2022-02-21 00:02:14,022 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [504979637] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:14,022 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:14,023 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:14,023 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [563665630] [2022-02-21 00:02:14,023 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:14,024 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-21 00:02:14,025 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:14,025 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:14,048 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:14,048 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:14,048 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:14,049 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:14,049 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:14,049 INFO L87 Difference]: Start difference. First operand 268 states and 370 transitions. Second operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:14,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:14,459 INFO L93 Difference]: Finished difference Result 290 states and 394 transitions. [2022-02-21 00:02:14,459 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:14,459 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-21 00:02:14,459 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:14,459 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:14,469 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 299 transitions. [2022-02-21 00:02:14,469 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:14,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 299 transitions. [2022-02-21 00:02:14,472 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 299 transitions. [2022-02-21 00:02:14,705 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 299 edges. 299 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:14,711 INFO L225 Difference]: With dead ends: 290 [2022-02-21 00:02:14,711 INFO L226 Difference]: Without dead ends: 290 [2022-02-21 00:02:14,711 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:14,712 INFO L933 BasicCegarLoop]: 250 mSDtfsCounter, 296 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 91 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 296 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 118 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 91 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:14,712 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [296 Valid, 430 Invalid, 118 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 91 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:14,713 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 290 states. [2022-02-21 00:02:14,717 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 290 to 268. [2022-02-21 00:02:14,718 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:14,718 INFO L82 GeneralOperation]: Start isEquivalent. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:14,719 INFO L74 IsIncluded]: Start isIncluded. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:14,719 INFO L87 Difference]: Start difference. First operand 290 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:14,726 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:14,726 INFO L93 Difference]: Finished difference Result 290 states and 394 transitions. [2022-02-21 00:02:14,727 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 394 transitions. [2022-02-21 00:02:14,727 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:14,728 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:14,728 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 290 states. [2022-02-21 00:02:14,729 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 290 states. [2022-02-21 00:02:14,737 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:14,737 INFO L93 Difference]: Finished difference Result 290 states and 394 transitions. [2022-02-21 00:02:14,737 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 394 transitions. [2022-02-21 00:02:14,738 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:14,739 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:14,739 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:14,739 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:14,740 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:14,745 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 368 transitions. [2022-02-21 00:02:14,746 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 368 transitions. Word has length 34 [2022-02-21 00:02:14,746 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:14,746 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 368 transitions. [2022-02-21 00:02:14,746 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:14,747 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-21 00:02:14,747 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-21 00:02:14,748 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:14,748 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:14,748 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-02-21 00:02:14,748 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:14,749 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:14,749 INFO L85 PathProgramCache]: Analyzing trace with hash -382146908, now seen corresponding path program 1 times [2022-02-21 00:02:14,749 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:14,749 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1064436162] [2022-02-21 00:02:14,749 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:14,750 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:14,776 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:14,794 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:14,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:14,799 INFO L290 TraceCheckUtils]: 0: Hoare triple {10085#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {10078#true} is VALID [2022-02-21 00:02:14,799 INFO L290 TraceCheckUtils]: 1: Hoare triple {10078#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {10078#true} is VALID [2022-02-21 00:02:14,799 INFO L290 TraceCheckUtils]: 2: Hoare triple {10078#true} assume true; {10078#true} is VALID [2022-02-21 00:02:14,800 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {10078#true} {10078#true} #744#return; {10078#true} is VALID [2022-02-21 00:02:14,800 INFO L290 TraceCheckUtils]: 0: Hoare triple {10078#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {10078#true} is VALID [2022-02-21 00:02:14,800 INFO L290 TraceCheckUtils]: 1: Hoare triple {10078#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {10078#true} is VALID [2022-02-21 00:02:14,800 INFO L290 TraceCheckUtils]: 2: Hoare triple {10078#true} assume { :end_inline__BLAST_init } true; {10078#true} is VALID [2022-02-21 00:02:14,800 INFO L290 TraceCheckUtils]: 3: Hoare triple {10078#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {10078#true} is VALID [2022-02-21 00:02:14,801 INFO L290 TraceCheckUtils]: 4: Hoare triple {10078#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {10078#true} is VALID [2022-02-21 00:02:14,801 INFO L290 TraceCheckUtils]: 5: Hoare triple {10078#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {10078#true} is VALID [2022-02-21 00:02:14,801 INFO L290 TraceCheckUtils]: 6: Hoare triple {10078#true} assume { :end_inline_stub_driver_init } true; {10078#true} is VALID [2022-02-21 00:02:14,801 INFO L290 TraceCheckUtils]: 7: Hoare triple {10078#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {10078#true} is VALID [2022-02-21 00:02:14,801 INFO L290 TraceCheckUtils]: 8: Hoare triple {10078#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {10078#true} is VALID [2022-02-21 00:02:14,802 INFO L290 TraceCheckUtils]: 9: Hoare triple {10078#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {10078#true} is VALID [2022-02-21 00:02:14,802 INFO L290 TraceCheckUtils]: 10: Hoare triple {10078#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {10078#true} is VALID [2022-02-21 00:02:14,802 INFO L290 TraceCheckUtils]: 11: Hoare triple {10078#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {10078#true} is VALID [2022-02-21 00:02:14,802 INFO L290 TraceCheckUtils]: 12: Hoare triple {10078#true} assume 8 == main_~tmp_ndt_5~0#1; {10078#true} is VALID [2022-02-21 00:02:14,802 INFO L290 TraceCheckUtils]: 13: Hoare triple {10078#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {10078#true} is VALID [2022-02-21 00:02:14,803 INFO L290 TraceCheckUtils]: 14: Hoare triple {10078#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {10078#true} is VALID [2022-02-21 00:02:14,803 INFO L290 TraceCheckUtils]: 15: Hoare triple {10078#true} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {10078#true} is VALID [2022-02-21 00:02:14,803 INFO L290 TraceCheckUtils]: 16: Hoare triple {10078#true} assume KbFilter_InternIoCtl_~status~3#1 < 0;KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {10078#true} is VALID [2022-02-21 00:02:14,804 INFO L272 TraceCheckUtils]: 17: Hoare triple {10078#true} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0); {10085#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:14,804 INFO L290 TraceCheckUtils]: 18: Hoare triple {10085#(= ~s~0 |old(~s~0)|)} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {10078#true} is VALID [2022-02-21 00:02:14,804 INFO L290 TraceCheckUtils]: 19: Hoare triple {10078#true} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {10078#true} is VALID [2022-02-21 00:02:14,804 INFO L290 TraceCheckUtils]: 20: Hoare triple {10078#true} assume true; {10078#true} is VALID [2022-02-21 00:02:14,805 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {10078#true} {10078#true} #744#return; {10078#true} is VALID [2022-02-21 00:02:14,805 INFO L290 TraceCheckUtils]: 22: Hoare triple {10078#true} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {10078#true} is VALID [2022-02-21 00:02:14,805 INFO L290 TraceCheckUtils]: 23: Hoare triple {10078#true} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {10078#true} is VALID [2022-02-21 00:02:14,805 INFO L290 TraceCheckUtils]: 24: Hoare triple {10078#true} assume !(1 == ~pended~0); {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,806 INFO L290 TraceCheckUtils]: 25: Hoare triple {10084#(not (= ~pended~0 1))} assume !(1 == ~pended~0); {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,806 INFO L290 TraceCheckUtils]: 26: Hoare triple {10084#(not (= ~pended~0 1))} assume ~s~0 != ~UNLOADED~0; {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,806 INFO L290 TraceCheckUtils]: 27: Hoare triple {10084#(not (= ~pended~0 1))} assume -1 != main_~status~1#1; {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,807 INFO L290 TraceCheckUtils]: 28: Hoare triple {10084#(not (= ~pended~0 1))} assume ~s~0 != ~SKIP2~0; {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,807 INFO L290 TraceCheckUtils]: 29: Hoare triple {10084#(not (= ~pended~0 1))} assume ~s~0 != ~IPC~0; {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,808 INFO L290 TraceCheckUtils]: 30: Hoare triple {10084#(not (= ~pended~0 1))} assume ~s~0 == ~DC~0; {10084#(not (= ~pended~0 1))} is VALID [2022-02-21 00:02:14,808 INFO L290 TraceCheckUtils]: 31: Hoare triple {10084#(not (= ~pended~0 1))} assume 1 == ~pended~0; {10079#false} is VALID [2022-02-21 00:02:14,808 INFO L290 TraceCheckUtils]: 32: Hoare triple {10079#false} assume 259 != main_~status~1#1; {10079#false} is VALID [2022-02-21 00:02:14,808 INFO L272 TraceCheckUtils]: 33: Hoare triple {10079#false} call errorFn(); {10079#false} is VALID [2022-02-21 00:02:14,808 INFO L290 TraceCheckUtils]: 34: Hoare triple {10079#false} assume !false; {10079#false} is VALID [2022-02-21 00:02:14,809 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:14,809 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:14,809 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1064436162] [2022-02-21 00:02:14,809 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1064436162] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:14,809 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:14,810 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:14,810 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1252606885] [2022-02-21 00:02:14,810 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:14,810 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-21 00:02:14,811 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:14,811 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:14,836 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:14,836 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:14,837 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:14,837 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:14,837 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:14,837 INFO L87 Difference]: Start difference. First operand 268 states and 368 transitions. Second operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:15,233 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:15,234 INFO L93 Difference]: Finished difference Result 262 states and 356 transitions. [2022-02-21 00:02:15,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:15,235 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-21 00:02:15,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:15,235 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:15,237 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 280 transitions. [2022-02-21 00:02:15,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:15,241 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 280 transitions. [2022-02-21 00:02:15,241 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 280 transitions. [2022-02-21 00:02:15,460 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 280 edges. 280 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:15,465 INFO L225 Difference]: With dead ends: 262 [2022-02-21 00:02:15,465 INFO L226 Difference]: Without dead ends: 232 [2022-02-21 00:02:15,465 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:15,466 INFO L933 BasicCegarLoop]: 247 mSDtfsCounter, 289 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 59 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 289 SdHoareTripleChecker+Valid, 425 SdHoareTripleChecker+Invalid, 92 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 59 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:15,466 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [289 Valid, 425 Invalid, 92 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 59 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:15,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2022-02-21 00:02:15,475 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 210. [2022-02-21 00:02:15,475 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:15,476 INFO L82 GeneralOperation]: Start isEquivalent. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:15,477 INFO L74 IsIncluded]: Start isIncluded. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:15,477 INFO L87 Difference]: Start difference. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:15,483 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:15,483 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-21 00:02:15,484 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-21 00:02:15,508 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:15,510 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:15,510 INFO L74 IsIncluded]: Start isIncluded. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-21 00:02:15,511 INFO L87 Difference]: Start difference. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-21 00:02:15,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:15,517 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-21 00:02:15,517 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-21 00:02:15,518 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:15,518 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:15,518 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:15,518 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:15,519 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:15,525 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 287 transitions. [2022-02-21 00:02:15,525 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 287 transitions. Word has length 35 [2022-02-21 00:02:15,525 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:15,525 INFO L470 AbstractCegarLoop]: Abstraction has 210 states and 287 transitions. [2022-02-21 00:02:15,526 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:15,526 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 287 transitions. [2022-02-21 00:02:15,527 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-21 00:02:15,527 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:15,527 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:15,527 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-02-21 00:02:15,528 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:15,528 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:15,528 INFO L85 PathProgramCache]: Analyzing trace with hash 758626562, now seen corresponding path program 1 times [2022-02-21 00:02:15,528 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:15,529 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2063820406] [2022-02-21 00:02:15,529 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:15,529 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:15,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:15,584 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-02-21 00:02:15,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:15,590 INFO L290 TraceCheckUtils]: 0: Hoare triple {11037#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {11027#true} is VALID [2022-02-21 00:02:15,590 INFO L290 TraceCheckUtils]: 1: Hoare triple {11027#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {11027#true} is VALID [2022-02-21 00:02:15,591 INFO L290 TraceCheckUtils]: 2: Hoare triple {11027#true} assume true; {11027#true} is VALID [2022-02-21 00:02:15,591 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {11027#true} {11027#true} #756#return; {11027#true} is VALID [2022-02-21 00:02:15,594 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-02-21 00:02:15,596 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:15,601 INFO L290 TraceCheckUtils]: 0: Hoare triple {11038#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,601 INFO L290 TraceCheckUtils]: 1: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume true; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,602 INFO L284 TraceCheckUtils]: 2: Hoare quadruple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} {11027#true} #758#return; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,602 INFO L290 TraceCheckUtils]: 0: Hoare triple {11027#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {11027#true} is VALID [2022-02-21 00:02:15,602 INFO L290 TraceCheckUtils]: 1: Hoare triple {11027#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11027#true} is VALID [2022-02-21 00:02:15,602 INFO L290 TraceCheckUtils]: 2: Hoare triple {11027#true} assume { :end_inline__BLAST_init } true; {11027#true} is VALID [2022-02-21 00:02:15,602 INFO L290 TraceCheckUtils]: 3: Hoare triple {11027#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 4: Hoare triple {11027#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 5: Hoare triple {11027#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 6: Hoare triple {11027#true} assume { :end_inline_stub_driver_init } true; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 7: Hoare triple {11027#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 8: Hoare triple {11027#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {11027#true} is VALID [2022-02-21 00:02:15,603 INFO L290 TraceCheckUtils]: 9: Hoare triple {11027#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 10: Hoare triple {11027#true} assume 3 == main_~tmp_ndt_3~0#1; {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 11: Hoare triple {11027#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 12: Hoare triple {11027#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 13: Hoare triple {11027#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 14: Hoare triple {11027#true} assume !(~s~0 != ~NP~0); {11027#true} is VALID [2022-02-21 00:02:15,604 INFO L290 TraceCheckUtils]: 15: Hoare triple {11027#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {11027#true} is VALID [2022-02-21 00:02:15,605 INFO L290 TraceCheckUtils]: 16: Hoare triple {11027#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {11027#true} is VALID [2022-02-21 00:02:15,605 INFO L272 TraceCheckUtils]: 17: Hoare triple {11027#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {11027#true} is VALID [2022-02-21 00:02:15,605 INFO L290 TraceCheckUtils]: 18: Hoare triple {11027#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {11027#true} is VALID [2022-02-21 00:02:15,605 INFO L290 TraceCheckUtils]: 19: Hoare triple {11027#true} assume 0 != ~compRegistered~0; {11027#true} is VALID [2022-02-21 00:02:15,606 INFO L272 TraceCheckUtils]: 20: Hoare triple {11027#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {11037#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:15,606 INFO L290 TraceCheckUtils]: 21: Hoare triple {11037#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {11027#true} is VALID [2022-02-21 00:02:15,606 INFO L290 TraceCheckUtils]: 22: Hoare triple {11027#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {11027#true} is VALID [2022-02-21 00:02:15,606 INFO L290 TraceCheckUtils]: 23: Hoare triple {11027#true} assume true; {11027#true} is VALID [2022-02-21 00:02:15,607 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {11027#true} {11027#true} #756#return; {11027#true} is VALID [2022-02-21 00:02:15,607 INFO L290 TraceCheckUtils]: 25: Hoare triple {11027#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {11027#true} is VALID [2022-02-21 00:02:15,607 INFO L290 TraceCheckUtils]: 26: Hoare triple {11027#true} assume -1073741802 == ~__cil_tmp7~0; {11027#true} is VALID [2022-02-21 00:02:15,607 INFO L272 TraceCheckUtils]: 27: Hoare triple {11027#true} call stubMoreProcessingRequired(); {11038#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:15,608 INFO L290 TraceCheckUtils]: 28: Hoare triple {11038#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,608 INFO L290 TraceCheckUtils]: 29: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume true; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,609 INFO L284 TraceCheckUtils]: 30: Hoare quadruple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} {11027#true} #758#return; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,609 INFO L290 TraceCheckUtils]: 31: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,610 INFO L290 TraceCheckUtils]: 32: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume 0 == ~tmp_ndt_6~0; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,610 INFO L290 TraceCheckUtils]: 33: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} ~returnVal2~0 := 0; {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,610 INFO L290 TraceCheckUtils]: 34: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume !(~s~0 == ~NP~0); {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} is VALID [2022-02-21 00:02:15,611 INFO L290 TraceCheckUtils]: 35: Hoare triple {11036#(= (+ ~MPR1~0 (* (- 1) ~s~0)) 0)} assume !(~s~0 == ~MPR1~0); {11028#false} is VALID [2022-02-21 00:02:15,611 INFO L290 TraceCheckUtils]: 36: Hoare triple {11028#false} assume !(~s~0 == ~SKIP1~0); {11028#false} is VALID [2022-02-21 00:02:15,611 INFO L272 TraceCheckUtils]: 37: Hoare triple {11028#false} call errorFn(); {11028#false} is VALID [2022-02-21 00:02:15,611 INFO L290 TraceCheckUtils]: 38: Hoare triple {11028#false} assume !false; {11028#false} is VALID [2022-02-21 00:02:15,612 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:15,612 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:15,612 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2063820406] [2022-02-21 00:02:15,612 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2063820406] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:15,612 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:15,613 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:15,613 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1466563688] [2022-02-21 00:02:15,613 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:15,613 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-21 00:02:15,614 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:15,614 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:15,642 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:15,643 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:15,643 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:15,643 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:15,644 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:15,644 INFO L87 Difference]: Start difference. First operand 210 states and 287 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:16,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:16,238 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:16,238 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-21 00:02:16,238 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-21 00:02:16,239 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:16,239 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:16,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 273 transitions. [2022-02-21 00:02:16,243 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:16,246 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 273 transitions. [2022-02-21 00:02:16,246 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 273 transitions. [2022-02-21 00:02:16,449 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 273 edges. 273 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:16,453 INFO L225 Difference]: With dead ends: 208 [2022-02-21 00:02:16,453 INFO L226 Difference]: Without dead ends: 208 [2022-02-21 00:02:16,453 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-21 00:02:16,454 INFO L933 BasicCegarLoop]: 246 mSDtfsCounter, 84 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 816 SdHoareTripleChecker+Invalid, 151 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:16,454 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [84 Valid, 816 Invalid, 151 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:16,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-21 00:02:16,458 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 208. [2022-02-21 00:02:16,458 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:16,459 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:16,460 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:16,461 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:16,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:16,467 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:16,467 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:16,468 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:16,468 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:16,469 INFO L74 IsIncluded]: Start isIncluded. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-21 00:02:16,469 INFO L87 Difference]: Start difference. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-21 00:02:16,475 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:16,475 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:16,475 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:16,476 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:16,476 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:16,476 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:16,476 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:16,477 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:16,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 283 transitions. [2022-02-21 00:02:16,483 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 283 transitions. Word has length 39 [2022-02-21 00:02:16,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:16,483 INFO L470 AbstractCegarLoop]: Abstraction has 208 states and 283 transitions. [2022-02-21 00:02:16,483 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:16,483 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:16,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-21 00:02:16,485 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:16,485 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:16,485 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-02-21 00:02:16,485 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:16,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:16,486 INFO L85 PathProgramCache]: Analyzing trace with hash 143802726, now seen corresponding path program 1 times [2022-02-21 00:02:16,486 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:16,486 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1593953217] [2022-02-21 00:02:16,486 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:16,486 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:16,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:16,555 INFO L290 TraceCheckUtils]: 0: Hoare triple {11880#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {11880#true} is VALID [2022-02-21 00:02:16,555 INFO L290 TraceCheckUtils]: 1: Hoare triple {11880#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11880#true} is VALID [2022-02-21 00:02:16,556 INFO L290 TraceCheckUtils]: 2: Hoare triple {11880#true} assume { :end_inline__BLAST_init } true; {11880#true} is VALID [2022-02-21 00:02:16,556 INFO L290 TraceCheckUtils]: 3: Hoare triple {11880#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {11880#true} is VALID [2022-02-21 00:02:16,556 INFO L290 TraceCheckUtils]: 4: Hoare triple {11880#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {11880#true} is VALID [2022-02-21 00:02:16,556 INFO L290 TraceCheckUtils]: 5: Hoare triple {11880#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {11880#true} is VALID [2022-02-21 00:02:16,556 INFO L290 TraceCheckUtils]: 6: Hoare triple {11880#true} assume { :end_inline_stub_driver_init } true; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 7: Hoare triple {11880#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 8: Hoare triple {11880#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 9: Hoare triple {11880#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 10: Hoare triple {11880#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 11: Hoare triple {11880#true} assume 4 == main_~tmp_ndt_4~0#1; {11880#true} is VALID [2022-02-21 00:02:16,557 INFO L290 TraceCheckUtils]: 12: Hoare triple {11880#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;assume -2147483648 <= KbFilter_Power_#t~nondet50#1 && KbFilter_Power_#t~nondet50#1 <= 2147483647;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;assume -2147483648 <= KbFilter_Power_#t~nondet51#1 && KbFilter_Power_#t~nondet51#1 <= 2147483647;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;assume -2147483648 <= KbFilter_Power_#t~nondet52#1 && KbFilter_Power_#t~nondet52#1 <= 2147483647;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;assume -2147483648 <= KbFilter_Power_#t~nondet53#1 && KbFilter_Power_#t~nondet53#1 <= 2147483647;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;assume -2147483648 <= KbFilter_Power_#t~nondet54#1 && KbFilter_Power_#t~nondet54#1 <= 2147483647;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;assume -2147483648 <= KbFilter_Power_#t~nondet55#1 && KbFilter_Power_#t~nondet55#1 <= 2147483647;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 13: Hoare triple {11880#true} assume 2 == KbFilter_Power_~irpStack__MinorFunction~1#1; {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 14: Hoare triple {11880#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 15: Hoare triple {11880#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 16: Hoare triple {11880#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := 1 + KbFilter_Power_#t~post56#1;havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := 1 + KbFilter_Power_#t~post57#1;havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;assume -2147483648 <= PoCallDriver_#t~nondet59#1 && PoCallDriver_#t~nondet59#1 <= 2147483647;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 17: Hoare triple {11880#true} assume !(0 != ~compRegistered~0); {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 18: Hoare triple {11880#true} havoc PoCallDriver_~tmp_ndt_9~0#1;assume -2147483648 <= PoCallDriver_#t~nondet61#1 && PoCallDriver_#t~nondet61#1 <= 2147483647;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {11880#true} is VALID [2022-02-21 00:02:16,558 INFO L290 TraceCheckUtils]: 19: Hoare triple {11880#true} assume 0 == PoCallDriver_~tmp_ndt_9~0#1; {11880#true} is VALID [2022-02-21 00:02:16,559 INFO L290 TraceCheckUtils]: 20: Hoare triple {11880#true} PoCallDriver_~returnVal~0#1 := 0; {11880#true} is VALID [2022-02-21 00:02:16,559 INFO L290 TraceCheckUtils]: 21: Hoare triple {11880#true} assume !(~s~0 == ~NP~0); {11880#true} is VALID [2022-02-21 00:02:16,559 INFO L290 TraceCheckUtils]: 22: Hoare triple {11880#true} assume !(~s~0 == ~MPR1~0); {11880#true} is VALID [2022-02-21 00:02:16,560 INFO L290 TraceCheckUtils]: 23: Hoare triple {11880#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {11882#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-21 00:02:16,560 INFO L290 TraceCheckUtils]: 24: Hoare triple {11882#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {11883#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_#res#1|)} is VALID [2022-02-21 00:02:16,560 INFO L290 TraceCheckUtils]: 25: Hoare triple {11883#(= ~lowerDriverReturn~0 |ULTIMATE.start_PoCallDriver_#res#1|)} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;assume -2147483648 <= KbFilter_Power_#t~ret58#1 && KbFilter_Power_#t~ret58#1 <= 2147483647;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {11884#(= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,561 INFO L290 TraceCheckUtils]: 26: Hoare triple {11884#(= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0)} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;assume -2147483648 <= main_#t~ret32#1 && main_#t~ret32#1 <= 2147483647;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,561 INFO L290 TraceCheckUtils]: 27: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,562 INFO L290 TraceCheckUtils]: 28: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,562 INFO L290 TraceCheckUtils]: 29: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,562 INFO L290 TraceCheckUtils]: 30: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,563 INFO L290 TraceCheckUtils]: 31: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,563 INFO L290 TraceCheckUtils]: 32: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,564 INFO L290 TraceCheckUtils]: 33: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:16,564 INFO L290 TraceCheckUtils]: 34: Hoare triple {11885#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {11881#false} is VALID [2022-02-21 00:02:16,564 INFO L272 TraceCheckUtils]: 35: Hoare triple {11881#false} call errorFn(); {11881#false} is VALID [2022-02-21 00:02:16,564 INFO L290 TraceCheckUtils]: 36: Hoare triple {11881#false} assume !false; {11881#false} is VALID [2022-02-21 00:02:16,587 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:16,588 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:16,588 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1593953217] [2022-02-21 00:02:16,588 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1593953217] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:16,588 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:16,588 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-21 00:02:16,588 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [678467659] [2022-02-21 00:02:16,589 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:16,589 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-21 00:02:16,589 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:16,590 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:16,613 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:16,614 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-21 00:02:16,614 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:16,614 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-21 00:02:16,614 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-21 00:02:16,615 INFO L87 Difference]: Start difference. First operand 208 states and 283 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:17,194 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:17,201 INFO L93 Difference]: Finished difference Result 217 states and 292 transitions. [2022-02-21 00:02:17,201 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:17,201 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-21 00:02:17,201 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:17,202 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:17,205 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 259 transitions. [2022-02-21 00:02:17,211 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:17,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 259 transitions. [2022-02-21 00:02:17,215 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 259 transitions. [2022-02-21 00:02:17,403 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 259 edges. 259 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:17,406 INFO L225 Difference]: With dead ends: 217 [2022-02-21 00:02:17,406 INFO L226 Difference]: Without dead ends: 186 [2022-02-21 00:02:17,406 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-21 00:02:17,407 INFO L933 BasicCegarLoop]: 244 mSDtfsCounter, 36 mSDsluCounter, 922 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 1166 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:17,407 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [36 Valid, 1166 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:17,408 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2022-02-21 00:02:17,410 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 186. [2022-02-21 00:02:17,411 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:17,412 INFO L82 GeneralOperation]: Start isEquivalent. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:17,412 INFO L74 IsIncluded]: Start isIncluded. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:17,412 INFO L87 Difference]: Start difference. First operand 186 states. Second operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:17,417 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:17,418 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-21 00:02:17,418 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-21 00:02:17,418 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:17,419 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:17,419 INFO L74 IsIncluded]: Start isIncluded. First operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-21 00:02:17,419 INFO L87 Difference]: Start difference. First operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-21 00:02:17,424 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:17,424 INFO L93 Difference]: Finished difference Result 186 states and 251 transitions. [2022-02-21 00:02:17,424 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-21 00:02:17,425 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:17,425 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:17,425 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:17,425 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:17,426 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 186 states, 163 states have (on average 1.3742331288343559) internal successors, (224), 165 states have internal predecessors, (224), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:17,430 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 186 states to 186 states and 251 transitions. [2022-02-21 00:02:17,430 INFO L78 Accepts]: Start accepts. Automaton has 186 states and 251 transitions. Word has length 37 [2022-02-21 00:02:17,430 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:17,430 INFO L470 AbstractCegarLoop]: Abstraction has 186 states and 251 transitions. [2022-02-21 00:02:17,431 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:17,431 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 251 transitions. [2022-02-21 00:02:17,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-02-21 00:02:17,432 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:17,432 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:17,432 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2022-02-21 00:02:17,432 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:17,433 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:17,433 INFO L85 PathProgramCache]: Analyzing trace with hash -233541237, now seen corresponding path program 1 times [2022-02-21 00:02:17,433 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:17,433 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1374303544] [2022-02-21 00:02:17,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:17,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:17,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:17,486 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:17,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:17,552 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-21 00:02:17,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:17,558 INFO L290 TraceCheckUtils]: 0: Hoare triple {12696#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {12669#true} is VALID [2022-02-21 00:02:17,558 INFO L290 TraceCheckUtils]: 1: Hoare triple {12669#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {12669#true} is VALID [2022-02-21 00:02:17,558 INFO L290 TraceCheckUtils]: 2: Hoare triple {12669#true} assume true; {12669#true} is VALID [2022-02-21 00:02:17,558 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {12669#true} {12669#true} #756#return; {12669#true} is VALID [2022-02-21 00:02:17,559 INFO L290 TraceCheckUtils]: 0: Hoare triple {12689#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {12669#true} is VALID [2022-02-21 00:02:17,559 INFO L290 TraceCheckUtils]: 1: Hoare triple {12669#true} assume 0 != ~compRegistered~0; {12669#true} is VALID [2022-02-21 00:02:17,562 INFO L272 TraceCheckUtils]: 2: Hoare triple {12669#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {12696#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:17,562 INFO L290 TraceCheckUtils]: 3: Hoare triple {12696#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {12669#true} is VALID [2022-02-21 00:02:17,562 INFO L290 TraceCheckUtils]: 4: Hoare triple {12669#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {12669#true} is VALID [2022-02-21 00:02:17,562 INFO L290 TraceCheckUtils]: 5: Hoare triple {12669#true} assume true; {12669#true} is VALID [2022-02-21 00:02:17,563 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12669#true} {12669#true} #756#return; {12669#true} is VALID [2022-02-21 00:02:17,563 INFO L290 TraceCheckUtils]: 7: Hoare triple {12669#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {12669#true} is VALID [2022-02-21 00:02:17,563 INFO L290 TraceCheckUtils]: 8: Hoare triple {12669#true} assume !(-1073741802 == ~__cil_tmp7~0); {12669#true} is VALID [2022-02-21 00:02:17,563 INFO L290 TraceCheckUtils]: 9: Hoare triple {12669#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {12669#true} is VALID [2022-02-21 00:02:17,563 INFO L290 TraceCheckUtils]: 10: Hoare triple {12669#true} assume 0 == ~tmp_ndt_6~0; {12669#true} is VALID [2022-02-21 00:02:17,564 INFO L290 TraceCheckUtils]: 11: Hoare triple {12669#true} ~returnVal2~0 := 0; {12694#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:17,564 INFO L290 TraceCheckUtils]: 12: Hoare triple {12694#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {12694#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:17,565 INFO L290 TraceCheckUtils]: 13: Hoare triple {12694#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {12695#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:17,565 INFO L290 TraceCheckUtils]: 14: Hoare triple {12695#(= |IofCallDriver_#res| 0)} assume true; {12695#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:17,567 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {12695#(= |IofCallDriver_#res| 0)} {12669#true} #718#return; {12687#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 0: Hoare triple {12669#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {12669#true} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 1: Hoare triple {12669#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {12669#true} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 2: Hoare triple {12669#true} assume { :end_inline__BLAST_init } true; {12669#true} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 3: Hoare triple {12669#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {12669#true} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 4: Hoare triple {12669#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {12669#true} is VALID [2022-02-21 00:02:17,568 INFO L290 TraceCheckUtils]: 5: Hoare triple {12669#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 6: Hoare triple {12669#true} assume { :end_inline_stub_driver_init } true; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 7: Hoare triple {12669#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 8: Hoare triple {12669#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 9: Hoare triple {12669#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 10: Hoare triple {12669#true} assume 3 == main_~tmp_ndt_3~0#1; {12669#true} is VALID [2022-02-21 00:02:17,569 INFO L290 TraceCheckUtils]: 11: Hoare triple {12669#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {12669#true} is VALID [2022-02-21 00:02:17,570 INFO L290 TraceCheckUtils]: 12: Hoare triple {12669#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {12669#true} is VALID [2022-02-21 00:02:17,570 INFO L290 TraceCheckUtils]: 13: Hoare triple {12669#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {12669#true} is VALID [2022-02-21 00:02:17,570 INFO L290 TraceCheckUtils]: 14: Hoare triple {12669#true} assume !(~s~0 != ~NP~0); {12669#true} is VALID [2022-02-21 00:02:17,570 INFO L290 TraceCheckUtils]: 15: Hoare triple {12669#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {12669#true} is VALID [2022-02-21 00:02:17,570 INFO L290 TraceCheckUtils]: 16: Hoare triple {12669#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {12669#true} is VALID [2022-02-21 00:02:17,571 INFO L272 TraceCheckUtils]: 17: Hoare triple {12669#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {12689#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:17,571 INFO L290 TraceCheckUtils]: 18: Hoare triple {12689#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {12669#true} is VALID [2022-02-21 00:02:17,571 INFO L290 TraceCheckUtils]: 19: Hoare triple {12669#true} assume 0 != ~compRegistered~0; {12669#true} is VALID [2022-02-21 00:02:17,572 INFO L272 TraceCheckUtils]: 20: Hoare triple {12669#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {12696#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:17,572 INFO L290 TraceCheckUtils]: 21: Hoare triple {12696#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {12669#true} is VALID [2022-02-21 00:02:17,572 INFO L290 TraceCheckUtils]: 22: Hoare triple {12669#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L290 TraceCheckUtils]: 23: Hoare triple {12669#true} assume true; {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {12669#true} {12669#true} #756#return; {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L290 TraceCheckUtils]: 25: Hoare triple {12669#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L290 TraceCheckUtils]: 26: Hoare triple {12669#true} assume !(-1073741802 == ~__cil_tmp7~0); {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L290 TraceCheckUtils]: 27: Hoare triple {12669#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {12669#true} is VALID [2022-02-21 00:02:17,573 INFO L290 TraceCheckUtils]: 28: Hoare triple {12669#true} assume 0 == ~tmp_ndt_6~0; {12669#true} is VALID [2022-02-21 00:02:17,574 INFO L290 TraceCheckUtils]: 29: Hoare triple {12669#true} ~returnVal2~0 := 0; {12694#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:17,575 INFO L290 TraceCheckUtils]: 30: Hoare triple {12694#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {12694#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:17,575 INFO L290 TraceCheckUtils]: 31: Hoare triple {12694#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {12695#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:17,575 INFO L290 TraceCheckUtils]: 32: Hoare triple {12695#(= |IofCallDriver_#res| 0)} assume true; {12695#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:17,576 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {12695#(= |IofCallDriver_#res| 0)} {12669#true} #718#return; {12687#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-21 00:02:17,577 INFO L290 TraceCheckUtils]: 34: Hoare triple {12687#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {12688#(= |ULTIMATE.start_KbFilter_PnP_~__cil_tmp23~0#1| 0)} is VALID [2022-02-21 00:02:17,577 INFO L290 TraceCheckUtils]: 35: Hoare triple {12688#(= |ULTIMATE.start_KbFilter_PnP_~__cil_tmp23~0#1| 0)} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {12670#false} is VALID [2022-02-21 00:02:17,577 INFO L290 TraceCheckUtils]: 36: Hoare triple {12670#false} assume !(~s~0 == ~MPR3~0); {12670#false} is VALID [2022-02-21 00:02:17,577 INFO L290 TraceCheckUtils]: 37: Hoare triple {12670#false} assume !(1 == ~customIrp~0); {12670#false} is VALID [2022-02-21 00:02:17,578 INFO L290 TraceCheckUtils]: 38: Hoare triple {12670#false} assume ~s~0 == ~MPR3~0; {12670#false} is VALID [2022-02-21 00:02:17,578 INFO L272 TraceCheckUtils]: 39: Hoare triple {12670#false} call errorFn(); {12670#false} is VALID [2022-02-21 00:02:17,578 INFO L290 TraceCheckUtils]: 40: Hoare triple {12670#false} assume !false; {12670#false} is VALID [2022-02-21 00:02:17,578 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:17,578 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:17,579 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1374303544] [2022-02-21 00:02:17,579 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1374303544] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:17,579 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:17,579 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-21 00:02:17,579 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [810563239] [2022-02-21 00:02:17,579 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:17,580 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-02-21 00:02:17,580 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:17,580 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:17,608 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 41 edges. 41 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:17,609 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-21 00:02:17,609 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:17,609 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-21 00:02:17,610 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-21 00:02:17,610 INFO L87 Difference]: Start difference. First operand 186 states and 251 transitions. Second operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:18,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:18,371 INFO L93 Difference]: Finished difference Result 211 states and 282 transitions. [2022-02-21 00:02:18,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-21 00:02:18,371 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-02-21 00:02:18,371 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:18,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:18,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 260 transitions. [2022-02-21 00:02:18,374 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:18,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 260 transitions. [2022-02-21 00:02:18,377 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 260 transitions. [2022-02-21 00:02:18,569 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 260 edges. 260 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:18,572 INFO L225 Difference]: With dead ends: 211 [2022-02-21 00:02:18,572 INFO L226 Difference]: Without dead ends: 204 [2022-02-21 00:02:18,573 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=97, Unknown=0, NotChecked=0, Total=132 [2022-02-21 00:02:18,573 INFO L933 BasicCegarLoop]: 203 mSDtfsCounter, 88 mSDsluCounter, 941 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 42 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 1144 SdHoareTripleChecker+Invalid, 171 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 42 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:18,573 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [88 Valid, 1144 Invalid, 171 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [42 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:18,574 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2022-02-21 00:02:18,578 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 194. [2022-02-21 00:02:18,578 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:18,578 INFO L82 GeneralOperation]: Start isEquivalent. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:18,578 INFO L74 IsIncluded]: Start isIncluded. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:18,579 INFO L87 Difference]: Start difference. First operand 204 states. Second operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:18,588 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:18,589 INFO L93 Difference]: Finished difference Result 204 states and 275 transitions. [2022-02-21 00:02:18,589 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 275 transitions. [2022-02-21 00:02:18,589 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:18,590 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:18,590 INFO L74 IsIncluded]: Start isIncluded. First operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 204 states. [2022-02-21 00:02:18,591 INFO L87 Difference]: Start difference. First operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 204 states. [2022-02-21 00:02:18,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:18,596 INFO L93 Difference]: Finished difference Result 204 states and 275 transitions. [2022-02-21 00:02:18,596 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 275 transitions. [2022-02-21 00:02:18,596 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:18,596 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:18,597 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:18,597 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:18,597 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 194 states, 170 states have (on average 1.3647058823529412) internal successors, (232), 172 states have internal predecessors, (232), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:18,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 260 transitions. [2022-02-21 00:02:18,601 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 260 transitions. Word has length 41 [2022-02-21 00:02:18,601 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:18,602 INFO L470 AbstractCegarLoop]: Abstraction has 194 states and 260 transitions. [2022-02-21 00:02:18,602 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:18,602 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 260 transitions. [2022-02-21 00:02:18,603 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-21 00:02:18,603 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:18,603 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:18,604 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2022-02-21 00:02:18,604 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:18,604 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:18,604 INFO L85 PathProgramCache]: Analyzing trace with hash 131822704, now seen corresponding path program 1 times [2022-02-21 00:02:18,605 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:18,605 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [172748006] [2022-02-21 00:02:18,605 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:18,605 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:18,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:18,653 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:18,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:18,669 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-21 00:02:18,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:18,675 INFO L290 TraceCheckUtils]: 0: Hoare triple {13545#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {13520#true} is VALID [2022-02-21 00:02:18,675 INFO L290 TraceCheckUtils]: 1: Hoare triple {13520#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {13520#true} is VALID [2022-02-21 00:02:18,675 INFO L290 TraceCheckUtils]: 2: Hoare triple {13520#true} assume true; {13520#true} is VALID [2022-02-21 00:02:18,675 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {13520#true} {13520#true} #756#return; {13520#true} is VALID [2022-02-21 00:02:18,675 INFO L290 TraceCheckUtils]: 0: Hoare triple {13540#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {13520#true} is VALID [2022-02-21 00:02:18,676 INFO L290 TraceCheckUtils]: 1: Hoare triple {13520#true} assume 0 != ~compRegistered~0; {13520#true} is VALID [2022-02-21 00:02:18,677 INFO L272 TraceCheckUtils]: 2: Hoare triple {13520#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {13545#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:18,677 INFO L290 TraceCheckUtils]: 3: Hoare triple {13545#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {13520#true} is VALID [2022-02-21 00:02:18,677 INFO L290 TraceCheckUtils]: 4: Hoare triple {13520#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {13520#true} is VALID [2022-02-21 00:02:18,677 INFO L290 TraceCheckUtils]: 5: Hoare triple {13520#true} assume true; {13520#true} is VALID [2022-02-21 00:02:18,677 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {13520#true} {13520#true} #756#return; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 7: Hoare triple {13520#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 8: Hoare triple {13520#true} assume !(-1073741802 == ~__cil_tmp7~0); {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 9: Hoare triple {13520#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 10: Hoare triple {13520#true} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 11: Hoare triple {13520#true} assume 1 == ~tmp_ndt_7~0; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 12: Hoare triple {13520#true} ~returnVal2~0 := -1073741823; {13520#true} is VALID [2022-02-21 00:02:18,678 INFO L290 TraceCheckUtils]: 13: Hoare triple {13520#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {13520#true} is VALID [2022-02-21 00:02:18,679 INFO L290 TraceCheckUtils]: 14: Hoare triple {13520#true} #res := ~returnVal2~0; {13520#true} is VALID [2022-02-21 00:02:18,679 INFO L290 TraceCheckUtils]: 15: Hoare triple {13520#true} assume true; {13520#true} is VALID [2022-02-21 00:02:18,679 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {13520#true} {13520#true} #718#return; {13520#true} is VALID [2022-02-21 00:02:18,679 INFO L290 TraceCheckUtils]: 0: Hoare triple {13520#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {13520#true} is VALID [2022-02-21 00:02:18,679 INFO L290 TraceCheckUtils]: 1: Hoare triple {13520#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 2: Hoare triple {13520#true} assume { :end_inline__BLAST_init } true; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 3: Hoare triple {13520#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 4: Hoare triple {13520#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 5: Hoare triple {13520#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 6: Hoare triple {13520#true} assume { :end_inline_stub_driver_init } true; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 7: Hoare triple {13520#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {13520#true} is VALID [2022-02-21 00:02:18,680 INFO L290 TraceCheckUtils]: 8: Hoare triple {13520#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 9: Hoare triple {13520#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 10: Hoare triple {13520#true} assume 3 == main_~tmp_ndt_3~0#1; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 11: Hoare triple {13520#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 12: Hoare triple {13520#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 13: Hoare triple {13520#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {13520#true} is VALID [2022-02-21 00:02:18,681 INFO L290 TraceCheckUtils]: 14: Hoare triple {13520#true} assume !(~s~0 != ~NP~0); {13520#true} is VALID [2022-02-21 00:02:18,682 INFO L290 TraceCheckUtils]: 15: Hoare triple {13520#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {13520#true} is VALID [2022-02-21 00:02:18,682 INFO L290 TraceCheckUtils]: 16: Hoare triple {13520#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {13520#true} is VALID [2022-02-21 00:02:18,683 INFO L272 TraceCheckUtils]: 17: Hoare triple {13520#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {13540#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:18,683 INFO L290 TraceCheckUtils]: 18: Hoare triple {13540#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {13520#true} is VALID [2022-02-21 00:02:18,683 INFO L290 TraceCheckUtils]: 19: Hoare triple {13520#true} assume 0 != ~compRegistered~0; {13520#true} is VALID [2022-02-21 00:02:18,684 INFO L272 TraceCheckUtils]: 20: Hoare triple {13520#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {13545#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:18,684 INFO L290 TraceCheckUtils]: 21: Hoare triple {13545#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {13520#true} is VALID [2022-02-21 00:02:18,684 INFO L290 TraceCheckUtils]: 22: Hoare triple {13520#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {13520#true} is VALID [2022-02-21 00:02:18,684 INFO L290 TraceCheckUtils]: 23: Hoare triple {13520#true} assume true; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {13520#true} {13520#true} #756#return; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 25: Hoare triple {13520#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 26: Hoare triple {13520#true} assume !(-1073741802 == ~__cil_tmp7~0); {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 27: Hoare triple {13520#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 28: Hoare triple {13520#true} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 29: Hoare triple {13520#true} assume 1 == ~tmp_ndt_7~0; {13520#true} is VALID [2022-02-21 00:02:18,685 INFO L290 TraceCheckUtils]: 30: Hoare triple {13520#true} ~returnVal2~0 := -1073741823; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L290 TraceCheckUtils]: 31: Hoare triple {13520#true} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L290 TraceCheckUtils]: 32: Hoare triple {13520#true} #res := ~returnVal2~0; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L290 TraceCheckUtils]: 33: Hoare triple {13520#true} assume true; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {13520#true} {13520#true} #718#return; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L290 TraceCheckUtils]: 35: Hoare triple {13520#true} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {13520#true} is VALID [2022-02-21 00:02:18,686 INFO L290 TraceCheckUtils]: 36: Hoare triple {13520#true} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {13520#true} is VALID [2022-02-21 00:02:18,687 INFO L290 TraceCheckUtils]: 37: Hoare triple {13520#true} assume !(~s~0 == ~MPR3~0); {13539#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} is VALID [2022-02-21 00:02:18,687 INFO L290 TraceCheckUtils]: 38: Hoare triple {13539#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} assume !(1 == ~customIrp~0); {13539#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} is VALID [2022-02-21 00:02:18,688 INFO L290 TraceCheckUtils]: 39: Hoare triple {13539#(not (= (+ ~MPR3~0 (* (- 1) ~s~0)) 0))} assume ~s~0 == ~MPR3~0; {13521#false} is VALID [2022-02-21 00:02:18,688 INFO L272 TraceCheckUtils]: 40: Hoare triple {13521#false} call errorFn(); {13521#false} is VALID [2022-02-21 00:02:18,688 INFO L290 TraceCheckUtils]: 41: Hoare triple {13521#false} assume !false; {13521#false} is VALID [2022-02-21 00:02:18,688 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:18,689 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:18,689 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [172748006] [2022-02-21 00:02:18,689 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [172748006] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:18,689 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:18,689 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:18,689 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [662810530] [2022-02-21 00:02:18,690 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:18,691 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2022-02-21 00:02:18,691 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:18,692 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:18,724 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:18,724 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:18,724 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:18,725 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:18,725 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:18,725 INFO L87 Difference]: Start difference. First operand 194 states and 260 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:19,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:19,268 INFO L93 Difference]: Finished difference Result 207 states and 273 transitions. [2022-02-21 00:02:19,268 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-21 00:02:19,268 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2022-02-21 00:02:19,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:19,268 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:19,270 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 244 transitions. [2022-02-21 00:02:19,270 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:19,272 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 244 transitions. [2022-02-21 00:02:19,273 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 244 transitions. [2022-02-21 00:02:19,452 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 244 edges. 244 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:19,456 INFO L225 Difference]: With dead ends: 207 [2022-02-21 00:02:19,456 INFO L226 Difference]: Without dead ends: 205 [2022-02-21 00:02:19,456 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2022-02-21 00:02:19,456 INFO L933 BasicCegarLoop]: 216 mSDtfsCounter, 54 mSDsluCounter, 485 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 701 SdHoareTripleChecker+Invalid, 125 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:19,457 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [54 Valid, 701 Invalid, 125 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:19,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 205 states. [2022-02-21 00:02:19,462 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 205 to 196. [2022-02-21 00:02:19,462 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:19,463 INFO L82 GeneralOperation]: Start isEquivalent. First operand 205 states. Second operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:19,463 INFO L74 IsIncluded]: Start isIncluded. First operand 205 states. Second operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:19,463 INFO L87 Difference]: Start difference. First operand 205 states. Second operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:19,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:19,468 INFO L93 Difference]: Finished difference Result 205 states and 271 transitions. [2022-02-21 00:02:19,469 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 271 transitions. [2022-02-21 00:02:19,469 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:19,469 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:19,470 INFO L74 IsIncluded]: Start isIncluded. First operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 205 states. [2022-02-21 00:02:19,470 INFO L87 Difference]: Start difference. First operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 205 states. [2022-02-21 00:02:19,475 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:19,475 INFO L93 Difference]: Finished difference Result 205 states and 271 transitions. [2022-02-21 00:02:19,476 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 271 transitions. [2022-02-21 00:02:19,476 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:19,476 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:19,477 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:19,477 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:19,477 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 172 states have (on average 1.3546511627906976) internal successors, (233), 174 states have internal predecessors, (233), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:19,483 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 261 transitions. [2022-02-21 00:02:19,483 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 261 transitions. Word has length 42 [2022-02-21 00:02:19,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:19,483 INFO L470 AbstractCegarLoop]: Abstraction has 196 states and 261 transitions. [2022-02-21 00:02:19,484 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 3 states have internal predecessors, (37), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:19,484 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 261 transitions. [2022-02-21 00:02:19,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-21 00:02:19,485 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:19,485 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:19,485 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2022-02-21 00:02:19,486 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:19,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:19,486 INFO L85 PathProgramCache]: Analyzing trace with hash 1766604753, now seen corresponding path program 1 times [2022-02-21 00:02:19,486 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:19,487 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [367190126] [2022-02-21 00:02:19,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:19,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:19,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:19,544 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:19,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:19,575 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-21 00:02:19,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:19,581 INFO L290 TraceCheckUtils]: 0: Hoare triple {14390#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14363#true} is VALID [2022-02-21 00:02:19,582 INFO L290 TraceCheckUtils]: 1: Hoare triple {14363#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14363#true} is VALID [2022-02-21 00:02:19,582 INFO L290 TraceCheckUtils]: 2: Hoare triple {14363#true} assume true; {14363#true} is VALID [2022-02-21 00:02:19,582 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {14363#true} {14363#true} #756#return; {14363#true} is VALID [2022-02-21 00:02:19,582 INFO L290 TraceCheckUtils]: 0: Hoare triple {14383#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {14363#true} is VALID [2022-02-21 00:02:19,582 INFO L290 TraceCheckUtils]: 1: Hoare triple {14363#true} assume 0 != ~compRegistered~0; {14363#true} is VALID [2022-02-21 00:02:19,583 INFO L272 TraceCheckUtils]: 2: Hoare triple {14363#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {14390#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:19,583 INFO L290 TraceCheckUtils]: 3: Hoare triple {14390#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14363#true} is VALID [2022-02-21 00:02:19,583 INFO L290 TraceCheckUtils]: 4: Hoare triple {14363#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L290 TraceCheckUtils]: 5: Hoare triple {14363#true} assume true; {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {14363#true} {14363#true} #756#return; {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L290 TraceCheckUtils]: 7: Hoare triple {14363#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L290 TraceCheckUtils]: 8: Hoare triple {14363#true} assume !(-1073741802 == ~__cil_tmp7~0); {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L290 TraceCheckUtils]: 9: Hoare triple {14363#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {14363#true} is VALID [2022-02-21 00:02:19,584 INFO L290 TraceCheckUtils]: 10: Hoare triple {14363#true} assume 0 == ~tmp_ndt_6~0; {14363#true} is VALID [2022-02-21 00:02:19,585 INFO L290 TraceCheckUtils]: 11: Hoare triple {14363#true} ~returnVal2~0 := 0; {14388#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:19,585 INFO L290 TraceCheckUtils]: 12: Hoare triple {14388#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {14388#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:19,586 INFO L290 TraceCheckUtils]: 13: Hoare triple {14388#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {14389#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:19,586 INFO L290 TraceCheckUtils]: 14: Hoare triple {14389#(= |IofCallDriver_#res| 0)} assume true; {14389#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:19,587 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {14389#(= |IofCallDriver_#res| 0)} {14363#true} #718#return; {14381#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-21 00:02:19,587 INFO L290 TraceCheckUtils]: 0: Hoare triple {14363#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {14363#true} is VALID [2022-02-21 00:02:19,587 INFO L290 TraceCheckUtils]: 1: Hoare triple {14363#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {14363#true} is VALID [2022-02-21 00:02:19,587 INFO L290 TraceCheckUtils]: 2: Hoare triple {14363#true} assume { :end_inline__BLAST_init } true; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 3: Hoare triple {14363#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 4: Hoare triple {14363#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 5: Hoare triple {14363#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 6: Hoare triple {14363#true} assume { :end_inline_stub_driver_init } true; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 7: Hoare triple {14363#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 8: Hoare triple {14363#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {14363#true} is VALID [2022-02-21 00:02:19,588 INFO L290 TraceCheckUtils]: 9: Hoare triple {14363#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 10: Hoare triple {14363#true} assume 3 == main_~tmp_ndt_3~0#1; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 11: Hoare triple {14363#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 12: Hoare triple {14363#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 13: Hoare triple {14363#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 14: Hoare triple {14363#true} assume !(~s~0 != ~NP~0); {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 15: Hoare triple {14363#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {14363#true} is VALID [2022-02-21 00:02:19,589 INFO L290 TraceCheckUtils]: 16: Hoare triple {14363#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {14363#true} is VALID [2022-02-21 00:02:19,590 INFO L272 TraceCheckUtils]: 17: Hoare triple {14363#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {14383#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:19,591 INFO L290 TraceCheckUtils]: 18: Hoare triple {14383#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {14363#true} is VALID [2022-02-21 00:02:19,591 INFO L290 TraceCheckUtils]: 19: Hoare triple {14363#true} assume 0 != ~compRegistered~0; {14363#true} is VALID [2022-02-21 00:02:19,591 INFO L272 TraceCheckUtils]: 20: Hoare triple {14363#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {14390#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 21: Hoare triple {14390#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 22: Hoare triple {14363#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 23: Hoare triple {14363#true} assume true; {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {14363#true} {14363#true} #756#return; {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 25: Hoare triple {14363#true} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 26: Hoare triple {14363#true} assume !(-1073741802 == ~__cil_tmp7~0); {14363#true} is VALID [2022-02-21 00:02:19,592 INFO L290 TraceCheckUtils]: 27: Hoare triple {14363#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {14363#true} is VALID [2022-02-21 00:02:19,593 INFO L290 TraceCheckUtils]: 28: Hoare triple {14363#true} assume 0 == ~tmp_ndt_6~0; {14363#true} is VALID [2022-02-21 00:02:19,593 INFO L290 TraceCheckUtils]: 29: Hoare triple {14363#true} ~returnVal2~0 := 0; {14388#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:19,593 INFO L290 TraceCheckUtils]: 30: Hoare triple {14388#(= IofCallDriver_~returnVal2~0 0)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {14388#(= IofCallDriver_~returnVal2~0 0)} is VALID [2022-02-21 00:02:19,594 INFO L290 TraceCheckUtils]: 31: Hoare triple {14388#(= IofCallDriver_~returnVal2~0 0)} #res := ~returnVal2~0; {14389#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:19,594 INFO L290 TraceCheckUtils]: 32: Hoare triple {14389#(= |IofCallDriver_#res| 0)} assume true; {14389#(= |IofCallDriver_#res| 0)} is VALID [2022-02-21 00:02:19,595 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {14389#(= |IofCallDriver_#res| 0)} {14363#true} #718#return; {14381#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} is VALID [2022-02-21 00:02:19,595 INFO L290 TraceCheckUtils]: 34: Hoare triple {14381#(= |ULTIMATE.start_KbFilter_PnP_#t~ret10#1| 0)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {14382#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} is VALID [2022-02-21 00:02:19,596 INFO L290 TraceCheckUtils]: 35: Hoare triple {14382#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} assume !(259 == KbFilter_PnP_~__cil_tmp23~0#1); {14382#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} is VALID [2022-02-21 00:02:19,596 INFO L290 TraceCheckUtils]: 36: Hoare triple {14382#(= |ULTIMATE.start_KbFilter_PnP_~status~0#1| 0)} assume !(KbFilter_PnP_~status~0#1 >= 0); {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L290 TraceCheckUtils]: 37: Hoare triple {14364#false} KbFilter_PnP_~Irp__IoStatus__Status~0#1 := KbFilter_PnP_~status~0#1;~myStatus~0 := KbFilter_PnP_~status~0#1;KbFilter_PnP_~Irp__IoStatus__Information~0#1 := 0; {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L272 TraceCheckUtils]: 38: Hoare triple {14364#false} call IofCompleteRequest(KbFilter_PnP_~Irp#1, 0); {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L290 TraceCheckUtils]: 39: Hoare triple {14364#false} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L290 TraceCheckUtils]: 40: Hoare triple {14364#false} assume !(~s~0 == ~NP~0); {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L272 TraceCheckUtils]: 41: Hoare triple {14364#false} call errorFn(); {14364#false} is VALID [2022-02-21 00:02:19,597 INFO L290 TraceCheckUtils]: 42: Hoare triple {14364#false} assume !false; {14364#false} is VALID [2022-02-21 00:02:19,598 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:19,598 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:19,598 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [367190126] [2022-02-21 00:02:19,598 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [367190126] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:19,598 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:19,598 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-21 00:02:19,599 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [754250521] [2022-02-21 00:02:19,599 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:19,599 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-21 00:02:19,599 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:19,600 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:19,632 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:19,632 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-21 00:02:19,632 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:19,633 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-21 00:02:19,633 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-21 00:02:19,633 INFO L87 Difference]: Start difference. First operand 196 states and 261 transitions. Second operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:20,501 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:20,502 INFO L93 Difference]: Finished difference Result 216 states and 286 transitions. [2022-02-21 00:02:20,502 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-21 00:02:20,502 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-21 00:02:20,502 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:20,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:20,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 267 transitions. [2022-02-21 00:02:20,505 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:20,508 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 267 transitions. [2022-02-21 00:02:20,508 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 267 transitions. [2022-02-21 00:02:20,690 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 267 edges. 267 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:20,693 INFO L225 Difference]: With dead ends: 216 [2022-02-21 00:02:20,694 INFO L226 Difference]: Without dead ends: 216 [2022-02-21 00:02:20,694 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2022-02-21 00:02:20,695 INFO L933 BasicCegarLoop]: 216 mSDtfsCounter, 119 mSDsluCounter, 1071 mSDsCounter, 0 mSdLazyCounter, 184 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 1287 SdHoareTripleChecker+Invalid, 211 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 184 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:20,695 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [127 Valid, 1287 Invalid, 211 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 184 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:20,696 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 216 states. [2022-02-21 00:02:20,699 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 216 to 197. [2022-02-21 00:02:20,700 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:20,700 INFO L82 GeneralOperation]: Start isEquivalent. First operand 216 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:20,701 INFO L74 IsIncluded]: Start isIncluded. First operand 216 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:20,701 INFO L87 Difference]: Start difference. First operand 216 states. Second operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:20,707 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:20,708 INFO L93 Difference]: Finished difference Result 216 states and 286 transitions. [2022-02-21 00:02:20,708 INFO L276 IsEmpty]: Start isEmpty. Operand 216 states and 286 transitions. [2022-02-21 00:02:20,709 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:20,709 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:20,709 INFO L74 IsIncluded]: Start isIncluded. First operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 216 states. [2022-02-21 00:02:20,710 INFO L87 Difference]: Start difference. First operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) Second operand 216 states. [2022-02-21 00:02:20,715 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:20,716 INFO L93 Difference]: Finished difference Result 216 states and 286 transitions. [2022-02-21 00:02:20,716 INFO L276 IsEmpty]: Start isEmpty. Operand 216 states and 286 transitions. [2022-02-21 00:02:20,717 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:20,717 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:20,717 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:20,717 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:20,718 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 197 states, 173 states have (on average 1.3526011560693643) internal successors, (234), 175 states have internal predecessors, (234), 15 states have call successors, (15), 8 states have call predecessors, (15), 8 states have return successors, (13), 13 states have call predecessors, (13), 11 states have call successors, (13) [2022-02-21 00:02:20,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 197 states to 197 states and 262 transitions. [2022-02-21 00:02:20,722 INFO L78 Accepts]: Start accepts. Automaton has 197 states and 262 transitions. Word has length 43 [2022-02-21 00:02:20,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:20,723 INFO L470 AbstractCegarLoop]: Abstraction has 197 states and 262 transitions. [2022-02-21 00:02:20,723 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:20,723 INFO L276 IsEmpty]: Start isEmpty. Operand 197 states and 262 transitions. [2022-02-21 00:02:20,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-21 00:02:20,724 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:20,724 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:20,724 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2022-02-21 00:02:20,725 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:20,725 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:20,725 INFO L85 PathProgramCache]: Analyzing trace with hash -446330305, now seen corresponding path program 1 times [2022-02-21 00:02:20,725 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:20,725 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [931057088] [2022-02-21 00:02:20,726 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:20,726 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:20,748 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:20,773 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:20,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:20,790 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-21 00:02:20,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:20,800 INFO L290 TraceCheckUtils]: 0: Hoare triple {15273#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,800 INFO L290 TraceCheckUtils]: 1: Hoare triple {15267#(= ~setEventCalled~0 1)} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,801 INFO L290 TraceCheckUtils]: 2: Hoare triple {15267#(= ~setEventCalled~0 1)} assume true; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,802 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {15267#(= ~setEventCalled~0 1)} {15248#true} #756#return; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,802 INFO L290 TraceCheckUtils]: 0: Hoare triple {15268#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {15248#true} is VALID [2022-02-21 00:02:20,802 INFO L290 TraceCheckUtils]: 1: Hoare triple {15248#true} assume 0 != ~compRegistered~0; {15248#true} is VALID [2022-02-21 00:02:20,803 INFO L272 TraceCheckUtils]: 2: Hoare triple {15248#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {15273#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:20,803 INFO L290 TraceCheckUtils]: 3: Hoare triple {15273#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,804 INFO L290 TraceCheckUtils]: 4: Hoare triple {15267#(= ~setEventCalled~0 1)} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,804 INFO L290 TraceCheckUtils]: 5: Hoare triple {15267#(= ~setEventCalled~0 1)} assume true; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,805 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {15267#(= ~setEventCalled~0 1)} {15248#true} #756#return; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,805 INFO L290 TraceCheckUtils]: 7: Hoare triple {15267#(= ~setEventCalled~0 1)} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,806 INFO L290 TraceCheckUtils]: 8: Hoare triple {15267#(= ~setEventCalled~0 1)} assume !(-1073741802 == ~__cil_tmp7~0); {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,806 INFO L290 TraceCheckUtils]: 9: Hoare triple {15267#(= ~setEventCalled~0 1)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,806 INFO L290 TraceCheckUtils]: 10: Hoare triple {15267#(= ~setEventCalled~0 1)} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,807 INFO L290 TraceCheckUtils]: 11: Hoare triple {15267#(= ~setEventCalled~0 1)} assume 1 == ~tmp_ndt_7~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,807 INFO L290 TraceCheckUtils]: 12: Hoare triple {15267#(= ~setEventCalled~0 1)} ~returnVal2~0 := -1073741823; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,807 INFO L290 TraceCheckUtils]: 13: Hoare triple {15267#(= ~setEventCalled~0 1)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,808 INFO L290 TraceCheckUtils]: 14: Hoare triple {15267#(= ~setEventCalled~0 1)} #res := ~returnVal2~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,808 INFO L290 TraceCheckUtils]: 15: Hoare triple {15267#(= ~setEventCalled~0 1)} assume true; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,809 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {15267#(= ~setEventCalled~0 1)} {15248#true} #718#return; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,809 INFO L290 TraceCheckUtils]: 0: Hoare triple {15248#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {15248#true} is VALID [2022-02-21 00:02:20,809 INFO L290 TraceCheckUtils]: 1: Hoare triple {15248#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {15248#true} is VALID [2022-02-21 00:02:20,809 INFO L290 TraceCheckUtils]: 2: Hoare triple {15248#true} assume { :end_inline__BLAST_init } true; {15248#true} is VALID [2022-02-21 00:02:20,809 INFO L290 TraceCheckUtils]: 3: Hoare triple {15248#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 4: Hoare triple {15248#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 5: Hoare triple {15248#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 6: Hoare triple {15248#true} assume { :end_inline_stub_driver_init } true; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 7: Hoare triple {15248#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 8: Hoare triple {15248#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 9: Hoare triple {15248#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {15248#true} is VALID [2022-02-21 00:02:20,810 INFO L290 TraceCheckUtils]: 10: Hoare triple {15248#true} assume 3 == main_~tmp_ndt_3~0#1; {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 11: Hoare triple {15248#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 12: Hoare triple {15248#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 13: Hoare triple {15248#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 14: Hoare triple {15248#true} assume !(~s~0 != ~NP~0); {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 15: Hoare triple {15248#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {15248#true} is VALID [2022-02-21 00:02:20,811 INFO L290 TraceCheckUtils]: 16: Hoare triple {15248#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {15248#true} is VALID [2022-02-21 00:02:20,812 INFO L272 TraceCheckUtils]: 17: Hoare triple {15248#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {15268#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:20,813 INFO L290 TraceCheckUtils]: 18: Hoare triple {15268#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {15248#true} is VALID [2022-02-21 00:02:20,813 INFO L290 TraceCheckUtils]: 19: Hoare triple {15248#true} assume 0 != ~compRegistered~0; {15248#true} is VALID [2022-02-21 00:02:20,813 INFO L272 TraceCheckUtils]: 20: Hoare triple {15248#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {15273#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:20,814 INFO L290 TraceCheckUtils]: 21: Hoare triple {15273#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,814 INFO L290 TraceCheckUtils]: 22: Hoare triple {15267#(= ~setEventCalled~0 1)} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,814 INFO L290 TraceCheckUtils]: 23: Hoare triple {15267#(= ~setEventCalled~0 1)} assume true; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,815 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {15267#(= ~setEventCalled~0 1)} {15248#true} #756#return; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,816 INFO L290 TraceCheckUtils]: 25: Hoare triple {15267#(= ~setEventCalled~0 1)} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,816 INFO L290 TraceCheckUtils]: 26: Hoare triple {15267#(= ~setEventCalled~0 1)} assume !(-1073741802 == ~__cil_tmp7~0); {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,816 INFO L290 TraceCheckUtils]: 27: Hoare triple {15267#(= ~setEventCalled~0 1)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,817 INFO L290 TraceCheckUtils]: 28: Hoare triple {15267#(= ~setEventCalled~0 1)} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,817 INFO L290 TraceCheckUtils]: 29: Hoare triple {15267#(= ~setEventCalled~0 1)} assume 1 == ~tmp_ndt_7~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,817 INFO L290 TraceCheckUtils]: 30: Hoare triple {15267#(= ~setEventCalled~0 1)} ~returnVal2~0 := -1073741823; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,818 INFO L290 TraceCheckUtils]: 31: Hoare triple {15267#(= ~setEventCalled~0 1)} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,818 INFO L290 TraceCheckUtils]: 32: Hoare triple {15267#(= ~setEventCalled~0 1)} #res := ~returnVal2~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,818 INFO L290 TraceCheckUtils]: 33: Hoare triple {15267#(= ~setEventCalled~0 1)} assume true; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,819 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {15267#(= ~setEventCalled~0 1)} {15248#true} #718#return; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,819 INFO L290 TraceCheckUtils]: 35: Hoare triple {15267#(= ~setEventCalled~0 1)} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,820 INFO L290 TraceCheckUtils]: 36: Hoare triple {15267#(= ~setEventCalled~0 1)} assume 259 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0, 0;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,820 INFO L290 TraceCheckUtils]: 37: Hoare triple {15267#(= ~setEventCalled~0 1)} assume ~s~0 == ~MPR3~0; {15267#(= ~setEventCalled~0 1)} is VALID [2022-02-21 00:02:20,820 INFO L290 TraceCheckUtils]: 38: Hoare triple {15267#(= ~setEventCalled~0 1)} assume !(1 == ~setEventCalled~0); {15249#false} is VALID [2022-02-21 00:02:20,820 INFO L290 TraceCheckUtils]: 39: Hoare triple {15249#false} assume !(1 == ~customIrp~0); {15249#false} is VALID [2022-02-21 00:02:20,821 INFO L290 TraceCheckUtils]: 40: Hoare triple {15249#false} assume ~s~0 == ~MPR3~0; {15249#false} is VALID [2022-02-21 00:02:20,821 INFO L272 TraceCheckUtils]: 41: Hoare triple {15249#false} call errorFn(); {15249#false} is VALID [2022-02-21 00:02:20,821 INFO L290 TraceCheckUtils]: 42: Hoare triple {15249#false} assume !false; {15249#false} is VALID [2022-02-21 00:02:20,821 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:20,821 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:20,822 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [931057088] [2022-02-21 00:02:20,822 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [931057088] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:20,822 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:20,822 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:20,822 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [65092922] [2022-02-21 00:02:20,822 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:20,823 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-21 00:02:20,823 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:20,823 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:20,858 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:20,858 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:20,858 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:20,858 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:20,858 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:20,859 INFO L87 Difference]: Start difference. First operand 197 states and 262 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:21,261 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:21,261 INFO L93 Difference]: Finished difference Result 194 states and 255 transitions. [2022-02-21 00:02:21,261 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:21,262 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2022-02-21 00:02:21,262 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:21,262 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:21,264 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 230 transitions. [2022-02-21 00:02:21,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:21,266 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 230 transitions. [2022-02-21 00:02:21,266 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 230 transitions. [2022-02-21 00:02:21,447 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 230 edges. 230 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:21,449 INFO L225 Difference]: With dead ends: 194 [2022-02-21 00:02:21,449 INFO L226 Difference]: Without dead ends: 186 [2022-02-21 00:02:21,450 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 2 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:21,450 INFO L933 BasicCegarLoop]: 219 mSDtfsCounter, 94 mSDsluCounter, 323 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 95 SdHoareTripleChecker+Valid, 542 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:21,450 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [95 Valid, 542 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:21,451 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2022-02-21 00:02:21,454 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 184. [2022-02-21 00:02:21,454 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:21,454 INFO L82 GeneralOperation]: Start isEquivalent. First operand 186 states. Second operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:21,454 INFO L74 IsIncluded]: Start isIncluded. First operand 186 states. Second operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:21,455 INFO L87 Difference]: Start difference. First operand 186 states. Second operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:21,461 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:21,462 INFO L93 Difference]: Finished difference Result 186 states and 247 transitions. [2022-02-21 00:02:21,462 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 247 transitions. [2022-02-21 00:02:21,463 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:21,463 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:21,463 INFO L74 IsIncluded]: Start isIncluded. First operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-21 00:02:21,464 INFO L87 Difference]: Start difference. First operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 186 states. [2022-02-21 00:02:21,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:21,467 INFO L93 Difference]: Finished difference Result 186 states and 247 transitions. [2022-02-21 00:02:21,468 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 247 transitions. [2022-02-21 00:02:21,468 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:21,468 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:21,468 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:21,469 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:21,469 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 184 states, 162 states have (on average 1.3580246913580247) internal successors, (220), 163 states have internal predecessors, (220), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:21,473 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 184 states to 184 states and 246 transitions. [2022-02-21 00:02:21,473 INFO L78 Accepts]: Start accepts. Automaton has 184 states and 246 transitions. Word has length 43 [2022-02-21 00:02:21,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:21,473 INFO L470 AbstractCegarLoop]: Abstraction has 184 states and 246 transitions. [2022-02-21 00:02:21,473 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:21,474 INFO L276 IsEmpty]: Start isEmpty. Operand 184 states and 246 transitions. [2022-02-21 00:02:21,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-21 00:02:21,474 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:21,475 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:21,475 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2022-02-21 00:02:21,475 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:21,475 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:21,476 INFO L85 PathProgramCache]: Analyzing trace with hash 694033782, now seen corresponding path program 1 times [2022-02-21 00:02:21,476 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:21,476 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1381469424] [2022-02-21 00:02:21,476 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:21,476 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:21,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:21,523 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:21,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:21,570 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-02-21 00:02:21,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:21,592 INFO L290 TraceCheckUtils]: 0: Hoare triple {16056#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16030#true} is VALID [2022-02-21 00:02:21,593 INFO L290 TraceCheckUtils]: 1: Hoare triple {16030#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,593 INFO L290 TraceCheckUtils]: 2: Hoare triple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,594 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {16030#true} #756#return; {16054#(and (<= (+ |IofCallDriver_#t~ret35| 1073741802) 0) (<= 0 (+ |IofCallDriver_#t~ret35| 1073741802)))} is VALID [2022-02-21 00:02:21,594 INFO L290 TraceCheckUtils]: 0: Hoare triple {16049#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16030#true} is VALID [2022-02-21 00:02:21,595 INFO L290 TraceCheckUtils]: 1: Hoare triple {16030#true} assume 0 != ~compRegistered~0; {16030#true} is VALID [2022-02-21 00:02:21,595 INFO L272 TraceCheckUtils]: 2: Hoare triple {16030#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {16056#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:21,595 INFO L290 TraceCheckUtils]: 3: Hoare triple {16056#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16030#true} is VALID [2022-02-21 00:02:21,596 INFO L290 TraceCheckUtils]: 4: Hoare triple {16030#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,596 INFO L290 TraceCheckUtils]: 5: Hoare triple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,597 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {16030#true} #756#return; {16054#(and (<= (+ |IofCallDriver_#t~ret35| 1073741802) 0) (<= 0 (+ |IofCallDriver_#t~ret35| 1073741802)))} is VALID [2022-02-21 00:02:21,598 INFO L290 TraceCheckUtils]: 7: Hoare triple {16054#(and (<= (+ |IofCallDriver_#t~ret35| 1073741802) 0) (<= 0 (+ |IofCallDriver_#t~ret35| 1073741802)))} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {16055#(and (< 0 (+ 1073741803 IofCallDriver_~__cil_tmp7~0)) (<= (+ IofCallDriver_~__cil_tmp7~0 1073741802) 0))} is VALID [2022-02-21 00:02:21,598 INFO L290 TraceCheckUtils]: 8: Hoare triple {16055#(and (< 0 (+ 1073741803 IofCallDriver_~__cil_tmp7~0)) (<= (+ IofCallDriver_~__cil_tmp7~0 1073741802) 0))} assume !(-1073741802 == ~__cil_tmp7~0); {16031#false} is VALID [2022-02-21 00:02:21,598 INFO L290 TraceCheckUtils]: 9: Hoare triple {16031#false} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 10: Hoare triple {16031#false} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 11: Hoare triple {16031#false} assume 1 == ~tmp_ndt_7~0; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 12: Hoare triple {16031#false} ~returnVal2~0 := -1073741823; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 13: Hoare triple {16031#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 14: Hoare triple {16031#false} #res := ~returnVal2~0; {16031#false} is VALID [2022-02-21 00:02:21,599 INFO L290 TraceCheckUtils]: 15: Hoare triple {16031#false} assume true; {16031#false} is VALID [2022-02-21 00:02:21,600 INFO L284 TraceCheckUtils]: 16: Hoare quadruple {16031#false} {16030#true} #718#return; {16031#false} is VALID [2022-02-21 00:02:21,600 INFO L290 TraceCheckUtils]: 0: Hoare triple {16030#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {16030#true} is VALID [2022-02-21 00:02:21,600 INFO L290 TraceCheckUtils]: 1: Hoare triple {16030#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16030#true} is VALID [2022-02-21 00:02:21,600 INFO L290 TraceCheckUtils]: 2: Hoare triple {16030#true} assume { :end_inline__BLAST_init } true; {16030#true} is VALID [2022-02-21 00:02:21,600 INFO L290 TraceCheckUtils]: 3: Hoare triple {16030#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {16030#true} is VALID [2022-02-21 00:02:21,600 INFO L290 TraceCheckUtils]: 4: Hoare triple {16030#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 5: Hoare triple {16030#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 6: Hoare triple {16030#true} assume { :end_inline_stub_driver_init } true; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 7: Hoare triple {16030#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 8: Hoare triple {16030#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 9: Hoare triple {16030#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {16030#true} is VALID [2022-02-21 00:02:21,601 INFO L290 TraceCheckUtils]: 10: Hoare triple {16030#true} assume 3 == main_~tmp_ndt_3~0#1; {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 11: Hoare triple {16030#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 12: Hoare triple {16030#true} assume 0 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 13: Hoare triple {16030#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~nextIrpSp__Control~0#1 := 0; {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 14: Hoare triple {16030#true} assume !(~s~0 != ~NP~0); {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 15: Hoare triple {16030#true} assume !(0 != ~compRegistered~0);~compRegistered~0 := 1; {16030#true} is VALID [2022-02-21 00:02:21,602 INFO L290 TraceCheckUtils]: 16: Hoare triple {16030#true} KbFilter_PnP_~irpSp___0~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 - 1;KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224; {16030#true} is VALID [2022-02-21 00:02:21,603 INFO L272 TraceCheckUtils]: 17: Hoare triple {16030#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {16049#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:21,603 INFO L290 TraceCheckUtils]: 18: Hoare triple {16049#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16030#true} is VALID [2022-02-21 00:02:21,604 INFO L290 TraceCheckUtils]: 19: Hoare triple {16030#true} assume 0 != ~compRegistered~0; {16030#true} is VALID [2022-02-21 00:02:21,604 INFO L272 TraceCheckUtils]: 20: Hoare triple {16030#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {16056#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} is VALID [2022-02-21 00:02:21,604 INFO L290 TraceCheckUtils]: 21: Hoare triple {16056#(= ~setEventCalled~0 |old(~setEventCalled~0)|)} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0, 0;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;assume -2147483648 <= KeSetEvent_#t~nondet38#1 && KeSetEvent_#t~nondet38#1 <= 2147483647;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {16030#true} is VALID [2022-02-21 00:02:21,605 INFO L290 TraceCheckUtils]: 22: Hoare triple {16030#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;assume -2147483648 <= #t~ret40#1 && #t~ret40#1 <= 2147483647;havoc #t~ret40#1;#res#1 := -1073741802; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,605 INFO L290 TraceCheckUtils]: 23: Hoare triple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} assume true; {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} is VALID [2022-02-21 00:02:21,607 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {16057#(and (<= (+ |KbFilter_Complete_#res#1| 1073741802) 0) (<= 0 (+ |KbFilter_Complete_#res#1| 1073741802)))} {16030#true} #756#return; {16054#(and (<= (+ |IofCallDriver_#t~ret35| 1073741802) 0) (<= 0 (+ |IofCallDriver_#t~ret35| 1073741802)))} is VALID [2022-02-21 00:02:21,608 INFO L290 TraceCheckUtils]: 25: Hoare triple {16054#(and (<= (+ |IofCallDriver_#t~ret35| 1073741802) 0) (<= 0 (+ |IofCallDriver_#t~ret35| 1073741802)))} assume -2147483648 <= #t~ret35 && #t~ret35 <= 2147483647;~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~compRetStatus~0; {16055#(and (< 0 (+ 1073741803 IofCallDriver_~__cil_tmp7~0)) (<= (+ IofCallDriver_~__cil_tmp7~0 1073741802) 0))} is VALID [2022-02-21 00:02:21,608 INFO L290 TraceCheckUtils]: 26: Hoare triple {16055#(and (< 0 (+ 1073741803 IofCallDriver_~__cil_tmp7~0)) (<= (+ IofCallDriver_~__cil_tmp7~0 1073741802) 0))} assume !(-1073741802 == ~__cil_tmp7~0); {16031#false} is VALID [2022-02-21 00:02:21,608 INFO L290 TraceCheckUtils]: 27: Hoare triple {16031#false} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16031#false} is VALID [2022-02-21 00:02:21,608 INFO L290 TraceCheckUtils]: 28: Hoare triple {16031#false} assume !(0 == ~tmp_ndt_6~0);havoc ~tmp_ndt_7~0;assume -2147483648 <= #t~nondet37 && #t~nondet37 <= 2147483647;~tmp_ndt_7~0 := #t~nondet37;havoc #t~nondet37; {16031#false} is VALID [2022-02-21 00:02:21,608 INFO L290 TraceCheckUtils]: 29: Hoare triple {16031#false} assume 1 == ~tmp_ndt_7~0; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L290 TraceCheckUtils]: 30: Hoare triple {16031#false} ~returnVal2~0 := -1073741823; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L290 TraceCheckUtils]: 31: Hoare triple {16031#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L290 TraceCheckUtils]: 32: Hoare triple {16031#false} #res := ~returnVal2~0; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L290 TraceCheckUtils]: 33: Hoare triple {16031#false} assume true; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L284 TraceCheckUtils]: 34: Hoare quadruple {16031#false} {16030#true} #718#return; {16031#false} is VALID [2022-02-21 00:02:21,609 INFO L290 TraceCheckUtils]: 35: Hoare triple {16031#false} assume -2147483648 <= KbFilter_PnP_#t~ret10#1 && KbFilter_PnP_#t~ret10#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L290 TraceCheckUtils]: 36: Hoare triple {16031#false} assume !(259 == KbFilter_PnP_~__cil_tmp23~0#1); {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L290 TraceCheckUtils]: 37: Hoare triple {16031#false} assume !(KbFilter_PnP_~status~0#1 >= 0); {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L290 TraceCheckUtils]: 38: Hoare triple {16031#false} KbFilter_PnP_~Irp__IoStatus__Status~0#1 := KbFilter_PnP_~status~0#1;~myStatus~0 := KbFilter_PnP_~status~0#1;KbFilter_PnP_~Irp__IoStatus__Information~0#1 := 0; {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L272 TraceCheckUtils]: 39: Hoare triple {16031#false} call IofCompleteRequest(KbFilter_PnP_~Irp#1, 0); {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L290 TraceCheckUtils]: 40: Hoare triple {16031#false} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {16031#false} is VALID [2022-02-21 00:02:21,610 INFO L290 TraceCheckUtils]: 41: Hoare triple {16031#false} assume !(~s~0 == ~NP~0); {16031#false} is VALID [2022-02-21 00:02:21,611 INFO L272 TraceCheckUtils]: 42: Hoare triple {16031#false} call errorFn(); {16031#false} is VALID [2022-02-21 00:02:21,611 INFO L290 TraceCheckUtils]: 43: Hoare triple {16031#false} assume !false; {16031#false} is VALID [2022-02-21 00:02:21,611 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:21,611 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:21,611 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1381469424] [2022-02-21 00:02:21,612 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1381469424] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:21,612 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:21,612 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-21 00:02:21,612 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [865113329] [2022-02-21 00:02:21,612 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:21,613 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2022-02-21 00:02:21,613 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:21,613 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:21,642 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 44 edges. 44 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:21,642 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-21 00:02:21,642 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:21,643 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-21 00:02:21,643 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:21,643 INFO L87 Difference]: Start difference. First operand 184 states and 246 transitions. Second operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:22,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:22,354 INFO L93 Difference]: Finished difference Result 178 states and 237 transitions. [2022-02-21 00:02:22,355 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:22,355 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 44 [2022-02-21 00:02:22,355 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:22,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:22,357 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 226 transitions. [2022-02-21 00:02:22,357 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:22,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 226 transitions. [2022-02-21 00:02:22,360 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 226 transitions. [2022-02-21 00:02:22,516 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 226 edges. 226 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:22,517 INFO L225 Difference]: With dead ends: 178 [2022-02-21 00:02:22,518 INFO L226 Difference]: Without dead ends: 178 [2022-02-21 00:02:22,518 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:22,518 INFO L933 BasicCegarLoop]: 214 mSDtfsCounter, 52 mSDsluCounter, 903 mSDsCounter, 0 mSdLazyCounter, 116 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 1117 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 116 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:22,518 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [53 Valid, 1117 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:22,519 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 178 states. [2022-02-21 00:02:22,522 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 178 to 178. [2022-02-21 00:02:22,522 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:22,522 INFO L82 GeneralOperation]: Start isEquivalent. First operand 178 states. Second operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:22,522 INFO L74 IsIncluded]: Start isIncluded. First operand 178 states. Second operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:22,523 INFO L87 Difference]: Start difference. First operand 178 states. Second operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:22,526 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:22,526 INFO L93 Difference]: Finished difference Result 178 states and 237 transitions. [2022-02-21 00:02:22,526 INFO L276 IsEmpty]: Start isEmpty. Operand 178 states and 237 transitions. [2022-02-21 00:02:22,527 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:22,527 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:22,527 INFO L74 IsIncluded]: Start isIncluded. First operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 178 states. [2022-02-21 00:02:22,528 INFO L87 Difference]: Start difference. First operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 178 states. [2022-02-21 00:02:22,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:22,539 INFO L93 Difference]: Finished difference Result 178 states and 237 transitions. [2022-02-21 00:02:22,539 INFO L276 IsEmpty]: Start isEmpty. Operand 178 states and 237 transitions. [2022-02-21 00:02:22,540 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:22,540 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:22,540 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:22,540 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:22,541 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 178 states, 156 states have (on average 1.3525641025641026) internal successors, (211), 157 states have internal predecessors, (211), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:22,544 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 178 states to 178 states and 237 transitions. [2022-02-21 00:02:22,544 INFO L78 Accepts]: Start accepts. Automaton has 178 states and 237 transitions. Word has length 44 [2022-02-21 00:02:22,544 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:22,545 INFO L470 AbstractCegarLoop]: Abstraction has 178 states and 237 transitions. [2022-02-21 00:02:22,545 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:22,545 INFO L276 IsEmpty]: Start isEmpty. Operand 178 states and 237 transitions. [2022-02-21 00:02:22,546 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-21 00:02:22,546 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:22,546 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:22,546 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2022-02-21 00:02:22,546 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:22,547 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:22,547 INFO L85 PathProgramCache]: Analyzing trace with hash -1239862159, now seen corresponding path program 1 times [2022-02-21 00:02:22,548 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:22,548 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [81887171] [2022-02-21 00:02:22,548 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:22,548 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:22,566 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:22,622 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:22,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:22,641 INFO L290 TraceCheckUtils]: 0: Hoare triple {16787#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,641 INFO L290 TraceCheckUtils]: 1: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume !(0 != ~compRegistered~0); {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,642 INFO L290 TraceCheckUtils]: 2: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,642 INFO L290 TraceCheckUtils]: 3: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume 0 == ~tmp_ndt_6~0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,642 INFO L290 TraceCheckUtils]: 4: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} ~returnVal2~0 := 0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,643 INFO L290 TraceCheckUtils]: 5: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume !(~s~0 == ~NP~0); {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,643 INFO L290 TraceCheckUtils]: 6: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~MPR1~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,643 INFO L290 TraceCheckUtils]: 7: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} assume !(259 == ~returnVal2~0);~s~0 := ~NP~0;~lowerDriverReturn~0 := ~returnVal2~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,644 INFO L290 TraceCheckUtils]: 8: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} #res := ~returnVal2~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,644 INFO L290 TraceCheckUtils]: 9: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} assume true; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,645 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {16789#(= ~MPR1~0 |old(~s~0)|)} {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} #726#return; {16773#false} is VALID [2022-02-21 00:02:22,645 INFO L290 TraceCheckUtils]: 0: Hoare triple {16772#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {16772#true} is VALID [2022-02-21 00:02:22,646 INFO L290 TraceCheckUtils]: 1: Hoare triple {16772#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,646 INFO L290 TraceCheckUtils]: 2: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :end_inline__BLAST_init } true; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,647 INFO L290 TraceCheckUtils]: 3: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,647 INFO L290 TraceCheckUtils]: 4: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,648 INFO L290 TraceCheckUtils]: 5: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,648 INFO L290 TraceCheckUtils]: 6: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :end_inline_stub_driver_init } true; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,649 INFO L290 TraceCheckUtils]: 7: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,649 INFO L290 TraceCheckUtils]: 8: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,649 INFO L290 TraceCheckUtils]: 9: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,650 INFO L290 TraceCheckUtils]: 10: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 3 == main_~tmp_ndt_3~0#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,651 INFO L290 TraceCheckUtils]: 11: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,651 INFO L290 TraceCheckUtils]: 12: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,651 INFO L290 TraceCheckUtils]: 13: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume 23 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,652 INFO L290 TraceCheckUtils]: 14: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} KbFilter_PnP_~devExt__SurpriseRemoved~0#1 := 1; {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} is VALID [2022-02-21 00:02:22,652 INFO L290 TraceCheckUtils]: 15: Hoare triple {16774#(and (not (= ~MPR1~0 3)) (= ~SKIP1~0 3))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} is VALID [2022-02-21 00:02:22,653 INFO L290 TraceCheckUtils]: 16: Hoare triple {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} KbFilter_PnP_#t~post12#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post12#1;havoc KbFilter_PnP_#t~post12#1;KbFilter_PnP_#t~post13#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post13#1;havoc KbFilter_PnP_#t~post13#1; {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} is VALID [2022-02-21 00:02:22,653 INFO L272 TraceCheckUtils]: 17: Hoare triple {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} call KbFilter_PnP_#t~ret14#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {16787#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:22,654 INFO L290 TraceCheckUtils]: 18: Hoare triple {16787#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,654 INFO L290 TraceCheckUtils]: 19: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume !(0 != ~compRegistered~0); {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,654 INFO L290 TraceCheckUtils]: 20: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,655 INFO L290 TraceCheckUtils]: 21: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume 0 == ~tmp_ndt_6~0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,655 INFO L290 TraceCheckUtils]: 22: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} ~returnVal2~0 := 0; {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,655 INFO L290 TraceCheckUtils]: 23: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume !(~s~0 == ~NP~0); {16788#(= ~s~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,656 INFO L290 TraceCheckUtils]: 24: Hoare triple {16788#(= ~s~0 |old(~s~0)|)} assume ~s~0 == ~MPR1~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,656 INFO L290 TraceCheckUtils]: 25: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} assume !(259 == ~returnVal2~0);~s~0 := ~NP~0;~lowerDriverReturn~0 := ~returnVal2~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,656 INFO L290 TraceCheckUtils]: 26: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} #res := ~returnVal2~0; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,656 INFO L290 TraceCheckUtils]: 27: Hoare triple {16789#(= ~MPR1~0 |old(~s~0)|)} assume true; {16789#(= ~MPR1~0 |old(~s~0)|)} is VALID [2022-02-21 00:02:22,657 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {16789#(= ~MPR1~0 |old(~s~0)|)} {16775#(and (= 3 ~s~0) (not (= ~MPR1~0 3)))} #726#return; {16773#false} is VALID [2022-02-21 00:02:22,657 INFO L290 TraceCheckUtils]: 29: Hoare triple {16773#false} assume -2147483648 <= KbFilter_PnP_#t~ret14#1 && KbFilter_PnP_#t~ret14#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret14#1;havoc KbFilter_PnP_#t~ret14#1; {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 30: Hoare triple {16773#false} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 31: Hoare triple {16773#false} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 32: Hoare triple {16773#false} assume !(1 == ~pended~0); {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 33: Hoare triple {16773#false} assume !(1 == ~pended~0); {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 34: Hoare triple {16773#false} assume ~s~0 != ~UNLOADED~0; {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 35: Hoare triple {16773#false} assume -1 != main_~status~1#1; {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 36: Hoare triple {16773#false} assume !(~s~0 != ~SKIP2~0); {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 37: Hoare triple {16773#false} assume !(1 == ~pended~0); {16773#false} is VALID [2022-02-21 00:02:22,658 INFO L290 TraceCheckUtils]: 38: Hoare triple {16773#false} assume !(~s~0 == ~DC~0); {16773#false} is VALID [2022-02-21 00:02:22,659 INFO L290 TraceCheckUtils]: 39: Hoare triple {16773#false} assume main_~status~1#1 != ~lowerDriverReturn~0; {16773#false} is VALID [2022-02-21 00:02:22,659 INFO L272 TraceCheckUtils]: 40: Hoare triple {16773#false} call errorFn(); {16773#false} is VALID [2022-02-21 00:02:22,659 INFO L290 TraceCheckUtils]: 41: Hoare triple {16773#false} assume !false; {16773#false} is VALID [2022-02-21 00:02:22,659 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:22,659 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:22,659 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [81887171] [2022-02-21 00:02:22,660 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [81887171] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:22,660 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:22,660 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-21 00:02:22,660 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1739945966] [2022-02-21 00:02:22,660 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:22,661 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-21 00:02:22,661 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:22,661 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:22,689 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:22,689 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-21 00:02:22,689 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:22,690 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-21 00:02:22,690 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:22,690 INFO L87 Difference]: Start difference. First operand 178 states and 237 transitions. Second operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:23,368 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:23,368 INFO L93 Difference]: Finished difference Result 176 states and 232 transitions. [2022-02-21 00:02:23,369 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:23,369 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-21 00:02:23,369 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:23,369 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:23,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 222 transitions. [2022-02-21 00:02:23,372 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:23,373 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 222 transitions. [2022-02-21 00:02:23,373 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 222 transitions. [2022-02-21 00:02:23,541 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 222 edges. 222 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:23,543 INFO L225 Difference]: With dead ends: 176 [2022-02-21 00:02:23,543 INFO L226 Difference]: Without dead ends: 176 [2022-02-21 00:02:23,543 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-21 00:02:23,544 INFO L933 BasicCegarLoop]: 195 mSDtfsCounter, 239 mSDsluCounter, 614 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 239 SdHoareTripleChecker+Valid, 809 SdHoareTripleChecker+Invalid, 202 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:23,544 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [239 Valid, 809 Invalid, 202 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:23,544 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 176 states. [2022-02-21 00:02:23,547 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 176 to 174. [2022-02-21 00:02:23,547 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:23,548 INFO L82 GeneralOperation]: Start isEquivalent. First operand 176 states. Second operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:23,548 INFO L74 IsIncluded]: Start isIncluded. First operand 176 states. Second operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:23,548 INFO L87 Difference]: Start difference. First operand 176 states. Second operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:23,551 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:23,551 INFO L93 Difference]: Finished difference Result 176 states and 232 transitions. [2022-02-21 00:02:23,552 INFO L276 IsEmpty]: Start isEmpty. Operand 176 states and 232 transitions. [2022-02-21 00:02:23,552 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:23,552 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:23,552 INFO L74 IsIncluded]: Start isIncluded. First operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 176 states. [2022-02-21 00:02:23,553 INFO L87 Difference]: Start difference. First operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 176 states. [2022-02-21 00:02:23,556 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:23,556 INFO L93 Difference]: Finished difference Result 176 states and 232 transitions. [2022-02-21 00:02:23,556 INFO L276 IsEmpty]: Start isEmpty. Operand 176 states and 232 transitions. [2022-02-21 00:02:23,556 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:23,556 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:23,557 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:23,557 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:23,557 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 152 states have (on average 1.3421052631578947) internal successors, (204), 153 states have internal predecessors, (204), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:23,560 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 230 transitions. [2022-02-21 00:02:23,560 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 230 transitions. Word has length 42 [2022-02-21 00:02:23,560 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:23,560 INFO L470 AbstractCegarLoop]: Abstraction has 174 states and 230 transitions. [2022-02-21 00:02:23,560 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:23,560 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 230 transitions. [2022-02-21 00:02:23,561 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-21 00:02:23,561 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:23,561 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:23,561 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2022-02-21 00:02:23,561 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:23,562 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:23,562 INFO L85 PathProgramCache]: Analyzing trace with hash -1096582801, now seen corresponding path program 1 times [2022-02-21 00:02:23,562 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:23,562 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [221840420] [2022-02-21 00:02:23,562 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:23,563 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:23,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:23,634 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:23,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:23,653 INFO L290 TraceCheckUtils]: 0: Hoare triple {17519#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 1: Hoare triple {17502#true} assume !(0 != ~compRegistered~0); {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 2: Hoare triple {17502#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 3: Hoare triple {17502#true} assume 0 == ~tmp_ndt_6~0; {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 4: Hoare triple {17502#true} ~returnVal2~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 5: Hoare triple {17502#true} assume !(~s~0 == ~NP~0); {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 6: Hoare triple {17502#true} assume !(~s~0 == ~MPR1~0); {17502#true} is VALID [2022-02-21 00:02:23,654 INFO L290 TraceCheckUtils]: 7: Hoare triple {17502#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {17520#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:23,655 INFO L290 TraceCheckUtils]: 8: Hoare triple {17520#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,655 INFO L290 TraceCheckUtils]: 9: Hoare triple {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,656 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {17502#true} #726#return; {17515#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} is VALID [2022-02-21 00:02:23,656 INFO L290 TraceCheckUtils]: 0: Hoare triple {17502#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,656 INFO L290 TraceCheckUtils]: 1: Hoare triple {17502#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,656 INFO L290 TraceCheckUtils]: 2: Hoare triple {17502#true} assume { :end_inline__BLAST_init } true; {17502#true} is VALID [2022-02-21 00:02:23,656 INFO L290 TraceCheckUtils]: 3: Hoare triple {17502#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 4: Hoare triple {17502#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 5: Hoare triple {17502#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 6: Hoare triple {17502#true} assume { :end_inline_stub_driver_init } true; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 7: Hoare triple {17502#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 8: Hoare triple {17502#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 9: Hoare triple {17502#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 10: Hoare triple {17502#true} assume 3 == main_~tmp_ndt_3~0#1; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 11: Hoare triple {17502#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {17502#true} is VALID [2022-02-21 00:02:23,657 INFO L290 TraceCheckUtils]: 12: Hoare triple {17502#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {17502#true} is VALID [2022-02-21 00:02:23,658 INFO L290 TraceCheckUtils]: 13: Hoare triple {17502#true} assume 23 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {17502#true} is VALID [2022-02-21 00:02:23,658 INFO L290 TraceCheckUtils]: 14: Hoare triple {17502#true} KbFilter_PnP_~devExt__SurpriseRemoved~0#1 := 1; {17502#true} is VALID [2022-02-21 00:02:23,658 INFO L290 TraceCheckUtils]: 15: Hoare triple {17502#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {17502#true} is VALID [2022-02-21 00:02:23,658 INFO L290 TraceCheckUtils]: 16: Hoare triple {17502#true} KbFilter_PnP_#t~post12#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post12#1;havoc KbFilter_PnP_#t~post12#1;KbFilter_PnP_#t~post13#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post13#1;havoc KbFilter_PnP_#t~post13#1; {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L272 TraceCheckUtils]: 17: Hoare triple {17502#true} call KbFilter_PnP_#t~ret14#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {17519#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 18: Hoare triple {17519#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 19: Hoare triple {17502#true} assume !(0 != ~compRegistered~0); {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 20: Hoare triple {17502#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 21: Hoare triple {17502#true} assume 0 == ~tmp_ndt_6~0; {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 22: Hoare triple {17502#true} ~returnVal2~0 := 0; {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 23: Hoare triple {17502#true} assume !(~s~0 == ~NP~0); {17502#true} is VALID [2022-02-21 00:02:23,659 INFO L290 TraceCheckUtils]: 24: Hoare triple {17502#true} assume !(~s~0 == ~MPR1~0); {17502#true} is VALID [2022-02-21 00:02:23,660 INFO L290 TraceCheckUtils]: 25: Hoare triple {17502#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {17520#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:23,660 INFO L290 TraceCheckUtils]: 26: Hoare triple {17520#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,660 INFO L290 TraceCheckUtils]: 27: Hoare triple {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,661 INFO L284 TraceCheckUtils]: 28: Hoare quadruple {17521#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {17502#true} #726#return; {17515#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} is VALID [2022-02-21 00:02:23,662 INFO L290 TraceCheckUtils]: 29: Hoare triple {17515#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret14#1|)} assume -2147483648 <= KbFilter_PnP_#t~ret14#1 && KbFilter_PnP_#t~ret14#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret14#1;havoc KbFilter_PnP_#t~ret14#1; {17516#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-21 00:02:23,662 INFO L290 TraceCheckUtils]: 30: Hoare triple {17516#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {17517#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,662 INFO L290 TraceCheckUtils]: 31: Hoare triple {17517#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,663 INFO L290 TraceCheckUtils]: 32: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,663 INFO L290 TraceCheckUtils]: 33: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,663 INFO L290 TraceCheckUtils]: 34: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,664 INFO L290 TraceCheckUtils]: 35: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,664 INFO L290 TraceCheckUtils]: 36: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,664 INFO L290 TraceCheckUtils]: 37: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,665 INFO L290 TraceCheckUtils]: 38: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:23,665 INFO L290 TraceCheckUtils]: 39: Hoare triple {17518#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {17503#false} is VALID [2022-02-21 00:02:23,665 INFO L272 TraceCheckUtils]: 40: Hoare triple {17503#false} call errorFn(); {17503#false} is VALID [2022-02-21 00:02:23,665 INFO L290 TraceCheckUtils]: 41: Hoare triple {17503#false} assume !false; {17503#false} is VALID [2022-02-21 00:02:23,665 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:23,665 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:23,666 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [221840420] [2022-02-21 00:02:23,666 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [221840420] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:23,666 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:23,666 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-21 00:02:23,666 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1470620044] [2022-02-21 00:02:23,666 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:23,667 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-21 00:02:23,667 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:23,667 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:23,700 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:23,700 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-21 00:02:23,700 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:23,700 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-21 00:02:23,701 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2022-02-21 00:02:23,701 INFO L87 Difference]: Start difference. First operand 174 states and 230 transitions. Second operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:24,532 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:24,533 INFO L93 Difference]: Finished difference Result 185 states and 241 transitions. [2022-02-21 00:02:24,533 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-21 00:02:24,533 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 42 [2022-02-21 00:02:24,533 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:24,534 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:24,536 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 232 transitions. [2022-02-21 00:02:24,536 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:24,537 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 232 transitions. [2022-02-21 00:02:24,538 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 232 transitions. [2022-02-21 00:02:24,685 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 232 edges. 232 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:24,688 INFO L225 Difference]: With dead ends: 185 [2022-02-21 00:02:24,688 INFO L226 Difference]: Without dead ends: 169 [2022-02-21 00:02:24,688 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2022-02-21 00:02:24,689 INFO L933 BasicCegarLoop]: 199 mSDtfsCounter, 52 mSDsluCounter, 1210 mSDsCounter, 0 mSdLazyCounter, 237 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 1409 SdHoareTripleChecker+Invalid, 253 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 237 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:24,689 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 1409 Invalid, 253 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 237 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:24,689 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 169 states. [2022-02-21 00:02:24,693 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 169 to 169. [2022-02-21 00:02:24,693 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:24,693 INFO L82 GeneralOperation]: Start isEquivalent. First operand 169 states. Second operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:24,694 INFO L74 IsIncluded]: Start isIncluded. First operand 169 states. Second operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:24,694 INFO L87 Difference]: Start difference. First operand 169 states. Second operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:24,697 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:24,697 INFO L93 Difference]: Finished difference Result 169 states and 223 transitions. [2022-02-21 00:02:24,697 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 223 transitions. [2022-02-21 00:02:24,697 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:24,698 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:24,698 INFO L74 IsIncluded]: Start isIncluded. First operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) Second operand 169 states. [2022-02-21 00:02:24,698 INFO L87 Difference]: Start difference. First operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) Second operand 169 states. [2022-02-21 00:02:24,701 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:24,702 INFO L93 Difference]: Finished difference Result 169 states and 223 transitions. [2022-02-21 00:02:24,702 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 223 transitions. [2022-02-21 00:02:24,702 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:24,702 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:24,702 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:24,702 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:24,703 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 148 states have (on average 1.3445945945945945) internal successors, (199), 149 states have internal predecessors, (199), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:24,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 223 transitions. [2022-02-21 00:02:24,706 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 223 transitions. Word has length 42 [2022-02-21 00:02:24,706 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:24,706 INFO L470 AbstractCegarLoop]: Abstraction has 169 states and 223 transitions. [2022-02-21 00:02:24,706 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.333333333333333) internal successors, (39), 7 states have internal predecessors, (39), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:24,706 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 223 transitions. [2022-02-21 00:02:24,707 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-02-21 00:02:24,707 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:24,707 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:24,707 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2022-02-21 00:02:24,707 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:24,708 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:24,708 INFO L85 PathProgramCache]: Analyzing trace with hash 1105542194, now seen corresponding path program 1 times [2022-02-21 00:02:24,708 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:24,708 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1689675078] [2022-02-21 00:02:24,708 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:24,708 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:24,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:24,756 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-02-21 00:02:24,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:24,765 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-21 00:02:24,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:24,771 INFO L290 TraceCheckUtils]: 0: Hoare triple {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18222#true} is VALID [2022-02-21 00:02:24,771 INFO L290 TraceCheckUtils]: 1: Hoare triple {18222#true} assume !(0 != ~compRegistered~0); {18222#true} is VALID [2022-02-21 00:02:24,771 INFO L290 TraceCheckUtils]: 2: Hoare triple {18222#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18222#true} is VALID [2022-02-21 00:02:24,771 INFO L290 TraceCheckUtils]: 3: Hoare triple {18222#true} assume 0 == ~tmp_ndt_6~0; {18222#true} is VALID [2022-02-21 00:02:24,771 INFO L290 TraceCheckUtils]: 4: Hoare triple {18222#true} ~returnVal2~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 5: Hoare triple {18222#true} assume !(~s~0 == ~NP~0); {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 6: Hoare triple {18222#true} assume !(~s~0 == ~MPR1~0); {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 7: Hoare triple {18222#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 8: Hoare triple {18222#true} #res := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 9: Hoare triple {18222#true} assume true; {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {18222#true} {18222#true} #754#return; {18222#true} is VALID [2022-02-21 00:02:24,772 INFO L290 TraceCheckUtils]: 0: Hoare triple {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {18222#true} is VALID [2022-02-21 00:02:24,773 INFO L290 TraceCheckUtils]: 1: Hoare triple {18222#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {18222#true} is VALID [2022-02-21 00:02:24,773 INFO L290 TraceCheckUtils]: 2: Hoare triple {18222#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L272 TraceCheckUtils]: 3: Hoare triple {18222#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 4: Hoare triple {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 5: Hoare triple {18222#true} assume !(0 != ~compRegistered~0); {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 6: Hoare triple {18222#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 7: Hoare triple {18222#true} assume 0 == ~tmp_ndt_6~0; {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 8: Hoare triple {18222#true} ~returnVal2~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 9: Hoare triple {18222#true} assume !(~s~0 == ~NP~0); {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 10: Hoare triple {18222#true} assume !(~s~0 == ~MPR1~0); {18222#true} is VALID [2022-02-21 00:02:24,774 INFO L290 TraceCheckUtils]: 11: Hoare triple {18222#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L290 TraceCheckUtils]: 12: Hoare triple {18222#true} #res := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L290 TraceCheckUtils]: 13: Hoare triple {18222#true} assume true; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {18222#true} {18222#true} #754#return; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L290 TraceCheckUtils]: 15: Hoare triple {18222#true} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L290 TraceCheckUtils]: 16: Hoare triple {18222#true} assume true; {18222#true} is VALID [2022-02-21 00:02:24,775 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {18222#true} {18223#false} #746#return; {18223#false} is VALID [2022-02-21 00:02:24,775 INFO L290 TraceCheckUtils]: 0: Hoare triple {18222#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 1: Hoare triple {18222#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 2: Hoare triple {18222#true} assume { :end_inline__BLAST_init } true; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 3: Hoare triple {18222#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 4: Hoare triple {18222#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 5: Hoare triple {18222#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 6: Hoare triple {18222#true} assume { :end_inline_stub_driver_init } true; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 7: Hoare triple {18222#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 8: Hoare triple {18222#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {18222#true} is VALID [2022-02-21 00:02:24,776 INFO L290 TraceCheckUtils]: 9: Hoare triple {18222#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {18222#true} is VALID [2022-02-21 00:02:24,777 INFO L290 TraceCheckUtils]: 10: Hoare triple {18222#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {18222#true} is VALID [2022-02-21 00:02:24,777 INFO L290 TraceCheckUtils]: 11: Hoare triple {18222#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {18222#true} is VALID [2022-02-21 00:02:24,777 INFO L290 TraceCheckUtils]: 12: Hoare triple {18222#true} assume 8 == main_~tmp_ndt_5~0#1; {18222#true} is VALID [2022-02-21 00:02:24,777 INFO L290 TraceCheckUtils]: 13: Hoare triple {18222#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {18222#true} is VALID [2022-02-21 00:02:24,777 INFO L290 TraceCheckUtils]: 14: Hoare triple {18222#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {18222#true} is VALID [2022-02-21 00:02:24,778 INFO L290 TraceCheckUtils]: 15: Hoare triple {18222#true} assume 0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := -1073741757; {18224#(<= (+ 1073741757 |ULTIMATE.start_KbFilter_InternIoCtl_~status~3#1|) 0)} is VALID [2022-02-21 00:02:24,778 INFO L290 TraceCheckUtils]: 16: Hoare triple {18224#(<= (+ 1073741757 |ULTIMATE.start_KbFilter_InternIoCtl_~status~3#1|) 0)} assume !(KbFilter_InternIoCtl_~status~3#1 < 0); {18223#false} is VALID [2022-02-21 00:02:24,778 INFO L272 TraceCheckUtils]: 17: Hoare triple {18223#false} call KbFilter_InternIoCtl_#t~ret80#1 := KbFilter_DispatchPassThrough(KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1); {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:24,778 INFO L290 TraceCheckUtils]: 18: Hoare triple {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {18222#true} is VALID [2022-02-21 00:02:24,778 INFO L290 TraceCheckUtils]: 19: Hoare triple {18222#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {18222#true} is VALID [2022-02-21 00:02:24,779 INFO L290 TraceCheckUtils]: 20: Hoare triple {18222#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {18222#true} is VALID [2022-02-21 00:02:24,779 INFO L272 TraceCheckUtils]: 21: Hoare triple {18222#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:24,779 INFO L290 TraceCheckUtils]: 22: Hoare triple {18243#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 23: Hoare triple {18222#true} assume !(0 != ~compRegistered~0); {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 24: Hoare triple {18222#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 25: Hoare triple {18222#true} assume 0 == ~tmp_ndt_6~0; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 26: Hoare triple {18222#true} ~returnVal2~0 := 0; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 27: Hoare triple {18222#true} assume !(~s~0 == ~NP~0); {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 28: Hoare triple {18222#true} assume !(~s~0 == ~MPR1~0); {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 29: Hoare triple {18222#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 30: Hoare triple {18222#true} #res := ~returnVal2~0; {18222#true} is VALID [2022-02-21 00:02:24,780 INFO L290 TraceCheckUtils]: 31: Hoare triple {18222#true} assume true; {18222#true} is VALID [2022-02-21 00:02:24,781 INFO L284 TraceCheckUtils]: 32: Hoare quadruple {18222#true} {18222#true} #754#return; {18222#true} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 33: Hoare triple {18222#true} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {18222#true} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 34: Hoare triple {18222#true} assume true; {18222#true} is VALID [2022-02-21 00:02:24,781 INFO L284 TraceCheckUtils]: 35: Hoare quadruple {18222#true} {18223#false} #746#return; {18223#false} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 36: Hoare triple {18223#false} assume -2147483648 <= KbFilter_InternIoCtl_#t~ret80#1 && KbFilter_InternIoCtl_#t~ret80#1 <= 2147483647;KbFilter_InternIoCtl_~tmp~3#1 := KbFilter_InternIoCtl_#t~ret80#1;havoc KbFilter_InternIoCtl_#t~ret80#1;KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~tmp~3#1; {18223#false} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 37: Hoare triple {18223#false} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {18223#false} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 38: Hoare triple {18223#false} assume !(1 == ~pended~0); {18223#false} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 39: Hoare triple {18223#false} assume !(1 == ~pended~0); {18223#false} is VALID [2022-02-21 00:02:24,781 INFO L290 TraceCheckUtils]: 40: Hoare triple {18223#false} assume ~s~0 != ~UNLOADED~0; {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 41: Hoare triple {18223#false} assume -1 != main_~status~1#1; {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 42: Hoare triple {18223#false} assume !(~s~0 != ~SKIP2~0); {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 43: Hoare triple {18223#false} assume !(1 == ~pended~0); {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 44: Hoare triple {18223#false} assume !(~s~0 == ~DC~0); {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 45: Hoare triple {18223#false} assume main_~status~1#1 != ~lowerDriverReturn~0; {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L272 TraceCheckUtils]: 46: Hoare triple {18223#false} call errorFn(); {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L290 TraceCheckUtils]: 47: Hoare triple {18223#false} assume !false; {18223#false} is VALID [2022-02-21 00:02:24,782 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:24,783 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:24,783 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1689675078] [2022-02-21 00:02:24,783 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1689675078] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:24,783 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:24,783 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:24,783 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [899002171] [2022-02-21 00:02:24,783 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:24,784 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 48 [2022-02-21 00:02:24,784 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:24,784 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-21 00:02:24,815 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:24,815 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:24,815 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:24,816 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:24,816 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:24,816 INFO L87 Difference]: Start difference. First operand 169 states and 223 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-21 00:02:25,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:25,123 INFO L93 Difference]: Finished difference Result 170 states and 223 transitions. [2022-02-21 00:02:25,123 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:25,124 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 48 [2022-02-21 00:02:25,124 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:25,124 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-21 00:02:25,125 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 214 transitions. [2022-02-21 00:02:25,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-21 00:02:25,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 214 transitions. [2022-02-21 00:02:25,127 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 214 transitions. [2022-02-21 00:02:25,280 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 214 edges. 214 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:25,282 INFO L225 Difference]: With dead ends: 170 [2022-02-21 00:02:25,282 INFO L226 Difference]: Without dead ends: 168 [2022-02-21 00:02:25,283 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:25,283 INFO L933 BasicCegarLoop]: 198 mSDtfsCounter, 26 mSDsluCounter, 333 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 531 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:25,283 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [26 Valid, 531 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:25,284 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2022-02-21 00:02:25,286 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 168. [2022-02-21 00:02:25,286 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:25,287 INFO L82 GeneralOperation]: Start isEquivalent. First operand 168 states. Second operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:25,287 INFO L74 IsIncluded]: Start isIncluded. First operand 168 states. Second operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:25,287 INFO L87 Difference]: Start difference. First operand 168 states. Second operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:25,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:25,292 INFO L93 Difference]: Finished difference Result 168 states and 218 transitions. [2022-02-21 00:02:25,292 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 218 transitions. [2022-02-21 00:02:25,293 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:25,293 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:25,293 INFO L74 IsIncluded]: Start isIncluded. First operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) Second operand 168 states. [2022-02-21 00:02:25,294 INFO L87 Difference]: Start difference. First operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) Second operand 168 states. [2022-02-21 00:02:25,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:25,297 INFO L93 Difference]: Finished difference Result 168 states and 218 transitions. [2022-02-21 00:02:25,297 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 218 transitions. [2022-02-21 00:02:25,298 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:25,298 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:25,298 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:25,298 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:25,299 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 168 states, 147 states have (on average 1.3197278911564625) internal successors, (194), 148 states have internal predecessors, (194), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (11), 11 states have call predecessors, (11), 10 states have call successors, (11) [2022-02-21 00:02:25,302 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 168 states to 168 states and 218 transitions. [2022-02-21 00:02:25,303 INFO L78 Accepts]: Start accepts. Automaton has 168 states and 218 transitions. Word has length 48 [2022-02-21 00:02:25,303 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:25,303 INFO L470 AbstractCegarLoop]: Abstraction has 168 states and 218 transitions. [2022-02-21 00:02:25,303 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 3 states have internal predecessors, (43), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-21 00:02:25,303 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 218 transitions. [2022-02-21 00:02:25,304 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-02-21 00:02:25,304 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:25,304 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:25,304 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2022-02-21 00:02:25,305 INFO L402 AbstractCegarLoop]: === Iteration 21 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:25,305 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:25,305 INFO L85 PathProgramCache]: Analyzing trace with hash 364909914, now seen corresponding path program 1 times [2022-02-21 00:02:25,305 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:25,305 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [572146675] [2022-02-21 00:02:25,306 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:25,306 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:25,337 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:25,372 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-21 00:02:25,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:25,397 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-02-21 00:02:25,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:25,421 INFO L290 TraceCheckUtils]: 0: Hoare triple {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 1: Hoare triple {18931#true} assume !(0 != ~compRegistered~0); {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 2: Hoare triple {18931#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 3: Hoare triple {18931#true} assume 0 == ~tmp_ndt_6~0; {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 4: Hoare triple {18931#true} ~returnVal2~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 5: Hoare triple {18931#true} assume !(~s~0 == ~NP~0); {18931#true} is VALID [2022-02-21 00:02:25,422 INFO L290 TraceCheckUtils]: 6: Hoare triple {18931#true} assume !(~s~0 == ~MPR1~0); {18931#true} is VALID [2022-02-21 00:02:25,423 INFO L290 TraceCheckUtils]: 7: Hoare triple {18931#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:25,423 INFO L290 TraceCheckUtils]: 8: Hoare triple {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,424 INFO L290 TraceCheckUtils]: 9: Hoare triple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,424 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {18931#true} #754#return; {18966#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,425 INFO L290 TraceCheckUtils]: 0: Hoare triple {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {18931#true} is VALID [2022-02-21 00:02:25,425 INFO L290 TraceCheckUtils]: 1: Hoare triple {18931#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {18931#true} is VALID [2022-02-21 00:02:25,425 INFO L290 TraceCheckUtils]: 2: Hoare triple {18931#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {18931#true} is VALID [2022-02-21 00:02:25,426 INFO L272 TraceCheckUtils]: 3: Hoare triple {18931#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:25,426 INFO L290 TraceCheckUtils]: 4: Hoare triple {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18931#true} is VALID [2022-02-21 00:02:25,426 INFO L290 TraceCheckUtils]: 5: Hoare triple {18931#true} assume !(0 != ~compRegistered~0); {18931#true} is VALID [2022-02-21 00:02:25,426 INFO L290 TraceCheckUtils]: 6: Hoare triple {18931#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18931#true} is VALID [2022-02-21 00:02:25,426 INFO L290 TraceCheckUtils]: 7: Hoare triple {18931#true} assume 0 == ~tmp_ndt_6~0; {18931#true} is VALID [2022-02-21 00:02:25,427 INFO L290 TraceCheckUtils]: 8: Hoare triple {18931#true} ~returnVal2~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,427 INFO L290 TraceCheckUtils]: 9: Hoare triple {18931#true} assume !(~s~0 == ~NP~0); {18931#true} is VALID [2022-02-21 00:02:25,427 INFO L290 TraceCheckUtils]: 10: Hoare triple {18931#true} assume !(~s~0 == ~MPR1~0); {18931#true} is VALID [2022-02-21 00:02:25,427 INFO L290 TraceCheckUtils]: 11: Hoare triple {18931#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:25,428 INFO L290 TraceCheckUtils]: 12: Hoare triple {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,428 INFO L290 TraceCheckUtils]: 13: Hoare triple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,429 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {18931#true} #754#return; {18966#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,429 INFO L290 TraceCheckUtils]: 15: Hoare triple {18966#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,430 INFO L290 TraceCheckUtils]: 16: Hoare triple {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} assume true; {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,430 INFO L284 TraceCheckUtils]: 17: Hoare quadruple {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} {18931#true} #746#return; {18951#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 0: Hoare triple {18931#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 1: Hoare triple {18931#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 2: Hoare triple {18931#true} assume { :end_inline__BLAST_init } true; {18931#true} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 3: Hoare triple {18931#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 4: Hoare triple {18931#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {18931#true} is VALID [2022-02-21 00:02:25,431 INFO L290 TraceCheckUtils]: 5: Hoare triple {18931#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 6: Hoare triple {18931#true} assume { :end_inline_stub_driver_init } true; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 7: Hoare triple {18931#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 8: Hoare triple {18931#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 9: Hoare triple {18931#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 10: Hoare triple {18931#true} assume !(3 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;assume -2147483648 <= main_#t~nondet27#1 && main_#t~nondet27#1 <= 2147483647;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 11: Hoare triple {18931#true} assume !(4 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;assume -2147483648 <= main_#t~nondet28#1 && main_#t~nondet28#1 <= 2147483647;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {18931#true} is VALID [2022-02-21 00:02:25,432 INFO L290 TraceCheckUtils]: 12: Hoare triple {18931#true} assume 8 == main_~tmp_ndt_5~0#1; {18931#true} is VALID [2022-02-21 00:02:25,433 INFO L290 TraceCheckUtils]: 13: Hoare triple {18931#true} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet63#1 && KbFilter_InternIoCtl_#t~nondet63#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet64#1 && KbFilter_InternIoCtl_#t~nondet64#1 <= 2147483647;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet65#1 && KbFilter_InternIoCtl_#t~nondet65#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet66#1 && KbFilter_InternIoCtl_#t~nondet66#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet67#1 && KbFilter_InternIoCtl_#t~nondet67#1 <= 2147483647;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet68#1 && KbFilter_InternIoCtl_#t~nondet68#1 <= 2147483647;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet69#1 && KbFilter_InternIoCtl_#t~nondet69#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet70#1 && KbFilter_InternIoCtl_#t~nondet70#1 <= 2147483647;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet71#1 && KbFilter_InternIoCtl_#t~nondet71#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet72#1 && KbFilter_InternIoCtl_#t~nondet72#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet73#1 && KbFilter_InternIoCtl_#t~nondet73#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet74#1 && KbFilter_InternIoCtl_#t~nondet74#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet75#1 && KbFilter_InternIoCtl_#t~nondet75#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet76#1 && KbFilter_InternIoCtl_#t~nondet76#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet77#1 && KbFilter_InternIoCtl_#t~nondet77#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet78#1 && KbFilter_InternIoCtl_#t~nondet78#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;assume -2147483648 <= KbFilter_InternIoCtl_#t~nondet79#1 && KbFilter_InternIoCtl_#t~nondet79#1 <= 2147483647;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0; {18931#true} is VALID [2022-02-21 00:02:25,433 INFO L290 TraceCheckUtils]: 14: Hoare triple {18931#true} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {18931#true} is VALID [2022-02-21 00:02:25,433 INFO L290 TraceCheckUtils]: 15: Hoare triple {18931#true} assume !(0 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1); {18931#true} is VALID [2022-02-21 00:02:25,433 INFO L290 TraceCheckUtils]: 16: Hoare triple {18931#true} assume !(KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 < KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1);KbFilter_InternIoCtl_~connectData~0#1 := KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1; {18931#true} is VALID [2022-02-21 00:02:25,433 INFO L290 TraceCheckUtils]: 17: Hoare triple {18931#true} assume !(KbFilter_InternIoCtl_~status~3#1 < 0); {18931#true} is VALID [2022-02-21 00:02:25,434 INFO L272 TraceCheckUtils]: 18: Hoare triple {18931#true} call KbFilter_InternIoCtl_#t~ret80#1 := KbFilter_DispatchPassThrough(KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1); {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:25,434 INFO L290 TraceCheckUtils]: 19: Hoare triple {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;assume -2147483648 <= #t~nondet44 && #t~nondet44 <= 2147483647;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;assume -2147483648 <= #t~nondet45 && #t~nondet45 <= 2147483647;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;assume -2147483648 <= #t~nondet46 && #t~nondet46 <= 2147483647;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {18931#true} is VALID [2022-02-21 00:02:25,435 INFO L290 TraceCheckUtils]: 20: Hoare triple {18931#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {18931#true} is VALID [2022-02-21 00:02:25,435 INFO L290 TraceCheckUtils]: 21: Hoare triple {18931#true} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := 1 + #t~post47;havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := 1 + #t~post48;havoc #t~post48; {18931#true} is VALID [2022-02-21 00:02:25,435 INFO L272 TraceCheckUtils]: 22: Hoare triple {18931#true} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 23: Hoare triple {18954#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {18931#true} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 24: Hoare triple {18931#true} assume !(0 != ~compRegistered~0); {18931#true} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 25: Hoare triple {18931#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {18931#true} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 26: Hoare triple {18931#true} assume 0 == ~tmp_ndt_6~0; {18931#true} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 27: Hoare triple {18931#true} ~returnVal2~0 := 0; {18931#true} is VALID [2022-02-21 00:02:25,436 INFO L290 TraceCheckUtils]: 28: Hoare triple {18931#true} assume !(~s~0 == ~NP~0); {18931#true} is VALID [2022-02-21 00:02:25,437 INFO L290 TraceCheckUtils]: 29: Hoare triple {18931#true} assume !(~s~0 == ~MPR1~0); {18931#true} is VALID [2022-02-21 00:02:25,437 INFO L290 TraceCheckUtils]: 30: Hoare triple {18931#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:25,437 INFO L290 TraceCheckUtils]: 31: Hoare triple {18968#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,438 INFO L290 TraceCheckUtils]: 32: Hoare triple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,438 INFO L284 TraceCheckUtils]: 33: Hoare quadruple {18969#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {18931#true} #754#return; {18966#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,439 INFO L290 TraceCheckUtils]: 34: Hoare triple {18966#(= |KbFilter_DispatchPassThrough_#t~ret49| ~lowerDriverReturn~0)} assume -2147483648 <= #t~ret49 && #t~ret49 <= 2147483647;~tmp~1 := #t~ret49;havoc #t~ret49;#res := ~tmp~1; {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,439 INFO L290 TraceCheckUtils]: 35: Hoare triple {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} assume true; {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,440 INFO L284 TraceCheckUtils]: 36: Hoare quadruple {18967#(= |KbFilter_DispatchPassThrough_#res| ~lowerDriverReturn~0)} {18931#true} #746#return; {18951#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,440 INFO L290 TraceCheckUtils]: 37: Hoare triple {18951#(= |ULTIMATE.start_KbFilter_InternIoCtl_#t~ret80#1| ~lowerDriverReturn~0)} assume -2147483648 <= KbFilter_InternIoCtl_#t~ret80#1 && KbFilter_InternIoCtl_#t~ret80#1 <= 2147483647;KbFilter_InternIoCtl_~tmp~3#1 := KbFilter_InternIoCtl_#t~ret80#1;havoc KbFilter_InternIoCtl_#t~ret80#1;KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~tmp~3#1; {18952#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_InternIoCtl_#res#1|)} is VALID [2022-02-21 00:02:25,441 INFO L290 TraceCheckUtils]: 38: Hoare triple {18952#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_InternIoCtl_#res#1|)} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;assume -2147483648 <= main_#t~ret33#1 && main_#t~ret33#1 <= 2147483647;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,441 INFO L290 TraceCheckUtils]: 39: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,442 INFO L290 TraceCheckUtils]: 40: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,442 INFO L290 TraceCheckUtils]: 41: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,442 INFO L290 TraceCheckUtils]: 42: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,443 INFO L290 TraceCheckUtils]: 43: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,443 INFO L290 TraceCheckUtils]: 44: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,443 INFO L290 TraceCheckUtils]: 45: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:25,444 INFO L290 TraceCheckUtils]: 46: Hoare triple {18953#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {18932#false} is VALID [2022-02-21 00:02:25,444 INFO L272 TraceCheckUtils]: 47: Hoare triple {18932#false} call errorFn(); {18932#false} is VALID [2022-02-21 00:02:25,444 INFO L290 TraceCheckUtils]: 48: Hoare triple {18932#false} assume !false; {18932#false} is VALID [2022-02-21 00:02:25,444 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:25,444 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:25,445 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [572146675] [2022-02-21 00:02:25,445 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [572146675] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:25,445 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:25,445 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-02-21 00:02:25,445 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [811631649] [2022-02-21 00:02:25,445 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:25,446 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 49 [2022-02-21 00:02:25,446 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:25,446 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:25,478 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 49 edges. 49 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:25,479 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-21 00:02:25,480 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:25,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-21 00:02:25,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2022-02-21 00:02:25,481 INFO L87 Difference]: Start difference. First operand 168 states and 218 transitions. Second operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:26,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:26,436 INFO L93 Difference]: Finished difference Result 177 states and 227 transitions. [2022-02-21 00:02:26,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-21 00:02:26,437 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 49 [2022-02-21 00:02:26,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:26,437 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:26,440 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 218 transitions. [2022-02-21 00:02:26,440 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:26,444 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 218 transitions. [2022-02-21 00:02:26,445 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 218 transitions. [2022-02-21 00:02:26,590 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 218 edges. 218 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:26,592 INFO L225 Difference]: With dead ends: 177 [2022-02-21 00:02:26,592 INFO L226 Difference]: Without dead ends: 145 [2022-02-21 00:02:26,592 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=25, Invalid=107, Unknown=0, NotChecked=0, Total=132 [2022-02-21 00:02:26,593 INFO L933 BasicCegarLoop]: 196 mSDtfsCounter, 41 mSDsluCounter, 1343 mSDsCounter, 0 mSdLazyCounter, 269 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 1539 SdHoareTripleChecker+Invalid, 283 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 269 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:26,593 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [41 Valid, 1539 Invalid, 283 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 269 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:26,593 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 145 states. [2022-02-21 00:02:26,596 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 145 to 145. [2022-02-21 00:02:26,596 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:26,596 INFO L82 GeneralOperation]: Start isEquivalent. First operand 145 states. Second operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-21 00:02:26,596 INFO L74 IsIncluded]: Start isIncluded. First operand 145 states. Second operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-21 00:02:26,597 INFO L87 Difference]: Start difference. First operand 145 states. Second operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-21 00:02:26,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:26,599 INFO L93 Difference]: Finished difference Result 145 states and 183 transitions. [2022-02-21 00:02:26,599 INFO L276 IsEmpty]: Start isEmpty. Operand 145 states and 183 transitions. [2022-02-21 00:02:26,599 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:26,599 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:26,600 INFO L74 IsIncluded]: Start isIncluded. First operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) Second operand 145 states. [2022-02-21 00:02:26,600 INFO L87 Difference]: Start difference. First operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) Second operand 145 states. [2022-02-21 00:02:26,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:26,602 INFO L93 Difference]: Finished difference Result 145 states and 183 transitions. [2022-02-21 00:02:26,605 INFO L276 IsEmpty]: Start isEmpty. Operand 145 states and 183 transitions. [2022-02-21 00:02:26,606 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:26,606 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:26,606 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:26,606 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:26,607 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 145 states, 125 states have (on average 1.288) internal successors, (161), 126 states have internal predecessors, (161), 12 states have call successors, (12), 8 states have call predecessors, (12), 7 states have return successors, (10), 10 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-21 00:02:26,609 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 145 states to 145 states and 183 transitions. [2022-02-21 00:02:26,609 INFO L78 Accepts]: Start accepts. Automaton has 145 states and 183 transitions. Word has length 49 [2022-02-21 00:02:26,609 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:26,609 INFO L470 AbstractCegarLoop]: Abstraction has 145 states and 183 transitions. [2022-02-21 00:02:26,609 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:26,610 INFO L276 IsEmpty]: Start isEmpty. Operand 145 states and 183 transitions. [2022-02-21 00:02:26,610 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-21 00:02:26,610 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:26,610 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:26,611 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2022-02-21 00:02:26,611 INFO L402 AbstractCegarLoop]: === Iteration 22 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:26,612 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:26,612 INFO L85 PathProgramCache]: Analyzing trace with hash 1292109318, now seen corresponding path program 1 times [2022-02-21 00:02:26,612 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:26,612 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1381830453] [2022-02-21 00:02:26,612 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:26,613 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:26,632 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:26,665 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-21 00:02:26,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:26,710 INFO L290 TraceCheckUtils]: 0: Hoare triple {19605#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {19588#true} is VALID [2022-02-21 00:02:26,710 INFO L290 TraceCheckUtils]: 1: Hoare triple {19588#true} assume !(0 != ~compRegistered~0); {19588#true} is VALID [2022-02-21 00:02:26,710 INFO L290 TraceCheckUtils]: 2: Hoare triple {19588#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {19588#true} is VALID [2022-02-21 00:02:26,710 INFO L290 TraceCheckUtils]: 3: Hoare triple {19588#true} assume 0 == ~tmp_ndt_6~0; {19588#true} is VALID [2022-02-21 00:02:26,711 INFO L290 TraceCheckUtils]: 4: Hoare triple {19588#true} ~returnVal2~0 := 0; {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,711 INFO L290 TraceCheckUtils]: 5: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~NP~0); {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,712 INFO L290 TraceCheckUtils]: 6: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~MPR1~0); {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,713 INFO L290 TraceCheckUtils]: 7: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,713 INFO L290 TraceCheckUtils]: 8: Hoare triple {19601#(= ~lowerDriverReturn~0 0)} #res := ~returnVal2~0; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,713 INFO L290 TraceCheckUtils]: 9: Hoare triple {19601#(= ~lowerDriverReturn~0 0)} assume true; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,714 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {19601#(= ~lowerDriverReturn~0 0)} {19588#true} #730#return; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,714 INFO L290 TraceCheckUtils]: 0: Hoare triple {19588#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 1: Hoare triple {19588#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 2: Hoare triple {19588#true} assume { :end_inline__BLAST_init } true; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 3: Hoare triple {19588#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 4: Hoare triple {19588#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 5: Hoare triple {19588#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {19588#true} is VALID [2022-02-21 00:02:26,715 INFO L290 TraceCheckUtils]: 6: Hoare triple {19588#true} assume { :end_inline_stub_driver_init } true; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 7: Hoare triple {19588#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 8: Hoare triple {19588#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 9: Hoare triple {19588#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 10: Hoare triple {19588#true} assume 3 == main_~tmp_ndt_3~0#1; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 11: Hoare triple {19588#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {19588#true} is VALID [2022-02-21 00:02:26,716 INFO L290 TraceCheckUtils]: 12: Hoare triple {19588#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {19588#true} is VALID [2022-02-21 00:02:26,717 INFO L290 TraceCheckUtils]: 13: Hoare triple {19588#true} assume !(23 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {19588#true} is VALID [2022-02-21 00:02:26,717 INFO L290 TraceCheckUtils]: 14: Hoare triple {19588#true} assume 2 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {19588#true} is VALID [2022-02-21 00:02:26,717 INFO L290 TraceCheckUtils]: 15: Hoare triple {19588#true} KbFilter_PnP_~devExt__Removed~0#1 := 1; {19588#true} is VALID [2022-02-21 00:02:26,717 INFO L290 TraceCheckUtils]: 16: Hoare triple {19588#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {19588#true} is VALID [2022-02-21 00:02:26,717 INFO L290 TraceCheckUtils]: 17: Hoare triple {19588#true} KbFilter_PnP_#t~post15#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post15#1;havoc KbFilter_PnP_#t~post15#1;KbFilter_PnP_#t~post16#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post16#1;havoc KbFilter_PnP_#t~post16#1; {19588#true} is VALID [2022-02-21 00:02:26,718 INFO L272 TraceCheckUtils]: 18: Hoare triple {19588#true} call KbFilter_PnP_#t~ret17#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {19605#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:26,718 INFO L290 TraceCheckUtils]: 19: Hoare triple {19605#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {19588#true} is VALID [2022-02-21 00:02:26,718 INFO L290 TraceCheckUtils]: 20: Hoare triple {19588#true} assume !(0 != ~compRegistered~0); {19588#true} is VALID [2022-02-21 00:02:26,719 INFO L290 TraceCheckUtils]: 21: Hoare triple {19588#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {19588#true} is VALID [2022-02-21 00:02:26,719 INFO L290 TraceCheckUtils]: 22: Hoare triple {19588#true} assume 0 == ~tmp_ndt_6~0; {19588#true} is VALID [2022-02-21 00:02:26,719 INFO L290 TraceCheckUtils]: 23: Hoare triple {19588#true} ~returnVal2~0 := 0; {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,720 INFO L290 TraceCheckUtils]: 24: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~NP~0); {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,720 INFO L290 TraceCheckUtils]: 25: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume !(~s~0 == ~MPR1~0); {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} is VALID [2022-02-21 00:02:26,721 INFO L290 TraceCheckUtils]: 26: Hoare triple {19606#(and (<= IofCallDriver_~returnVal2~0 0) (<= 0 IofCallDriver_~returnVal2~0))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,721 INFO L290 TraceCheckUtils]: 27: Hoare triple {19601#(= ~lowerDriverReturn~0 0)} #res := ~returnVal2~0; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,721 INFO L290 TraceCheckUtils]: 28: Hoare triple {19601#(= ~lowerDriverReturn~0 0)} assume true; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,722 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {19601#(= ~lowerDriverReturn~0 0)} {19588#true} #730#return; {19601#(= ~lowerDriverReturn~0 0)} is VALID [2022-02-21 00:02:26,722 INFO L290 TraceCheckUtils]: 30: Hoare triple {19601#(= ~lowerDriverReturn~0 0)} assume -2147483648 <= KbFilter_PnP_#t~ret17#1 && KbFilter_PnP_#t~ret17#1 <= 2147483647;havoc KbFilter_PnP_#t~ret17#1;KbFilter_PnP_~status~0#1 := 0; {19602#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-21 00:02:26,723 INFO L290 TraceCheckUtils]: 31: Hoare triple {19602#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {19603#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,723 INFO L290 TraceCheckUtils]: 32: Hoare triple {19603#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,724 INFO L290 TraceCheckUtils]: 33: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,724 INFO L290 TraceCheckUtils]: 34: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,724 INFO L290 TraceCheckUtils]: 35: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,725 INFO L290 TraceCheckUtils]: 36: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,725 INFO L290 TraceCheckUtils]: 37: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,725 INFO L290 TraceCheckUtils]: 38: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,726 INFO L290 TraceCheckUtils]: 39: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:26,726 INFO L290 TraceCheckUtils]: 40: Hoare triple {19604#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {19589#false} is VALID [2022-02-21 00:02:26,726 INFO L272 TraceCheckUtils]: 41: Hoare triple {19589#false} call errorFn(); {19589#false} is VALID [2022-02-21 00:02:26,726 INFO L290 TraceCheckUtils]: 42: Hoare triple {19589#false} assume !false; {19589#false} is VALID [2022-02-21 00:02:26,726 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:26,727 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:26,727 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1381830453] [2022-02-21 00:02:26,727 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1381830453] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:26,727 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:26,727 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-21 00:02:26,728 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [351755042] [2022-02-21 00:02:26,728 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:26,728 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-21 00:02:26,728 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:26,729 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:26,759 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:26,759 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-21 00:02:26,761 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:26,761 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-21 00:02:26,761 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-02-21 00:02:26,761 INFO L87 Difference]: Start difference. First operand 145 states and 183 transitions. Second operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:27,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:27,561 INFO L93 Difference]: Finished difference Result 192 states and 234 transitions. [2022-02-21 00:02:27,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-21 00:02:27,561 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-21 00:02:27,561 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:27,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:27,568 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 230 transitions. [2022-02-21 00:02:27,568 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:27,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 230 transitions. [2022-02-21 00:02:27,573 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 230 transitions. [2022-02-21 00:02:27,733 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 230 edges. 230 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:27,738 INFO L225 Difference]: With dead ends: 192 [2022-02-21 00:02:27,738 INFO L226 Difference]: Without dead ends: 180 [2022-02-21 00:02:27,739 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 8 SyntacticMatches, 1 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=136, Unknown=0, NotChecked=0, Total=182 [2022-02-21 00:02:27,740 INFO L933 BasicCegarLoop]: 155 mSDtfsCounter, 323 mSDsluCounter, 547 mSDsCounter, 0 mSdLazyCounter, 228 mSolverCounterSat, 48 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 323 SdHoareTripleChecker+Valid, 702 SdHoareTripleChecker+Invalid, 276 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 48 IncrementalHoareTripleChecker+Valid, 228 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:27,740 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [323 Valid, 702 Invalid, 276 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [48 Valid, 228 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:27,741 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2022-02-21 00:02:27,743 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 151. [2022-02-21 00:02:27,743 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:27,744 INFO L82 GeneralOperation]: Start isEquivalent. First operand 180 states. Second operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-21 00:02:27,744 INFO L74 IsIncluded]: Start isIncluded. First operand 180 states. Second operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-21 00:02:27,744 INFO L87 Difference]: Start difference. First operand 180 states. Second operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-21 00:02:27,750 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:27,750 INFO L93 Difference]: Finished difference Result 180 states and 221 transitions. [2022-02-21 00:02:27,751 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 221 transitions. [2022-02-21 00:02:27,751 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:27,751 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:27,752 INFO L74 IsIncluded]: Start isIncluded. First operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) Second operand 180 states. [2022-02-21 00:02:27,752 INFO L87 Difference]: Start difference. First operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) Second operand 180 states. [2022-02-21 00:02:27,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:27,758 INFO L93 Difference]: Finished difference Result 180 states and 221 transitions. [2022-02-21 00:02:27,758 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 221 transitions. [2022-02-21 00:02:27,759 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:27,759 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:27,759 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:27,759 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:27,760 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 130 states have (on average 1.2769230769230768) internal successors, (166), 132 states have internal predecessors, (166), 12 states have call successors, (12), 8 states have call predecessors, (12), 8 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-21 00:02:27,764 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 190 transitions. [2022-02-21 00:02:27,764 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 190 transitions. Word has length 43 [2022-02-21 00:02:27,765 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:27,765 INFO L470 AbstractCegarLoop]: Abstraction has 151 states and 190 transitions. [2022-02-21 00:02:27,765 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.0) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:27,765 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 190 transitions. [2022-02-21 00:02:27,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-02-21 00:02:27,766 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:27,766 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:27,766 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2022-02-21 00:02:27,767 INFO L402 AbstractCegarLoop]: === Iteration 23 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:27,767 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:27,768 INFO L85 PathProgramCache]: Analyzing trace with hash -1608018874, now seen corresponding path program 1 times [2022-02-21 00:02:27,768 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:27,768 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [192981978] [2022-02-21 00:02:27,768 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:27,768 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:27,786 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:27,818 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-02-21 00:02:27,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:27,838 INFO L290 TraceCheckUtils]: 0: Hoare triple {20344#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {20327#true} is VALID [2022-02-21 00:02:27,838 INFO L290 TraceCheckUtils]: 1: Hoare triple {20327#true} assume !(0 != ~compRegistered~0); {20327#true} is VALID [2022-02-21 00:02:27,839 INFO L290 TraceCheckUtils]: 2: Hoare triple {20327#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {20327#true} is VALID [2022-02-21 00:02:27,839 INFO L290 TraceCheckUtils]: 3: Hoare triple {20327#true} assume 0 == ~tmp_ndt_6~0; {20327#true} is VALID [2022-02-21 00:02:27,839 INFO L290 TraceCheckUtils]: 4: Hoare triple {20327#true} ~returnVal2~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,839 INFO L290 TraceCheckUtils]: 5: Hoare triple {20327#true} assume !(~s~0 == ~NP~0); {20327#true} is VALID [2022-02-21 00:02:27,839 INFO L290 TraceCheckUtils]: 6: Hoare triple {20327#true} assume !(~s~0 == ~MPR1~0); {20327#true} is VALID [2022-02-21 00:02:27,840 INFO L290 TraceCheckUtils]: 7: Hoare triple {20327#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {20345#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:27,840 INFO L290 TraceCheckUtils]: 8: Hoare triple {20345#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,841 INFO L290 TraceCheckUtils]: 9: Hoare triple {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,841 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {20327#true} #734#return; {20340#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 0: Hoare triple {20327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(23, 2);call #Ultimate.allocInit(12, 3);~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 0;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 1: Hoare triple {20327#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;assume -2147483648 <= main_#t~nondet23#1 && main_#t~nondet23#1 <= 2147483647;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0;~Executive~0 := 0;~DevicePowerState~0 := 1;~s~0 := 0;~UNLOADED~0 := 0;~NP~0 := 0;~DC~0 := 0;~SKIP1~0 := 0;~SKIP2~0 := 0;~MPR1~0 := 0;~MPR3~0 := 0;~IPC~0 := 0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0;~myStatus~0 := 0;main_~status~1#1 := 0;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0;~NP~0 := 1;~DC~0 := 2;~SKIP1~0 := 3;~SKIP2~0 := 4;~MPR1~0 := 5;~MPR3~0 := 6;~IPC~0 := 7;~s~0 := ~UNLOADED~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 2: Hoare triple {20327#true} assume { :end_inline__BLAST_init } true; {20327#true} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 3: Hoare triple {20327#true} assume main_~status~1#1 >= 0;~s~0 := ~NP~0;~customIrp~0 := 0;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0;~myStatus~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 4: Hoare triple {20327#true} assume 0 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := -1073741637;~myStatus~0 := -1073741637; {20327#true} is VALID [2022-02-21 00:02:27,842 INFO L290 TraceCheckUtils]: 5: Hoare triple {20327#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0;~compFptr~0 := 0;~compRegistered~0 := 0;~lowerDriverReturn~0 := 0;~setEventCalled~0 := 0;~customIrp~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 6: Hoare triple {20327#true} assume { :end_inline_stub_driver_init } true; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 7: Hoare triple {20327#true} assume !(main_~status~1#1 < 0);havoc main_~tmp_ndt_1~0#1;assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 8: Hoare triple {20327#true} assume !(0 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;assume -2147483648 <= main_#t~nondet25#1 && main_#t~nondet25#1 <= 2147483647;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 9: Hoare triple {20327#true} assume !(1 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 10: Hoare triple {20327#true} assume 3 == main_~tmp_ndt_3~0#1; {20327#true} is VALID [2022-02-21 00:02:27,843 INFO L290 TraceCheckUtils]: 11: Hoare triple {20327#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet4#1 && KbFilter_PnP_#t~nondet4#1 <= 2147483647;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;assume -2147483648 <= KbFilter_PnP_#t~nondet5#1 && KbFilter_PnP_#t~nondet5#1 <= 2147483647;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;assume -2147483648 <= KbFilter_PnP_#t~nondet6#1 && KbFilter_PnP_#t~nondet6#1 <= 2147483647;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;assume -2147483648 <= KbFilter_PnP_#t~nondet7#1 && KbFilter_PnP_#t~nondet7#1 <= 2147483647;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;assume -2147483648 <= KbFilter_PnP_#t~nondet8#1 && KbFilter_PnP_#t~nondet8#1 <= 2147483647;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;assume -2147483648 <= KbFilter_PnP_#t~nondet9#1 && KbFilter_PnP_#t~nondet9#1 <= 2147483647;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 12: Hoare triple {20327#true} assume !(0 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 13: Hoare triple {20327#true} assume !(23 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 14: Hoare triple {20327#true} assume !(2 == KbFilter_PnP_~irpStack__MinorFunction~0#1); {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 15: Hoare triple {20327#true} assume 1 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 16: Hoare triple {20327#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {20327#true} is VALID [2022-02-21 00:02:27,844 INFO L290 TraceCheckUtils]: 17: Hoare triple {20327#true} KbFilter_PnP_#t~post18#1 := KbFilter_PnP_~Irp__CurrentLocation~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := 1 + KbFilter_PnP_#t~post18#1;havoc KbFilter_PnP_#t~post18#1;KbFilter_PnP_#t~post19#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := 1 + KbFilter_PnP_#t~post19#1;havoc KbFilter_PnP_#t~post19#1; {20327#true} is VALID [2022-02-21 00:02:27,845 INFO L272 TraceCheckUtils]: 18: Hoare triple {20327#true} call KbFilter_PnP_#t~ret20#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {20344#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 19: Hoare triple {20344#(and (= ~setEventCalled~0 |old(~setEventCalled~0)|) (= ~lowerDriverReturn~0 |old(~lowerDriverReturn~0)|) (= ~s~0 |old(~s~0)|))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;assume -2147483648 <= #t~nondet34 && #t~nondet34 <= 2147483647;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 20: Hoare triple {20327#true} assume !(0 != ~compRegistered~0); {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 21: Hoare triple {20327#true} havoc ~tmp_ndt_6~0;assume -2147483648 <= #t~nondet36 && #t~nondet36 <= 2147483647;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 22: Hoare triple {20327#true} assume 0 == ~tmp_ndt_6~0; {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 23: Hoare triple {20327#true} ~returnVal2~0 := 0; {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 24: Hoare triple {20327#true} assume !(~s~0 == ~NP~0); {20327#true} is VALID [2022-02-21 00:02:27,846 INFO L290 TraceCheckUtils]: 25: Hoare triple {20327#true} assume !(~s~0 == ~MPR1~0); {20327#true} is VALID [2022-02-21 00:02:27,847 INFO L290 TraceCheckUtils]: 26: Hoare triple {20327#true} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := ~returnVal2~0; {20345#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} is VALID [2022-02-21 00:02:27,847 INFO L290 TraceCheckUtils]: 27: Hoare triple {20345#(= ~lowerDriverReturn~0 IofCallDriver_~returnVal2~0)} #res := ~returnVal2~0; {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,848 INFO L290 TraceCheckUtils]: 28: Hoare triple {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} assume true; {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,848 INFO L284 TraceCheckUtils]: 29: Hoare quadruple {20346#(= |IofCallDriver_#res| ~lowerDriverReturn~0)} {20327#true} #734#return; {20340#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} is VALID [2022-02-21 00:02:27,849 INFO L290 TraceCheckUtils]: 30: Hoare triple {20340#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_#t~ret20#1|)} assume -2147483648 <= KbFilter_PnP_#t~ret20#1 && KbFilter_PnP_#t~ret20#1 <= 2147483647;KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret20#1;havoc KbFilter_PnP_#t~ret20#1; {20341#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} is VALID [2022-02-21 00:02:27,849 INFO L290 TraceCheckUtils]: 31: Hoare triple {20341#(= ~lowerDriverReturn~0 |ULTIMATE.start_KbFilter_PnP_~status~0#1|)} KbFilter_PnP_#res#1 := KbFilter_PnP_~status~0#1; {20342#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,850 INFO L290 TraceCheckUtils]: 32: Hoare triple {20342#(= |ULTIMATE.start_KbFilter_PnP_#res#1| ~lowerDriverReturn~0)} main_#t~ret31#1 := KbFilter_PnP_#res#1;assume { :end_inline_KbFilter_PnP } true;assume -2147483648 <= main_#t~ret31#1 && main_#t~ret31#1 <= 2147483647;main_~status~1#1 := main_#t~ret31#1;havoc main_#t~ret31#1; {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,850 INFO L290 TraceCheckUtils]: 33: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,850 INFO L290 TraceCheckUtils]: 34: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,851 INFO L290 TraceCheckUtils]: 35: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume ~s~0 != ~UNLOADED~0; {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,851 INFO L290 TraceCheckUtils]: 36: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume -1 != main_~status~1#1; {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,852 INFO L290 TraceCheckUtils]: 37: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 != ~SKIP2~0); {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,852 INFO L290 TraceCheckUtils]: 38: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(1 == ~pended~0); {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,852 INFO L290 TraceCheckUtils]: 39: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume !(~s~0 == ~DC~0); {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} is VALID [2022-02-21 00:02:27,853 INFO L290 TraceCheckUtils]: 40: Hoare triple {20343#(= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0)} assume main_~status~1#1 != ~lowerDriverReturn~0; {20328#false} is VALID [2022-02-21 00:02:27,853 INFO L272 TraceCheckUtils]: 41: Hoare triple {20328#false} call errorFn(); {20328#false} is VALID [2022-02-21 00:02:27,853 INFO L290 TraceCheckUtils]: 42: Hoare triple {20328#false} assume !false; {20328#false} is VALID [2022-02-21 00:02:27,853 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:27,853 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-21 00:02:27,854 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [192981978] [2022-02-21 00:02:27,854 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [192981978] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:27,854 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:27,854 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-21 00:02:27,854 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2033556064] [2022-02-21 00:02:27,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:27,855 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-21 00:02:27,855 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:27,855 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:27,883 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 43 edges. 43 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:27,883 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-21 00:02:27,884 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-21 00:02:27,884 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-21 00:02:27,884 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2022-02-21 00:02:27,885 INFO L87 Difference]: Start difference. First operand 151 states and 190 transitions. Second operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:28,660 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:28,675 INFO L93 Difference]: Finished difference Result 162 states and 201 transitions. [2022-02-21 00:02:28,675 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-21 00:02:28,680 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 43 [2022-02-21 00:02:28,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:28,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:28,688 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 185 transitions. [2022-02-21 00:02:28,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:28,690 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 185 transitions. [2022-02-21 00:02:28,690 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 185 transitions. [2022-02-21 00:02:28,824 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 185 edges. 185 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:28,826 INFO L225 Difference]: With dead ends: 162 [2022-02-21 00:02:28,826 INFO L226 Difference]: Without dead ends: 129 [2022-02-21 00:02:28,826 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2022-02-21 00:02:28,827 INFO L933 BasicCegarLoop]: 152 mSDtfsCounter, 52 mSDsluCounter, 893 mSDsCounter, 0 mSdLazyCounter, 227 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 1045 SdHoareTripleChecker+Invalid, 241 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 227 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:28,827 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 1045 Invalid, 241 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 227 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-21 00:02:28,828 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2022-02-21 00:02:28,830 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 129. [2022-02-21 00:02:28,830 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:28,830 INFO L82 GeneralOperation]: Start isEquivalent. First operand 129 states. Second operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-21 00:02:28,830 INFO L74 IsIncluded]: Start isIncluded. First operand 129 states. Second operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-21 00:02:28,831 INFO L87 Difference]: Start difference. First operand 129 states. Second operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-21 00:02:28,833 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:28,833 INFO L93 Difference]: Finished difference Result 129 states and 147 transitions. [2022-02-21 00:02:28,833 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 147 transitions. [2022-02-21 00:02:28,834 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:28,834 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:28,834 INFO L74 IsIncluded]: Start isIncluded. First operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) Second operand 129 states. [2022-02-21 00:02:28,835 INFO L87 Difference]: Start difference. First operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) Second operand 129 states. [2022-02-21 00:02:28,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:28,837 INFO L93 Difference]: Finished difference Result 129 states and 147 transitions. [2022-02-21 00:02:28,837 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 147 transitions. [2022-02-21 00:02:28,837 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:28,838 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:28,838 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:28,838 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:28,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 109 states have (on average 1.1559633027522935) internal successors, (126), 111 states have internal predecessors, (126), 11 states have call successors, (11), 8 states have call predecessors, (11), 8 states have return successors, (10), 9 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-21 00:02:28,840 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 147 transitions. [2022-02-21 00:02:28,840 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 147 transitions. Word has length 43 [2022-02-21 00:02:28,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:28,841 INFO L470 AbstractCegarLoop]: Abstraction has 129 states and 147 transitions. [2022-02-21 00:02:28,841 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.444444444444445) internal successors, (40), 7 states have internal predecessors, (40), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:28,841 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 147 transitions. [2022-02-21 00:02:28,841 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-02-21 00:02:28,842 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:28,842 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:28,842 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable22 [2022-02-21 00:02:28,842 INFO L402 AbstractCegarLoop]: === Iteration 24 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:28,843 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:28,843 INFO L85 PathProgramCache]: Analyzing trace with hash -825515977, now seen corresponding path program 1 times [2022-02-21 00:02:28,843 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-21 00:02:28,843 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1081278011] [2022-02-21 00:02:28,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:28,843 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-21 00:02:28,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-21 00:02:28,864 INFO L352 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-02-21 00:02:28,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-02-21 00:02:28,901 INFO L138 FreeRefinementEngine]: Strategy CAMEL found a feasible trace [2022-02-21 00:02:28,901 INFO L628 BasicCegarLoop]: Counterexample is feasible [2022-02-21 00:02:28,902 INFO L764 garLoopResultBuilder]: Registering result UNSAFE for location errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK (1 of 2 remaining) [2022-02-21 00:02:28,903 INFO L764 garLoopResultBuilder]: Registering result UNKNOWN for location ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK (0 of 2 remaining) [2022-02-21 00:02:28,904 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable23 [2022-02-21 00:02:28,906 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:28,908 INFO L180 ceAbstractionStarter]: Computing trace abstraction results [2022-02-21 00:02:28,948 FATAL L489 DefaultTranslator]: Callstack has procedure call flag but succeeding procedure is empty at [CALL] call #t~ret17 := IofCallDriver(~devExt__TopOfStack~0, ~Irp); [2022-02-21 00:02:28,949 FATAL L? ?]: The Plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction has thrown an exception: java.lang.AssertionError: callstack broken after backtranslation by InlinerBacktranslator at de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:216) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:225) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ModelTranslationContainer.translateProgramExecution(ModelTranslationContainer.java:206) at de.uni_freiburg.informatik.ultimate.core.lib.results.UnprovableResult.getProgramExecutionAsString(UnprovableResult.java:132) at de.uni_freiburg.informatik.ultimate.core.lib.results.UnprovableResult.getLongDescription(UnprovableResult.java:125) at de.uni_freiburg.informatik.ultimate.core.coreplugin.services.ResultService.reportResult(ResultService.java:86) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.CegarLoopResultReporter.reportResult(CegarLoopResultReporter.java:141) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.reportLocationResults(TraceAbstractionStarter.java:607) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:182) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:156) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:320) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63) [2022-02-21 00:02:28,953 INFO L158 Benchmark]: Toolchain (without parser) took 25291.15ms. Allocated memory was 94.4MB in the beginning and 209.7MB in the end (delta: 115.3MB). Free memory was 63.2MB in the beginning and 145.8MB in the end (delta: -82.7MB). Peak memory consumption was 32.0MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,953 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 94.4MB. Free memory was 50.0MB in the beginning and 49.9MB in the end (delta: 92.3kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-21 00:02:28,953 INFO L158 Benchmark]: CACSL2BoogieTranslator took 545.52ms. Allocated memory was 94.4MB in the beginning and 119.5MB in the end (delta: 25.2MB). Free memory was 62.9MB in the beginning and 85.2MB in the end (delta: -22.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,954 INFO L158 Benchmark]: Boogie Procedure Inliner took 89.45ms. Allocated memory is still 119.5MB. Free memory was 85.2MB in the beginning and 80.2MB in the end (delta: 5.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,954 INFO L158 Benchmark]: Boogie Preprocessor took 71.95ms. Allocated memory is still 119.5MB. Free memory was 80.2MB in the beginning and 77.6MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,954 INFO L158 Benchmark]: RCFGBuilder took 1038.01ms. Allocated memory is still 119.5MB. Free memory was 77.6MB in the beginning and 90.1MB in the end (delta: -12.5MB). Peak memory consumption was 30.6MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,954 INFO L158 Benchmark]: TraceAbstraction took 23540.74ms. Allocated memory was 119.5MB in the beginning and 209.7MB in the end (delta: 90.2MB). Free memory was 90.1MB in the beginning and 145.8MB in the end (delta: -55.8MB). Peak memory consumption was 33.7MB. Max. memory is 16.1GB. [2022-02-21 00:02:28,957 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 94.4MB. Free memory was 50.0MB in the beginning and 49.9MB in the end (delta: 92.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 545.52ms. Allocated memory was 94.4MB in the beginning and 119.5MB in the end (delta: 25.2MB). Free memory was 62.9MB in the beginning and 85.2MB in the end (delta: -22.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 89.45ms. Allocated memory is still 119.5MB. Free memory was 85.2MB in the beginning and 80.2MB in the end (delta: 5.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 71.95ms. Allocated memory is still 119.5MB. Free memory was 80.2MB in the beginning and 77.6MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 1038.01ms. Allocated memory is still 119.5MB. Free memory was 77.6MB in the beginning and 90.1MB in the end (delta: -12.5MB). Peak memory consumption was 30.6MB. Max. memory is 16.1GB. * TraceAbstraction took 23540.74ms. Allocated memory was 119.5MB in the beginning and 209.7MB in the end (delta: 90.2MB). Free memory was 90.1MB in the beginning and 145.8MB in the end (delta: -55.8MB). Peak memory consumption was 33.7MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - ExceptionOrErrorResult: AssertionError: callstack broken after backtranslation by InlinerBacktranslator de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: AssertionError: callstack broken after backtranslation by InlinerBacktranslator: de.uni_freiburg.informatik.ultimate.boogie.procedureinliner.backtranslation.InlinerBacktranslator.translateProgramExecution(InlinerBacktranslator.java:230) RESULT: Ultimate could not prove your program: Toolchain returned no result. [2022-02-21 00:02:28,996 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-21 00:02:31,008 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-21 00:02:31,010 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-21 00:02:31,044 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-21 00:02:31,045 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-21 00:02:31,049 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-21 00:02:31,051 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-21 00:02:31,056 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-21 00:02:31,059 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-21 00:02:31,063 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-21 00:02:31,064 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-21 00:02:31,065 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-21 00:02:31,073 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-21 00:02:31,076 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-21 00:02:31,078 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-21 00:02:31,082 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-21 00:02:31,083 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-21 00:02:31,084 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-21 00:02:31,086 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-21 00:02:31,090 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-21 00:02:31,095 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-21 00:02:31,097 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-21 00:02:31,098 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-21 00:02:31,100 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-21 00:02:31,104 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-21 00:02:31,105 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-21 00:02:31,105 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-21 00:02:31,107 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-21 00:02:31,107 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-21 00:02:31,108 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-21 00:02:31,108 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-21 00:02:31,109 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-21 00:02:31,110 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-21 00:02:31,111 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-21 00:02:31,112 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-21 00:02:31,112 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-21 00:02:31,113 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-21 00:02:31,113 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-21 00:02:31,114 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-21 00:02:31,115 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-21 00:02:31,116 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-21 00:02:31,120 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-21 00:02:31,154 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-21 00:02:31,155 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-21 00:02:31,155 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-21 00:02:31,156 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-21 00:02:31,156 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-21 00:02:31,157 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-21 00:02:31,158 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-21 00:02:31,158 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-21 00:02:31,158 INFO L138 SettingsManager]: * Use SBE=true [2022-02-21 00:02:31,159 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-21 00:02:31,160 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-21 00:02:31,160 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-21 00:02:31,160 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-21 00:02:31,160 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-21 00:02:31,160 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-21 00:02:31,161 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-21 00:02:31,161 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-21 00:02:31,161 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-21 00:02:31,161 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-21 00:02:31,161 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-21 00:02:31,162 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-21 00:02:31,162 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-21 00:02:31,162 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-21 00:02:31,162 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-21 00:02:31,162 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-21 00:02:31,163 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-21 00:02:31,163 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-21 00:02:31,163 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-21 00:02:31,163 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-21 00:02:31,163 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-21 00:02:31,164 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-21 00:02:31,164 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-21 00:02:31,164 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-21 00:02:31,165 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> a05fbc1d8a2048d37fda072c6a9d42f1f996d033c914869a4e2960aadff82dde [2022-02-21 00:02:31,481 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-21 00:02:31,510 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-21 00:02:31,512 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-21 00:02:31,513 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-21 00:02:31,516 INFO L275 PluginConnector]: CDTParser initialized [2022-02-21 00:02:31,517 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:31,566 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dc326caea/4f48a5b5a23b45e3bc6563d8dbc35434/FLAG6259bc3a6 [2022-02-21 00:02:32,072 INFO L306 CDTParser]: Found 1 translation units. [2022-02-21 00:02:32,072 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:32,090 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dc326caea/4f48a5b5a23b45e3bc6563d8dbc35434/FLAG6259bc3a6 [2022-02-21 00:02:32,563 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/dc326caea/4f48a5b5a23b45e3bc6563d8dbc35434 [2022-02-21 00:02:32,566 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-21 00:02:32,568 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-21 00:02:32,570 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-21 00:02:32,570 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-21 00:02:32,574 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-21 00:02:32,576 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.02 12:02:32" (1/1) ... [2022-02-21 00:02:32,577 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@249bbc0f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:32, skipping insertion in model container [2022-02-21 00:02:32,577 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.02 12:02:32" (1/1) ... [2022-02-21 00:02:32,590 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-21 00:02:32,621 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-21 00:02:32,884 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-21 00:02:32,886 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-21 00:02:32,896 INFO L203 MainTranslator]: Completed pre-run [2022-02-21 00:02:32,986 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ntdrivers-simplified/kbfiltr_simpl2.cil-2.c[29656,29669] [2022-02-21 00:02:32,991 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-21 00:02:33,010 INFO L208 MainTranslator]: Completed translation [2022-02-21 00:02:33,011 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33 WrapperNode [2022-02-21 00:02:33,011 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-21 00:02:33,012 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-21 00:02:33,012 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-21 00:02:33,013 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-21 00:02:33,018 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,039 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,097 INFO L137 Inliner]: procedures = 29, calls = 44, calls flagged for inlining = 10, calls inlined = 10, statements flattened = 607 [2022-02-21 00:02:33,098 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-21 00:02:33,099 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-21 00:02:33,099 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-21 00:02:33,099 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-21 00:02:33,107 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,107 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,114 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,115 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,126 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,132 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,136 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,141 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-21 00:02:33,142 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-21 00:02:33,142 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-21 00:02:33,143 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-21 00:02:33,143 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (1/1) ... [2022-02-21 00:02:33,159 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-21 00:02:33,170 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-21 00:02:33,184 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-21 00:02:33,187 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-21 00:02:33,215 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-21 00:02:33,215 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_Complete [2022-02-21 00:02:33,216 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_Complete [2022-02-21 00:02:33,216 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~intINTTYPE1 [2022-02-21 00:02:33,216 INFO L130 BoogieDeclarations]: Found specification of procedure stubMoreProcessingRequired [2022-02-21 00:02:33,216 INFO L138 BoogieDeclarations]: Found implementation of procedure stubMoreProcessingRequired [2022-02-21 00:02:33,216 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_CreateClose [2022-02-21 00:02:33,216 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_CreateClose [2022-02-21 00:02:33,216 INFO L130 BoogieDeclarations]: Found specification of procedure IofCompleteRequest [2022-02-21 00:02:33,217 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCompleteRequest [2022-02-21 00:02:33,217 INFO L130 BoogieDeclarations]: Found specification of procedure errorFn [2022-02-21 00:02:33,217 INFO L138 BoogieDeclarations]: Found implementation of procedure errorFn [2022-02-21 00:02:33,217 INFO L130 BoogieDeclarations]: Found specification of procedure IofCallDriver [2022-02-21 00:02:33,217 INFO L138 BoogieDeclarations]: Found implementation of procedure IofCallDriver [2022-02-21 00:02:33,217 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-21 00:02:33,218 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-21 00:02:33,218 INFO L130 BoogieDeclarations]: Found specification of procedure KbFilter_DispatchPassThrough [2022-02-21 00:02:33,218 INFO L138 BoogieDeclarations]: Found implementation of procedure KbFilter_DispatchPassThrough [2022-02-21 00:02:33,333 INFO L234 CfgBuilder]: Building ICFG [2022-02-21 00:02:33,334 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-21 00:02:33,440 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:33,444 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:33,447 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:33,464 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:33,466 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:33,955 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##87: assume !false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##86: assume false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##63: assume !false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##62: assume false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##129: assume false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##130: assume !false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##18: assume false; [2022-02-21 00:02:33,956 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##19: assume !false; [2022-02-21 00:02:33,957 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##113: assume !false; [2022-02-21 00:02:33,957 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##112: assume false; [2022-02-21 00:02:34,026 WARN L813 $ProcedureCfgBuilder]: Label in the middle of a codeblock. [2022-02-21 00:02:34,062 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##12: assume !false; [2022-02-21 00:02:34,062 INFO L766 $ProcedureCfgBuilder]: dead code at ProgramPoint $Ultimate##11: assume false; [2022-02-21 00:02:34,069 INFO L275 CfgBuilder]: Performing block encoding [2022-02-21 00:02:34,082 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-21 00:02:34,082 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-21 00:02:34,084 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.02 12:02:34 BoogieIcfgContainer [2022-02-21 00:02:34,084 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-21 00:02:34,086 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-21 00:02:34,087 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-21 00:02:34,102 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-21 00:02:34,103 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 21.02 12:02:32" (1/3) ... [2022-02-21 00:02:34,104 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4d12d318 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.02 12:02:34, skipping insertion in model container [2022-02-21 00:02:34,104 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.02 12:02:33" (2/3) ... [2022-02-21 00:02:34,104 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4d12d318 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.02 12:02:34, skipping insertion in model container [2022-02-21 00:02:34,104 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.02 12:02:34" (3/3) ... [2022-02-21 00:02:34,106 INFO L111 eAbstractionObserver]: Analyzing ICFG kbfiltr_simpl2.cil-2.c [2022-02-21 00:02:34,110 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-21 00:02:34,110 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 2 error locations. [2022-02-21 00:02:34,155 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-21 00:02:34,161 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-21 00:02:34,161 INFO L340 AbstractCegarLoop]: Starting to check reachability of 2 error locations. [2022-02-21 00:02:34,186 INFO L276 IsEmpty]: Start isEmpty. Operand has 210 states, 171 states have (on average 1.6023391812865497) internal successors, (274), 190 states have internal predecessors, (274), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) [2022-02-21 00:02:34,192 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2022-02-21 00:02:34,192 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:34,193 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:34,193 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:34,198 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:34,198 INFO L85 PathProgramCache]: Analyzing trace with hash -15799092, now seen corresponding path program 1 times [2022-02-21 00:02:34,210 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:34,211 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1831643656] [2022-02-21 00:02:34,211 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:34,212 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:34,212 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:34,216 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:34,217 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-21 00:02:34,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:34,324 INFO L263 TraceCheckSpWp]: Trace formula consists of 62 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:34,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:34,352 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:34,418 INFO L290 TraceCheckUtils]: 0: Hoare triple {213#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {213#true} is VALID [2022-02-21 00:02:34,420 INFO L290 TraceCheckUtils]: 1: Hoare triple {213#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {221#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} is VALID [2022-02-21 00:02:34,420 INFO L290 TraceCheckUtils]: 2: Hoare triple {221#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} assume { :end_inline__BLAST_init } true; {221#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} is VALID [2022-02-21 00:02:34,421 INFO L290 TraceCheckUtils]: 3: Hoare triple {221#(= |ULTIMATE.start_main_~status~1#1| (_ bv0 32))} assume !~bvsge32(main_~status~1#1, 0bv32); {214#false} is VALID [2022-02-21 00:02:34,428 INFO L290 TraceCheckUtils]: 4: Hoare triple {214#false} assume 1bv32 == ~pended~0; {214#false} is VALID [2022-02-21 00:02:34,429 INFO L290 TraceCheckUtils]: 5: Hoare triple {214#false} assume ~s~0 == ~NP~0;~s~0 := ~NP~0; {214#false} is VALID [2022-02-21 00:02:34,429 INFO L290 TraceCheckUtils]: 6: Hoare triple {214#false} main_#res#1 := main_~status~1#1; {214#false} is VALID [2022-02-21 00:02:34,429 INFO L290 TraceCheckUtils]: 7: Hoare triple {214#false} assume !(#valid == main_old_#valid#1); {214#false} is VALID [2022-02-21 00:02:34,430 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:34,430 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:34,431 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:34,431 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1831643656] [2022-02-21 00:02:34,432 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1831643656] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:34,432 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:34,432 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:34,435 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [240361258] [2022-02-21 00:02:34,436 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:34,440 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 8 [2022-02-21 00:02:34,441 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:34,443 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:34,467 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:34,468 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:34,469 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:34,500 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:34,501 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:34,510 INFO L87 Difference]: Start difference. First operand has 210 states, 171 states have (on average 1.6023391812865497) internal successors, (274), 190 states have internal predecessors, (274), 29 states have call successors, (29), 7 states have call predecessors, (29), 7 states have return successors, (29), 27 states have call predecessors, (29), 29 states have call successors, (29) Second operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:35,001 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:35,001 INFO L93 Difference]: Finished difference Result 212 states and 315 transitions. [2022-02-21 00:02:35,002 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:35,002 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 8 [2022-02-21 00:02:35,002 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:35,003 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:35,029 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 320 transitions. [2022-02-21 00:02:35,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:35,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 320 transitions. [2022-02-21 00:02:35,052 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 320 transitions. [2022-02-21 00:02:35,384 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 320 edges. 320 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:35,399 INFO L225 Difference]: With dead ends: 212 [2022-02-21 00:02:35,399 INFO L226 Difference]: Without dead ends: 208 [2022-02-21 00:02:35,401 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:35,404 INFO L933 BasicCegarLoop]: 310 mSDtfsCounter, 179 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 190 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:35,404 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [190 Valid, 419 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:35,426 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-21 00:02:35,445 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 206. [2022-02-21 00:02:35,446 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:35,447 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:35,449 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:35,450 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:35,465 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:35,465 INFO L93 Difference]: Finished difference Result 208 states and 311 transitions. [2022-02-21 00:02:35,466 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 311 transitions. [2022-02-21 00:02:35,468 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:35,469 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:35,470 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 208 states. [2022-02-21 00:02:35,471 INFO L87 Difference]: Start difference. First operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 208 states. [2022-02-21 00:02:35,483 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:35,484 INFO L93 Difference]: Finished difference Result 208 states and 311 transitions. [2022-02-21 00:02:35,484 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 311 transitions. [2022-02-21 00:02:35,486 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:35,486 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:35,486 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:35,486 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:35,487 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 169 states have (on average 1.5739644970414202) internal successors, (266), 186 states have internal predecessors, (266), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:35,497 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 310 transitions. [2022-02-21 00:02:35,498 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 310 transitions. Word has length 8 [2022-02-21 00:02:35,498 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:35,499 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 310 transitions. [2022-02-21 00:02:35,499 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 2.6666666666666665) internal successors, (8), 3 states have internal predecessors, (8), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:35,499 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 310 transitions. [2022-02-21 00:02:35,500 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-21 00:02:35,500 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:35,500 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:35,515 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:35,709 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:35,710 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:35,710 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:35,710 INFO L85 PathProgramCache]: Analyzing trace with hash -191249986, now seen corresponding path program 1 times [2022-02-21 00:02:35,711 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:35,711 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1023796158] [2022-02-21 00:02:35,711 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:35,712 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:35,712 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:35,713 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:35,715 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-21 00:02:35,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:35,785 INFO L263 TraceCheckSpWp]: Trace formula consists of 89 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:35,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:35,807 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:35,867 INFO L290 TraceCheckUtils]: 0: Hoare triple {1073#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {1073#true} is VALID [2022-02-21 00:02:35,869 INFO L290 TraceCheckUtils]: 1: Hoare triple {1073#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,869 INFO L290 TraceCheckUtils]: 2: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline__BLAST_init } true; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,870 INFO L290 TraceCheckUtils]: 3: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,870 INFO L290 TraceCheckUtils]: 4: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,871 INFO L290 TraceCheckUtils]: 5: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,871 INFO L290 TraceCheckUtils]: 6: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline_stub_driver_init } true; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,878 INFO L290 TraceCheckUtils]: 7: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,879 INFO L290 TraceCheckUtils]: 8: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,879 INFO L290 TraceCheckUtils]: 9: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,880 INFO L290 TraceCheckUtils]: 10: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,880 INFO L290 TraceCheckUtils]: 11: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,880 INFO L290 TraceCheckUtils]: 12: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(8bv32 == main_~tmp_ndt_5~0#1); {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,881 INFO L290 TraceCheckUtils]: 13: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} main_#res#1 := 4294967295bv32; {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-21 00:02:35,881 INFO L290 TraceCheckUtils]: 14: Hoare triple {1081#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(#valid == main_old_#valid#1); {1074#false} is VALID [2022-02-21 00:02:35,882 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:35,882 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:35,882 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:35,882 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1023796158] [2022-02-21 00:02:35,883 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1023796158] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:35,883 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:35,883 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-21 00:02:35,883 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [493512110] [2022-02-21 00:02:35,883 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:35,885 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 15 [2022-02-21 00:02:35,886 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:35,887 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:35,904 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:35,904 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:35,904 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:35,905 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:35,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:35,905 INFO L87 Difference]: Start difference. First operand 206 states and 310 transitions. Second operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:36,252 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:36,252 INFO L93 Difference]: Finished difference Result 205 states and 309 transitions. [2022-02-21 00:02:36,252 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:36,253 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 15 [2022-02-21 00:02:36,253 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:36,253 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:36,258 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 310 transitions. [2022-02-21 00:02:36,258 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:36,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 310 transitions. [2022-02-21 00:02:36,263 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 310 transitions. [2022-02-21 00:02:36,543 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 310 edges. 310 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:36,548 INFO L225 Difference]: With dead ends: 205 [2022-02-21 00:02:36,548 INFO L226 Difference]: Without dead ends: 201 [2022-02-21 00:02:36,549 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:36,550 INFO L933 BasicCegarLoop]: 309 mSDtfsCounter, 199 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 210 SdHoareTripleChecker+Valid, 373 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:36,550 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [210 Valid, 373 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:36,553 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 201 states. [2022-02-21 00:02:36,566 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 201 to 201. [2022-02-21 00:02:36,571 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:36,572 INFO L82 GeneralOperation]: Start isEquivalent. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:36,574 INFO L74 IsIncluded]: Start isIncluded. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:36,575 INFO L87 Difference]: Start difference. First operand 201 states. Second operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:36,587 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:36,587 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-21 00:02:36,587 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:36,589 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:36,589 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:36,590 INFO L74 IsIncluded]: Start isIncluded. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-21 00:02:36,590 INFO L87 Difference]: Start difference. First operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) Second operand 201 states. [2022-02-21 00:02:36,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:36,602 INFO L93 Difference]: Finished difference Result 201 states and 296 transitions. [2022-02-21 00:02:36,603 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:36,604 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:36,604 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:36,604 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:36,604 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:36,605 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 165 states have (on average 1.5272727272727273) internal successors, (252), 181 states have internal predecessors, (252), 29 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (15), 15 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-21 00:02:36,619 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 296 transitions. [2022-02-21 00:02:36,620 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 296 transitions. Word has length 15 [2022-02-21 00:02:36,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:36,620 INFO L470 AbstractCegarLoop]: Abstraction has 201 states and 296 transitions. [2022-02-21 00:02:36,621 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 7.5) internal successors, (15), 3 states have internal predecessors, (15), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:36,621 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 296 transitions. [2022-02-21 00:02:36,622 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-21 00:02:36,622 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:36,622 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:36,639 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:36,831 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:36,832 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:36,833 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:36,833 INFO L85 PathProgramCache]: Analyzing trace with hash 509601447, now seen corresponding path program 1 times [2022-02-21 00:02:36,834 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:36,834 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [368636645] [2022-02-21 00:02:36,834 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:36,835 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:36,835 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:36,836 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:36,838 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-21 00:02:36,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:36,921 INFO L263 TraceCheckSpWp]: Trace formula consists of 118 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-21 00:02:36,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:36,936 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:37,140 INFO L290 TraceCheckUtils]: 0: Hoare triple {1928#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {1928#true} is VALID [2022-02-21 00:02:37,141 INFO L290 TraceCheckUtils]: 1: Hoare triple {1928#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1936#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-21 00:02:37,141 INFO L290 TraceCheckUtils]: 2: Hoare triple {1936#(= ~NP~0 (_ bv1 32))} assume { :end_inline__BLAST_init } true; {1936#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-21 00:02:37,142 INFO L290 TraceCheckUtils]: 3: Hoare triple {1936#(= ~NP~0 (_ bv1 32))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {1936#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-21 00:02:37,142 INFO L290 TraceCheckUtils]: 4: Hoare triple {1936#(= ~NP~0 (_ bv1 32))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {1936#(= ~NP~0 (_ bv1 32))} is VALID [2022-02-21 00:02:37,143 INFO L290 TraceCheckUtils]: 5: Hoare triple {1936#(= ~NP~0 (_ bv1 32))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,144 INFO L290 TraceCheckUtils]: 6: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline_stub_driver_init } true; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,145 INFO L290 TraceCheckUtils]: 7: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,145 INFO L290 TraceCheckUtils]: 8: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == main_~tmp_ndt_1~0#1; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,146 INFO L272 TraceCheckUtils]: 9: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,147 INFO L290 TraceCheckUtils]: 10: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,147 INFO L290 TraceCheckUtils]: 11: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == ~irpStack__MajorFunction~0; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,148 INFO L290 TraceCheckUtils]: 12: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == ~devExt__UpperConnectData__ClassService~0;~status~2 := 3221225860bv32; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,148 INFO L290 TraceCheckUtils]: 13: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,149 INFO L272 TraceCheckUtils]: 14: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,150 INFO L290 TraceCheckUtils]: 15: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:37,150 INFO L290 TraceCheckUtils]: 16: Hoare triple {1949#(and (= ~NP~0 ~s~0) (= ~NP~0 (_ bv1 32)))} assume !(~s~0 == ~NP~0); {1929#false} is VALID [2022-02-21 00:02:37,150 INFO L272 TraceCheckUtils]: 17: Hoare triple {1929#false} call errorFn(); {1929#false} is VALID [2022-02-21 00:02:37,151 INFO L290 TraceCheckUtils]: 18: Hoare triple {1929#false} assume !false; {1929#false} is VALID [2022-02-21 00:02:37,151 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:37,151 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:37,151 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:37,152 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [368636645] [2022-02-21 00:02:37,152 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [368636645] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:37,152 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:37,153 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:37,155 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [958872341] [2022-02-21 00:02:37,156 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:37,156 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-21 00:02:37,156 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:37,157 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:37,174 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:37,174 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:37,175 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:37,175 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:37,176 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:37,176 INFO L87 Difference]: Start difference. First operand 201 states and 296 transitions. Second operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:37,904 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:37,905 INFO L93 Difference]: Finished difference Result 269 states and 381 transitions. [2022-02-21 00:02:37,905 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:37,905 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-02-21 00:02:37,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:37,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:37,910 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 391 transitions. [2022-02-21 00:02:37,911 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:37,915 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 391 transitions. [2022-02-21 00:02:37,916 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 391 transitions. [2022-02-21 00:02:38,292 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 391 edges. 391 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:38,297 INFO L225 Difference]: With dead ends: 269 [2022-02-21 00:02:38,297 INFO L226 Difference]: Without dead ends: 268 [2022-02-21 00:02:38,297 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:38,298 INFO L933 BasicCegarLoop]: 309 mSDtfsCounter, 497 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 497 SdHoareTripleChecker+Valid, 393 SdHoareTripleChecker+Invalid, 148 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:38,299 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [497 Valid, 393 Invalid, 148 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:38,300 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-21 00:02:38,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 252. [2022-02-21 00:02:38,308 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:38,309 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:38,310 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:38,311 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:38,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:38,321 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-21 00:02:38,321 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-21 00:02:38,322 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:38,322 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:38,323 INFO L74 IsIncluded]: Start isIncluded. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-21 00:02:38,324 INFO L87 Difference]: Start difference. First operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) Second operand 268 states. [2022-02-21 00:02:38,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:38,334 INFO L93 Difference]: Finished difference Result 268 states and 380 transitions. [2022-02-21 00:02:38,334 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 380 transitions. [2022-02-21 00:02:38,335 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:38,335 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:38,335 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:38,335 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:38,336 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 215 states have (on average 1.4325581395348836) internal successors, (308), 218 states have internal predecessors, (308), 26 states have call successors, (26), 11 states have call predecessors, (26), 10 states have return successors, (27), 25 states have call predecessors, (27), 18 states have call successors, (27) [2022-02-21 00:02:38,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 361 transitions. [2022-02-21 00:02:38,345 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 361 transitions. Word has length 19 [2022-02-21 00:02:38,345 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:38,345 INFO L470 AbstractCegarLoop]: Abstraction has 252 states and 361 transitions. [2022-02-21 00:02:38,345 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:38,345 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 361 transitions. [2022-02-21 00:02:38,346 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-21 00:02:38,346 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:38,346 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:38,362 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:38,558 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:38,558 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:38,559 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:38,559 INFO L85 PathProgramCache]: Analyzing trace with hash -2016043468, now seen corresponding path program 1 times [2022-02-21 00:02:38,559 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:38,559 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [518288504] [2022-02-21 00:02:38,559 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:38,560 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:38,560 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:38,568 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:38,569 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-21 00:02:38,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:38,646 INFO L263 TraceCheckSpWp]: Trace formula consists of 100 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:38,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:38,660 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:38,711 INFO L290 TraceCheckUtils]: 0: Hoare triple {3045#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {3045#true} is VALID [2022-02-21 00:02:38,712 INFO L290 TraceCheckUtils]: 1: Hoare triple {3045#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {3045#true} is VALID [2022-02-21 00:02:38,712 INFO L290 TraceCheckUtils]: 2: Hoare triple {3045#true} assume { :end_inline__BLAST_init } true; {3045#true} is VALID [2022-02-21 00:02:38,712 INFO L290 TraceCheckUtils]: 3: Hoare triple {3045#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {3045#true} is VALID [2022-02-21 00:02:38,712 INFO L290 TraceCheckUtils]: 4: Hoare triple {3045#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {3045#true} is VALID [2022-02-21 00:02:38,713 INFO L290 TraceCheckUtils]: 5: Hoare triple {3045#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,714 INFO L290 TraceCheckUtils]: 6: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume { :end_inline_stub_driver_init } true; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,718 INFO L290 TraceCheckUtils]: 7: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,719 INFO L290 TraceCheckUtils]: 8: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,719 INFO L290 TraceCheckUtils]: 9: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,720 INFO L290 TraceCheckUtils]: 10: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume 3bv32 == main_~tmp_ndt_3~0#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,720 INFO L290 TraceCheckUtils]: 11: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,721 INFO L290 TraceCheckUtils]: 12: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,721 INFO L290 TraceCheckUtils]: 13: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,722 INFO L290 TraceCheckUtils]: 14: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume !(~s~0 != ~NP~0); {3065#(= ~compRegistered~0 (_ bv0 32))} is VALID [2022-02-21 00:02:38,722 INFO L290 TraceCheckUtils]: 15: Hoare triple {3065#(= ~compRegistered~0 (_ bv0 32))} assume 0bv32 != ~compRegistered~0; {3046#false} is VALID [2022-02-21 00:02:38,722 INFO L272 TraceCheckUtils]: 16: Hoare triple {3046#false} call errorFn(); {3046#false} is VALID [2022-02-21 00:02:38,723 INFO L290 TraceCheckUtils]: 17: Hoare triple {3046#false} assume !false; {3046#false} is VALID [2022-02-21 00:02:38,723 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:38,723 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:38,724 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:38,724 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [518288504] [2022-02-21 00:02:38,726 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [518288504] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:38,726 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:38,726 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:38,728 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1673036236] [2022-02-21 00:02:38,730 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:38,730 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-21 00:02:38,730 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:38,731 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:38,747 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 18 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:38,747 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:38,747 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:38,748 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:38,748 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:38,748 INFO L87 Difference]: Start difference. First operand 252 states and 361 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:39,060 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:39,060 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:39,060 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:39,061 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 18 [2022-02-21 00:02:39,061 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:39,061 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:39,065 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 350 transitions. [2022-02-21 00:02:39,065 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:39,069 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 350 transitions. [2022-02-21 00:02:39,069 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 350 transitions. [2022-02-21 00:02:39,375 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 350 edges. 350 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:39,382 INFO L225 Difference]: With dead ends: 312 [2022-02-21 00:02:39,382 INFO L226 Difference]: Without dead ends: 312 [2022-02-21 00:02:39,382 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:39,383 INFO L933 BasicCegarLoop]: 272 mSDtfsCounter, 242 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:39,383 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [242 Valid, 360 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:39,384 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 312 states. [2022-02-21 00:02:39,391 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 312 to 290. [2022-02-21 00:02:39,391 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:39,392 INFO L82 GeneralOperation]: Start isEquivalent. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:39,393 INFO L74 IsIncluded]: Start isIncluded. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:39,394 INFO L87 Difference]: Start difference. First operand 312 states. Second operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:39,405 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:39,405 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:39,406 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-21 00:02:39,407 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:39,407 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:39,408 INFO L74 IsIncluded]: Start isIncluded. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-21 00:02:39,409 INFO L87 Difference]: Start difference. First operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 312 states. [2022-02-21 00:02:39,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:39,421 INFO L93 Difference]: Finished difference Result 312 states and 436 transitions. [2022-02-21 00:02:39,421 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 436 transitions. [2022-02-21 00:02:39,422 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:39,422 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:39,422 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:39,422 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:39,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 290 states, 255 states have (on average 1.419607843137255) internal successors, (362), 256 states have internal predecessors, (362), 22 states have call successors, (22), 11 states have call predecessors, (22), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:39,433 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 290 states to 290 states and 410 transitions. [2022-02-21 00:02:39,434 INFO L78 Accepts]: Start accepts. Automaton has 290 states and 410 transitions. Word has length 18 [2022-02-21 00:02:39,434 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:39,434 INFO L470 AbstractCegarLoop]: Abstraction has 290 states and 410 transitions. [2022-02-21 00:02:39,434 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:39,434 INFO L276 IsEmpty]: Start isEmpty. Operand 290 states and 410 transitions. [2022-02-21 00:02:39,435 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-21 00:02:39,435 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:39,435 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:39,444 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Ended with exit code 0 [2022-02-21 00:02:39,644 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:39,645 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:39,645 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:39,645 INFO L85 PathProgramCache]: Analyzing trace with hash 1363549369, now seen corresponding path program 1 times [2022-02-21 00:02:39,646 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:39,646 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1023829205] [2022-02-21 00:02:39,646 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:39,646 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:39,646 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:39,647 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:39,649 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-21 00:02:39,730 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:39,733 INFO L263 TraceCheckSpWp]: Trace formula consists of 139 conjuncts, 5 conjunts are in the unsatisfiable core [2022-02-21 00:02:39,749 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:39,751 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:39,902 INFO L290 TraceCheckUtils]: 0: Hoare triple {4327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {4327#true} is VALID [2022-02-21 00:02:39,902 INFO L290 TraceCheckUtils]: 1: Hoare triple {4327#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,903 INFO L290 TraceCheckUtils]: 2: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume { :end_inline__BLAST_init } true; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,903 INFO L290 TraceCheckUtils]: 3: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,904 INFO L290 TraceCheckUtils]: 4: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,904 INFO L290 TraceCheckUtils]: 5: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,905 INFO L290 TraceCheckUtils]: 6: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume { :end_inline_stub_driver_init } true; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,905 INFO L290 TraceCheckUtils]: 7: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,906 INFO L290 TraceCheckUtils]: 8: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == main_~tmp_ndt_1~0#1; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,906 INFO L272 TraceCheckUtils]: 9: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} call main_#t~ret29#1 := KbFilter_CreateClose(main_~devobj~0#1, main_~pirp~0#1); {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,907 INFO L290 TraceCheckUtils]: 10: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~irpStack__MajorFunction~0 := #t~nondet41;havoc #t~nondet41;~devExt__UpperConnectData__ClassService~0 := #t~nondet42;havoc #t~nondet42;havoc ~Irp__IoStatus__Status~1;havoc ~status~2;havoc ~tmp~0;~status~2 := ~myStatus~0; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,907 INFO L290 TraceCheckUtils]: 11: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == ~irpStack__MajorFunction~0; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,908 INFO L290 TraceCheckUtils]: 12: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume 0bv32 == ~devExt__UpperConnectData__ClassService~0;~status~2 := 3221225860bv32; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,908 INFO L290 TraceCheckUtils]: 13: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} ~Irp__IoStatus__Status~1 := ~status~2;~myStatus~0 := ~status~2; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,909 INFO L272 TraceCheckUtils]: 14: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} call #t~ret43 := KbFilter_DispatchPassThrough(~DeviceObject, ~Irp); {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,909 INFO L290 TraceCheckUtils]: 15: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;~Irp__Tail__Overlay__CurrentStackLocation~1 := #t~nondet44;havoc #t~nondet44;~Irp__CurrentLocation~1 := #t~nondet45;havoc #t~nondet45;~DeviceObject__DeviceExtension__TopOfStack~0 := #t~nondet46;havoc #t~nondet46;havoc ~irpStack~1;havoc ~tmp~1;~irpStack~1 := ~Irp__Tail__Overlay__CurrentStackLocation~1; {4335#(= (_ bv3 32) ~SKIP1~0)} is VALID [2022-02-21 00:02:39,910 INFO L290 TraceCheckUtils]: 16: Hoare triple {4335#(= (_ bv3 32) ~SKIP1~0)} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,910 INFO L290 TraceCheckUtils]: 17: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} #t~post47 := ~Irp__CurrentLocation~1;~Irp__CurrentLocation~1 := ~bvadd32(1bv32, #t~post47);havoc #t~post47;#t~post48 := ~Irp__Tail__Overlay__CurrentStackLocation~1;~Irp__Tail__Overlay__CurrentStackLocation~1 := ~bvadd32(1bv32, #t~post48);havoc #t~post48; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,911 INFO L272 TraceCheckUtils]: 18: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} call #t~ret49 := IofCallDriver(~DeviceObject__DeviceExtension__TopOfStack~0, ~Irp); {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,916 INFO L290 TraceCheckUtils]: 19: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,916 INFO L290 TraceCheckUtils]: 20: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(0bv32 != ~compRegistered~0); {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,917 INFO L290 TraceCheckUtils]: 21: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,917 INFO L290 TraceCheckUtils]: 22: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume 0bv32 == ~tmp_ndt_6~0; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,918 INFO L290 TraceCheckUtils]: 23: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} ~returnVal2~0 := 0bv32; {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,918 INFO L290 TraceCheckUtils]: 24: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~NP~0); {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,918 INFO L290 TraceCheckUtils]: 25: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~MPR1~0); {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} is VALID [2022-02-21 00:02:39,919 INFO L290 TraceCheckUtils]: 26: Hoare triple {4381#(and (= ~s~0 ~SKIP1~0) (= (_ bv3 32) ~SKIP1~0))} assume !(~s~0 == ~SKIP1~0); {4328#false} is VALID [2022-02-21 00:02:39,919 INFO L272 TraceCheckUtils]: 27: Hoare triple {4328#false} call errorFn(); {4328#false} is VALID [2022-02-21 00:02:39,919 INFO L290 TraceCheckUtils]: 28: Hoare triple {4328#false} assume !false; {4328#false} is VALID [2022-02-21 00:02:39,920 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:39,920 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:39,920 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:39,920 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1023829205] [2022-02-21 00:02:39,920 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1023829205] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:39,920 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:39,921 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:39,921 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1936724501] [2022-02-21 00:02:39,921 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:39,921 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-21 00:02:39,922 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:39,922 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:39,947 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:39,948 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:39,948 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:39,948 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:39,949 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:39,949 INFO L87 Difference]: Start difference. First operand 290 states and 410 transitions. Second operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:40,495 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:40,495 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:40,495 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:40,495 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 29 [2022-02-21 00:02:40,496 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:40,496 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:40,499 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 289 transitions. [2022-02-21 00:02:40,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:40,503 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 289 transitions. [2022-02-21 00:02:40,503 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 289 transitions. [2022-02-21 00:02:40,759 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:40,765 INFO L225 Difference]: With dead ends: 289 [2022-02-21 00:02:40,765 INFO L226 Difference]: Without dead ends: 289 [2022-02-21 00:02:40,766 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:40,766 INFO L933 BasicCegarLoop]: 261 mSDtfsCounter, 257 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 84 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 257 SdHoareTripleChecker+Valid, 443 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 84 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:40,767 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [257 Valid, 443 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 84 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:40,768 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2022-02-21 00:02:40,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 289. [2022-02-21 00:02:40,773 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:40,774 INFO L82 GeneralOperation]: Start isEquivalent. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:40,775 INFO L74 IsIncluded]: Start isIncluded. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:40,776 INFO L87 Difference]: Start difference. First operand 289 states. Second operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:40,784 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:40,785 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:40,785 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:40,785 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:40,786 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:40,786 INFO L74 IsIncluded]: Start isIncluded. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-21 00:02:40,787 INFO L87 Difference]: Start difference. First operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 289 states. [2022-02-21 00:02:40,795 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:40,795 INFO L93 Difference]: Finished difference Result 289 states and 407 transitions. [2022-02-21 00:02:40,795 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:40,796 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:40,796 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:40,796 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:40,796 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:40,797 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 289 states, 255 states have (on average 1.411764705882353) internal successors, (360), 255 states have internal predecessors, (360), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:40,804 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 289 states to 289 states and 407 transitions. [2022-02-21 00:02:40,804 INFO L78 Accepts]: Start accepts. Automaton has 289 states and 407 transitions. Word has length 29 [2022-02-21 00:02:40,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:40,805 INFO L470 AbstractCegarLoop]: Abstraction has 289 states and 407 transitions. [2022-02-21 00:02:40,805 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 6.25) internal successors, (25), 4 states have internal predecessors, (25), 3 states have call successors, (4), 3 states have call predecessors, (4), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:40,805 INFO L276 IsEmpty]: Start isEmpty. Operand 289 states and 407 transitions. [2022-02-21 00:02:40,806 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-21 00:02:40,806 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:40,806 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:40,818 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:41,015 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:41,016 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:41,016 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:41,016 INFO L85 PathProgramCache]: Analyzing trace with hash -1270637010, now seen corresponding path program 1 times [2022-02-21 00:02:41,017 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:41,017 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [792056220] [2022-02-21 00:02:41,017 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:41,017 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:41,017 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:41,018 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:41,019 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-21 00:02:41,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:41,083 INFO L263 TraceCheckSpWp]: Trace formula consists of 122 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-21 00:02:41,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:41,105 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:41,349 INFO L290 TraceCheckUtils]: 0: Hoare triple {5573#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {5573#true} is VALID [2022-02-21 00:02:41,350 INFO L290 TraceCheckUtils]: 1: Hoare triple {5573#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,351 INFO L290 TraceCheckUtils]: 2: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :end_inline__BLAST_init } true; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,351 INFO L290 TraceCheckUtils]: 3: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,352 INFO L290 TraceCheckUtils]: 4: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,352 INFO L290 TraceCheckUtils]: 5: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,353 INFO L290 TraceCheckUtils]: 6: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :end_inline_stub_driver_init } true; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,353 INFO L290 TraceCheckUtils]: 7: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,354 INFO L290 TraceCheckUtils]: 8: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,355 INFO L290 TraceCheckUtils]: 9: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,355 INFO L290 TraceCheckUtils]: 10: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,356 INFO L290 TraceCheckUtils]: 11: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,356 INFO L290 TraceCheckUtils]: 12: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 8bv32 == main_~tmp_ndt_5~0#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,358 INFO L290 TraceCheckUtils]: 13: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,359 INFO L290 TraceCheckUtils]: 14: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,361 INFO L290 TraceCheckUtils]: 15: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,362 INFO L290 TraceCheckUtils]: 16: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,362 INFO L272 TraceCheckUtils]: 17: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,363 INFO L290 TraceCheckUtils]: 18: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,365 INFO L290 TraceCheckUtils]: 19: Hoare triple {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {5636#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,365 INFO L290 TraceCheckUtils]: 20: Hoare triple {5636#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} assume true; {5636#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,366 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5636#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)))} {5581#(and (= (_ bv4 32) ~SKIP2~0) (= ~DC~0 (_ bv2 32)))} #744#return; {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,368 INFO L290 TraceCheckUtils]: 22: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,368 INFO L290 TraceCheckUtils]: 23: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,377 INFO L290 TraceCheckUtils]: 24: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(1bv32 == ~pended~0); {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,377 INFO L290 TraceCheckUtils]: 25: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(1bv32 == ~pended~0); {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,380 INFO L290 TraceCheckUtils]: 26: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume ~s~0 != ~UNLOADED~0; {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,380 INFO L290 TraceCheckUtils]: 27: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume 4294967295bv32 != main_~status~1#1; {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} is VALID [2022-02-21 00:02:41,381 INFO L290 TraceCheckUtils]: 28: Hoare triple {5643#(and (= (_ bv4 32) ~SKIP2~0) (= ~s~0 (_ bv2 32)))} assume !(~s~0 != ~SKIP2~0); {5574#false} is VALID [2022-02-21 00:02:41,381 INFO L290 TraceCheckUtils]: 29: Hoare triple {5574#false} assume 1bv32 == ~pended~0; {5574#false} is VALID [2022-02-21 00:02:41,382 INFO L290 TraceCheckUtils]: 30: Hoare triple {5574#false} assume 259bv32 != main_~status~1#1; {5574#false} is VALID [2022-02-21 00:02:41,382 INFO L272 TraceCheckUtils]: 31: Hoare triple {5574#false} call errorFn(); {5574#false} is VALID [2022-02-21 00:02:41,382 INFO L290 TraceCheckUtils]: 32: Hoare triple {5574#false} assume !false; {5574#false} is VALID [2022-02-21 00:02:41,382 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:41,383 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:41,383 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:41,383 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [792056220] [2022-02-21 00:02:41,383 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [792056220] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:41,383 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:41,384 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:41,384 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [851739139] [2022-02-21 00:02:41,384 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:41,384 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-21 00:02:41,385 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:41,385 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:41,422 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:41,422 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:41,423 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:41,423 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:41,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:41,424 INFO L87 Difference]: Start difference. First operand 289 states and 407 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:42,024 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:42,025 INFO L93 Difference]: Finished difference Result 307 states and 427 transitions. [2022-02-21 00:02:42,025 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:42,025 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2022-02-21 00:02:42,025 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:42,025 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:42,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 292 transitions. [2022-02-21 00:02:42,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:42,031 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 292 transitions. [2022-02-21 00:02:42,031 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 292 transitions. [2022-02-21 00:02:42,281 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 292 edges. 292 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:42,287 INFO L225 Difference]: With dead ends: 307 [2022-02-21 00:02:42,288 INFO L226 Difference]: Without dead ends: 306 [2022-02-21 00:02:42,288 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:42,289 INFO L933 BasicCegarLoop]: 265 mSDtfsCounter, 285 mSDsluCounter, 194 mSDsCounter, 0 mSdLazyCounter, 83 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 285 SdHoareTripleChecker+Valid, 459 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 83 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:42,289 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [285 Valid, 459 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 83 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:42,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-21 00:02:42,296 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-21 00:02:42,296 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:42,297 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:42,298 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:42,299 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:42,307 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:42,307 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-21 00:02:42,307 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-21 00:02:42,308 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:42,308 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:42,310 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:42,310 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:42,318 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:42,319 INFO L93 Difference]: Finished difference Result 306 states and 426 transitions. [2022-02-21 00:02:42,319 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 426 transitions. [2022-02-21 00:02:42,320 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:42,320 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:42,320 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:42,320 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:42,321 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.404494382022472) internal successors, (375), 266 states have internal predecessors, (375), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:42,328 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 422 transitions. [2022-02-21 00:02:42,328 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 422 transitions. Word has length 33 [2022-02-21 00:02:42,328 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:42,329 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 422 transitions. [2022-02-21 00:02:42,329 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:42,329 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 422 transitions. [2022-02-21 00:02:42,330 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:42,330 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:42,330 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:42,342 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:42,539 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:42,539 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:42,540 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:42,540 INFO L85 PathProgramCache]: Analyzing trace with hash -1113906492, now seen corresponding path program 1 times [2022-02-21 00:02:42,540 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:42,540 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2021583192] [2022-02-21 00:02:42,540 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:42,541 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:42,541 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:42,592 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:42,593 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-21 00:02:42,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:42,679 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-21 00:02:42,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:42,696 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:42,947 INFO L290 TraceCheckUtils]: 0: Hoare triple {6896#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {6896#true} is VALID [2022-02-21 00:02:42,948 INFO L290 TraceCheckUtils]: 1: Hoare triple {6896#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,948 INFO L290 TraceCheckUtils]: 2: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :end_inline__BLAST_init } true; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,949 INFO L290 TraceCheckUtils]: 3: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,949 INFO L290 TraceCheckUtils]: 4: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,951 INFO L290 TraceCheckUtils]: 5: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,951 INFO L290 TraceCheckUtils]: 6: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :end_inline_stub_driver_init } true; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,952 INFO L290 TraceCheckUtils]: 7: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,952 INFO L290 TraceCheckUtils]: 8: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,953 INFO L290 TraceCheckUtils]: 9: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,953 INFO L290 TraceCheckUtils]: 10: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,954 INFO L290 TraceCheckUtils]: 11: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,954 INFO L290 TraceCheckUtils]: 12: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 8bv32 == main_~tmp_ndt_5~0#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,955 INFO L290 TraceCheckUtils]: 13: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,955 INFO L290 TraceCheckUtils]: 14: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,956 INFO L290 TraceCheckUtils]: 15: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,956 INFO L290 TraceCheckUtils]: 16: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,957 INFO L272 TraceCheckUtils]: 17: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,957 INFO L290 TraceCheckUtils]: 18: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,958 INFO L290 TraceCheckUtils]: 19: Hoare triple {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {6959#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,958 INFO L290 TraceCheckUtils]: 20: Hoare triple {6959#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume true; {6959#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,959 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {6959#(and (= ~DC~0 ~s~0) (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} {6904#(and (= ~DC~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} #744#return; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,960 INFO L290 TraceCheckUtils]: 22: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,960 INFO L290 TraceCheckUtils]: 23: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,961 INFO L290 TraceCheckUtils]: 24: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == ~pended~0); {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,961 INFO L290 TraceCheckUtils]: 25: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(1bv32 == ~pended~0); {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,961 INFO L290 TraceCheckUtils]: 26: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 != ~UNLOADED~0; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,962 INFO L290 TraceCheckUtils]: 27: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume 4294967295bv32 != main_~status~1#1; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,963 INFO L290 TraceCheckUtils]: 28: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume ~s~0 != ~SKIP2~0; {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} is VALID [2022-02-21 00:02:42,963 INFO L290 TraceCheckUtils]: 29: Hoare triple {6966#(and (= ~s~0 (_ bv2 32)) (= (_ bv7 32) ~IPC~0))} assume !(~s~0 != ~IPC~0); {6897#false} is VALID [2022-02-21 00:02:42,963 INFO L290 TraceCheckUtils]: 30: Hoare triple {6897#false} assume 1bv32 == ~pended~0; {6897#false} is VALID [2022-02-21 00:02:42,964 INFO L290 TraceCheckUtils]: 31: Hoare triple {6897#false} assume 259bv32 != main_~status~1#1; {6897#false} is VALID [2022-02-21 00:02:42,964 INFO L272 TraceCheckUtils]: 32: Hoare triple {6897#false} call errorFn(); {6897#false} is VALID [2022-02-21 00:02:42,964 INFO L290 TraceCheckUtils]: 33: Hoare triple {6897#false} assume !false; {6897#false} is VALID [2022-02-21 00:02:42,964 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:42,965 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:42,965 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:42,965 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2021583192] [2022-02-21 00:02:42,965 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2021583192] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:42,965 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:42,965 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-21 00:02:42,966 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1649859867] [2022-02-21 00:02:42,966 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:42,966 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:42,967 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:42,967 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:43,002 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:43,002 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-21 00:02:43,003 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:43,003 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-21 00:02:43,003 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:43,004 INFO L87 Difference]: Start difference. First operand 301 states and 422 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:43,628 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:43,628 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:43,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:43,629 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:43,630 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:43,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:43,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 289 transitions. [2022-02-21 00:02:43,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:43,635 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 289 transitions. [2022-02-21 00:02:43,635 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 289 transitions. [2022-02-21 00:02:43,894 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 289 edges. 289 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:43,901 INFO L225 Difference]: With dead ends: 306 [2022-02-21 00:02:43,902 INFO L226 Difference]: Without dead ends: 306 [2022-02-21 00:02:43,902 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 30 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:43,903 INFO L933 BasicCegarLoop]: 265 mSDtfsCounter, 294 mSDsluCounter, 194 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 296 SdHoareTripleChecker+Valid, 459 SdHoareTripleChecker+Invalid, 87 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:43,903 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [296 Valid, 459 Invalid, 87 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:43,904 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2022-02-21 00:02:43,910 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 301. [2022-02-21 00:02:43,911 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:43,912 INFO L82 GeneralOperation]: Start isEquivalent. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:43,912 INFO L74 IsIncluded]: Start isIncluded. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:43,913 INFO L87 Difference]: Start difference. First operand 306 states. Second operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:43,921 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:43,921 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:43,921 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-21 00:02:43,922 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:43,922 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:43,924 INFO L74 IsIncluded]: Start isIncluded. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:43,924 INFO L87 Difference]: Start difference. First operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) Second operand 306 states. [2022-02-21 00:02:43,932 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:43,933 INFO L93 Difference]: Finished difference Result 306 states and 425 transitions. [2022-02-21 00:02:43,933 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 425 transitions. [2022-02-21 00:02:43,934 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:43,934 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:43,934 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:43,934 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:43,935 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 267 states have (on average 1.400749063670412) internal successors, (374), 266 states have internal predecessors, (374), 21 states have call successors, (21), 11 states have call predecessors, (21), 12 states have return successors, (26), 23 states have call predecessors, (26), 16 states have call successors, (26) [2022-02-21 00:02:43,942 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 421 transitions. [2022-02-21 00:02:43,942 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 421 transitions. Word has length 34 [2022-02-21 00:02:43,943 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:43,943 INFO L470 AbstractCegarLoop]: Abstraction has 301 states and 421 transitions. [2022-02-21 00:02:43,943 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:43,943 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 421 transitions. [2022-02-21 00:02:43,944 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:43,944 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:43,945 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:43,960 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:44,153 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:44,154 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:44,154 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:44,154 INFO L85 PathProgramCache]: Analyzing trace with hash 2136327390, now seen corresponding path program 1 times [2022-02-21 00:02:44,155 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:44,155 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1484014092] [2022-02-21 00:02:44,155 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:44,155 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:44,155 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:44,156 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:44,157 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-21 00:02:44,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:44,245 INFO L263 TraceCheckSpWp]: Trace formula consists of 141 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:44,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:44,273 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:44,336 INFO L290 TraceCheckUtils]: 0: Hoare triple {8221#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {8221#true} is VALID [2022-02-21 00:02:44,337 INFO L290 TraceCheckUtils]: 1: Hoare triple {8221#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {8221#true} is VALID [2022-02-21 00:02:44,337 INFO L290 TraceCheckUtils]: 2: Hoare triple {8221#true} assume { :end_inline__BLAST_init } true; {8221#true} is VALID [2022-02-21 00:02:44,337 INFO L290 TraceCheckUtils]: 3: Hoare triple {8221#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {8221#true} is VALID [2022-02-21 00:02:44,337 INFO L290 TraceCheckUtils]: 4: Hoare triple {8221#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 5: Hoare triple {8221#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 6: Hoare triple {8221#true} assume { :end_inline_stub_driver_init } true; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 7: Hoare triple {8221#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 8: Hoare triple {8221#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 9: Hoare triple {8221#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {8221#true} is VALID [2022-02-21 00:02:44,338 INFO L290 TraceCheckUtils]: 10: Hoare triple {8221#true} assume 3bv32 == main_~tmp_ndt_3~0#1; {8221#true} is VALID [2022-02-21 00:02:44,339 INFO L290 TraceCheckUtils]: 11: Hoare triple {8221#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {8221#true} is VALID [2022-02-21 00:02:44,339 INFO L290 TraceCheckUtils]: 12: Hoare triple {8221#true} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {8221#true} is VALID [2022-02-21 00:02:44,339 INFO L290 TraceCheckUtils]: 13: Hoare triple {8221#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {8221#true} is VALID [2022-02-21 00:02:44,339 INFO L290 TraceCheckUtils]: 14: Hoare triple {8221#true} assume !(~s~0 != ~NP~0); {8221#true} is VALID [2022-02-21 00:02:44,340 INFO L290 TraceCheckUtils]: 15: Hoare triple {8221#true} assume !(0bv32 != ~compRegistered~0);~compRegistered~0 := 1bv32; {8271#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-21 00:02:44,340 INFO L290 TraceCheckUtils]: 16: Hoare triple {8271#(= ~compRegistered~0 (_ bv1 32))} KbFilter_PnP_~irpSp___0~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224bv32; {8271#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-21 00:02:44,341 INFO L272 TraceCheckUtils]: 17: Hoare triple {8271#(= ~compRegistered~0 (_ bv1 32))} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {8271#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-21 00:02:44,341 INFO L290 TraceCheckUtils]: 18: Hoare triple {8271#(= ~compRegistered~0 (_ bv1 32))} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {8271#(= ~compRegistered~0 (_ bv1 32))} is VALID [2022-02-21 00:02:44,342 INFO L290 TraceCheckUtils]: 19: Hoare triple {8271#(= ~compRegistered~0 (_ bv1 32))} assume !(0bv32 != ~compRegistered~0); {8222#false} is VALID [2022-02-21 00:02:44,342 INFO L290 TraceCheckUtils]: 20: Hoare triple {8222#false} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {8222#false} is VALID [2022-02-21 00:02:44,342 INFO L290 TraceCheckUtils]: 21: Hoare triple {8222#false} assume 0bv32 == ~tmp_ndt_6~0; {8222#false} is VALID [2022-02-21 00:02:44,342 INFO L290 TraceCheckUtils]: 22: Hoare triple {8222#false} ~returnVal2~0 := 0bv32; {8222#false} is VALID [2022-02-21 00:02:44,342 INFO L290 TraceCheckUtils]: 23: Hoare triple {8222#false} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := ~returnVal2~0; {8222#false} is VALID [2022-02-21 00:02:44,343 INFO L290 TraceCheckUtils]: 24: Hoare triple {8222#false} #res := ~returnVal2~0; {8222#false} is VALID [2022-02-21 00:02:44,343 INFO L290 TraceCheckUtils]: 25: Hoare triple {8222#false} assume true; {8222#false} is VALID [2022-02-21 00:02:44,343 INFO L284 TraceCheckUtils]: 26: Hoare quadruple {8222#false} {8271#(= ~compRegistered~0 (_ bv1 32))} #718#return; {8222#false} is VALID [2022-02-21 00:02:44,343 INFO L290 TraceCheckUtils]: 27: Hoare triple {8222#false} KbFilter_PnP_~status~0#1 := KbFilter_PnP_#t~ret10#1;havoc KbFilter_PnP_#t~ret10#1;KbFilter_PnP_~__cil_tmp23~0#1 := KbFilter_PnP_~status~0#1; {8222#false} is VALID [2022-02-21 00:02:44,343 INFO L290 TraceCheckUtils]: 28: Hoare triple {8222#false} assume 259bv32 == KbFilter_PnP_~__cil_tmp23~0#1;assume { :begin_inline_KeWaitForSingleObject } true;KeWaitForSingleObject_#in~Object#1, KeWaitForSingleObject_#in~WaitReason#1, KeWaitForSingleObject_#in~WaitMode#1, KeWaitForSingleObject_#in~Alertable#1, KeWaitForSingleObject_#in~Timeout#1 := KbFilter_PnP_~event~0#1, ~Executive~0, ~KernelMode~0, 0bv32, 0bv32;havoc KeWaitForSingleObject_#res#1;havoc KeWaitForSingleObject_#t~nondet39#1, KeWaitForSingleObject_~tmp_ndt_8~0#1, KeWaitForSingleObject_~Object#1, KeWaitForSingleObject_~WaitReason#1, KeWaitForSingleObject_~WaitMode#1, KeWaitForSingleObject_~Alertable#1, KeWaitForSingleObject_~Timeout#1;KeWaitForSingleObject_~Object#1 := KeWaitForSingleObject_#in~Object#1;KeWaitForSingleObject_~WaitReason#1 := KeWaitForSingleObject_#in~WaitReason#1;KeWaitForSingleObject_~WaitMode#1 := KeWaitForSingleObject_#in~WaitMode#1;KeWaitForSingleObject_~Alertable#1 := KeWaitForSingleObject_#in~Alertable#1;KeWaitForSingleObject_~Timeout#1 := KeWaitForSingleObject_#in~Timeout#1; {8222#false} is VALID [2022-02-21 00:02:44,344 INFO L290 TraceCheckUtils]: 29: Hoare triple {8222#false} assume !(~s~0 == ~MPR3~0); {8222#false} is VALID [2022-02-21 00:02:44,344 INFO L290 TraceCheckUtils]: 30: Hoare triple {8222#false} assume !(1bv32 == ~customIrp~0); {8222#false} is VALID [2022-02-21 00:02:44,344 INFO L290 TraceCheckUtils]: 31: Hoare triple {8222#false} assume ~s~0 == ~MPR3~0; {8222#false} is VALID [2022-02-21 00:02:44,344 INFO L272 TraceCheckUtils]: 32: Hoare triple {8222#false} call errorFn(); {8222#false} is VALID [2022-02-21 00:02:44,344 INFO L290 TraceCheckUtils]: 33: Hoare triple {8222#false} assume !false; {8222#false} is VALID [2022-02-21 00:02:44,345 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:44,345 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:44,345 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:44,345 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1484014092] [2022-02-21 00:02:44,345 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1484014092] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:44,345 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:44,346 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:44,346 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [599459343] [2022-02-21 00:02:44,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:44,346 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:44,347 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:44,347 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:44,373 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:44,373 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:44,373 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:44,374 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:44,374 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:44,374 INFO L87 Difference]: Start difference. First operand 301 states and 421 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:44,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:44,688 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:44,688 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:44,688 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2022-02-21 00:02:44,689 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:44,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:44,691 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 309 transitions. [2022-02-21 00:02:44,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:44,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 309 transitions. [2022-02-21 00:02:44,694 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 309 transitions. [2022-02-21 00:02:44,933 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 309 edges. 309 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:44,938 INFO L225 Difference]: With dead ends: 282 [2022-02-21 00:02:44,938 INFO L226 Difference]: Without dead ends: 282 [2022-02-21 00:02:44,938 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:44,939 INFO L933 BasicCegarLoop]: 306 mSDtfsCounter, 80 mSDsluCounter, 218 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 524 SdHoareTripleChecker+Invalid, 7 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:44,939 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 524 Invalid, 7 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:44,940 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-02-21 00:02:44,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 268. [2022-02-21 00:02:44,945 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:44,946 INFO L82 GeneralOperation]: Start isEquivalent. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:44,947 INFO L74 IsIncluded]: Start isIncluded. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:44,948 INFO L87 Difference]: Start difference. First operand 282 states. Second operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:44,954 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:44,954 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:44,955 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-21 00:02:44,955 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:44,955 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:44,957 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-21 00:02:44,957 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 282 states. [2022-02-21 00:02:44,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:44,964 INFO L93 Difference]: Finished difference Result 282 states and 385 transitions. [2022-02-21 00:02:44,964 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 385 transitions. [2022-02-21 00:02:44,965 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:44,965 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:44,965 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:44,965 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:44,966 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.3898305084745763) internal successors, (328), 235 states have internal predecessors, (328), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:44,971 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 370 transitions. [2022-02-21 00:02:44,972 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 370 transitions. Word has length 34 [2022-02-21 00:02:44,972 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:44,972 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 370 transitions. [2022-02-21 00:02:44,972 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:44,973 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 370 transitions. [2022-02-21 00:02:44,973 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-02-21 00:02:44,973 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:44,974 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:44,986 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:45,186 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:45,186 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:45,187 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:45,187 INFO L85 PathProgramCache]: Analyzing trace with hash -2069817048, now seen corresponding path program 1 times [2022-02-21 00:02:45,187 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:45,187 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1760281814] [2022-02-21 00:02:45,187 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:45,187 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:45,188 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:45,189 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:45,191 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-21 00:02:45,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:45,304 INFO L263 TraceCheckSpWp]: Trace formula consists of 121 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-21 00:02:45,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:45,319 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:45,493 INFO L290 TraceCheckUtils]: 0: Hoare triple {9439#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {9439#true} is VALID [2022-02-21 00:02:45,494 INFO L290 TraceCheckUtils]: 1: Hoare triple {9439#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,495 INFO L290 TraceCheckUtils]: 2: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline__BLAST_init } true; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,495 INFO L290 TraceCheckUtils]: 3: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,496 INFO L290 TraceCheckUtils]: 4: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,496 INFO L290 TraceCheckUtils]: 5: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,497 INFO L290 TraceCheckUtils]: 6: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :end_inline_stub_driver_init } true; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,497 INFO L290 TraceCheckUtils]: 7: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,498 INFO L290 TraceCheckUtils]: 8: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,498 INFO L290 TraceCheckUtils]: 9: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,498 INFO L290 TraceCheckUtils]: 10: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,499 INFO L290 TraceCheckUtils]: 11: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 4bv32 == main_~tmp_ndt_4~0#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,508 INFO L290 TraceCheckUtils]: 12: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,510 INFO L290 TraceCheckUtils]: 13: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,510 INFO L290 TraceCheckUtils]: 14: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} is VALID [2022-02-21 00:02:45,511 INFO L290 TraceCheckUtils]: 15: Hoare triple {9447#(and (= (_ bv3 32) ~SKIP1~0) (= ~NP~0 (_ bv1 32)))} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,511 INFO L290 TraceCheckUtils]: 16: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,512 INFO L290 TraceCheckUtils]: 17: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume !(0bv32 != ~compRegistered~0); {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,512 INFO L290 TraceCheckUtils]: 18: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,513 INFO L290 TraceCheckUtils]: 19: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume 0bv32 == PoCallDriver_~tmp_ndt_9~0#1; {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,513 INFO L290 TraceCheckUtils]: 20: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} PoCallDriver_~returnVal~0#1 := 0bv32; {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} is VALID [2022-02-21 00:02:45,514 INFO L290 TraceCheckUtils]: 21: Hoare triple {9490#(and (= ~NP~0 (_ bv1 32)) (= ~s~0 (_ bv3 32)))} assume ~s~0 == ~NP~0;~s~0 := ~IPC~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {9440#false} is VALID [2022-02-21 00:02:45,514 INFO L290 TraceCheckUtils]: 22: Hoare triple {9440#false} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {9440#false} is VALID [2022-02-21 00:02:45,514 INFO L290 TraceCheckUtils]: 23: Hoare triple {9440#false} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {9440#false} is VALID [2022-02-21 00:02:45,514 INFO L290 TraceCheckUtils]: 24: Hoare triple {9440#false} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {9440#false} is VALID [2022-02-21 00:02:45,514 INFO L290 TraceCheckUtils]: 25: Hoare triple {9440#false} assume !(1bv32 == ~pended~0); {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 26: Hoare triple {9440#false} assume !(1bv32 == ~pended~0); {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 27: Hoare triple {9440#false} assume ~s~0 != ~UNLOADED~0; {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 28: Hoare triple {9440#false} assume 4294967295bv32 != main_~status~1#1; {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 29: Hoare triple {9440#false} assume !(~s~0 != ~SKIP2~0); {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 30: Hoare triple {9440#false} assume 1bv32 == ~pended~0; {9440#false} is VALID [2022-02-21 00:02:45,515 INFO L290 TraceCheckUtils]: 31: Hoare triple {9440#false} assume 259bv32 != main_~status~1#1; {9440#false} is VALID [2022-02-21 00:02:45,516 INFO L272 TraceCheckUtils]: 32: Hoare triple {9440#false} call errorFn(); {9440#false} is VALID [2022-02-21 00:02:45,516 INFO L290 TraceCheckUtils]: 33: Hoare triple {9440#false} assume !false; {9440#false} is VALID [2022-02-21 00:02:45,516 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:45,516 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:45,516 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:45,517 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1760281814] [2022-02-21 00:02:45,517 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1760281814] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:45,517 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:45,517 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-21 00:02:45,517 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1023115011] [2022-02-21 00:02:45,517 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:45,518 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-21 00:02:45,518 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:45,519 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:45,545 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 34 edges. 34 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:45,545 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-21 00:02:45,546 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:45,546 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-21 00:02:45,546 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-21 00:02:45,547 INFO L87 Difference]: Start difference. First operand 268 states and 370 transitions. Second operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:46,149 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:46,150 INFO L93 Difference]: Finished difference Result 268 states and 368 transitions. [2022-02-21 00:02:46,150 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-21 00:02:46,150 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 34 [2022-02-21 00:02:46,150 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:46,151 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:46,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 286 transitions. [2022-02-21 00:02:46,153 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:46,155 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 286 transitions. [2022-02-21 00:02:46,155 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 286 transitions. [2022-02-21 00:02:46,421 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 286 edges. 286 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:46,426 INFO L225 Difference]: With dead ends: 268 [2022-02-21 00:02:46,426 INFO L226 Difference]: Without dead ends: 268 [2022-02-21 00:02:46,426 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-21 00:02:46,427 INFO L933 BasicCegarLoop]: 240 mSDtfsCounter, 285 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 285 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 109 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:46,427 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [285 Valid, 421 Invalid, 109 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:46,428 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2022-02-21 00:02:46,432 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 268. [2022-02-21 00:02:46,432 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:46,433 INFO L82 GeneralOperation]: Start isEquivalent. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:46,433 INFO L74 IsIncluded]: Start isIncluded. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:46,434 INFO L87 Difference]: Start difference. First operand 268 states. Second operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:46,440 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:46,440 INFO L93 Difference]: Finished difference Result 268 states and 368 transitions. [2022-02-21 00:02:46,441 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-21 00:02:46,441 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:46,441 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:46,442 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 268 states. [2022-02-21 00:02:46,443 INFO L87 Difference]: Start difference. First operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) Second operand 268 states. [2022-02-21 00:02:46,453 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:46,453 INFO L93 Difference]: Finished difference Result 268 states and 368 transitions. [2022-02-21 00:02:46,454 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-21 00:02:46,454 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:46,454 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:46,455 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:46,455 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:46,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 236 states have (on average 1.38135593220339) internal successors, (326), 235 states have internal predecessors, (326), 19 states have call successors, (19), 10 states have call predecessors, (19), 12 states have return successors, (23), 22 states have call predecessors, (23), 14 states have call successors, (23) [2022-02-21 00:02:46,461 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 368 transitions. [2022-02-21 00:02:46,461 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 368 transitions. Word has length 34 [2022-02-21 00:02:46,461 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:46,462 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 368 transitions. [2022-02-21 00:02:46,462 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.25) internal successors, (33), 4 states have internal predecessors, (33), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:46,462 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 368 transitions. [2022-02-21 00:02:46,463 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-21 00:02:46,463 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:46,463 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:46,475 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:46,672 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:46,672 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:46,673 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:46,673 INFO L85 PathProgramCache]: Analyzing trace with hash -382146908, now seen corresponding path program 1 times [2022-02-21 00:02:46,673 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:46,673 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1426615400] [2022-02-21 00:02:46,673 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:46,673 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:46,674 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:46,675 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:46,676 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Waiting until timeout for monitored process [2022-02-21 00:02:46,748 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:46,751 INFO L263 TraceCheckSpWp]: Trace formula consists of 124 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:46,774 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:46,776 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:46,885 INFO L290 TraceCheckUtils]: 0: Hoare triple {10618#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {10618#true} is VALID [2022-02-21 00:02:46,885 INFO L290 TraceCheckUtils]: 1: Hoare triple {10618#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {10618#true} is VALID [2022-02-21 00:02:46,885 INFO L290 TraceCheckUtils]: 2: Hoare triple {10618#true} assume { :end_inline__BLAST_init } true; {10618#true} is VALID [2022-02-21 00:02:46,886 INFO L290 TraceCheckUtils]: 3: Hoare triple {10618#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {10618#true} is VALID [2022-02-21 00:02:46,886 INFO L290 TraceCheckUtils]: 4: Hoare triple {10618#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {10618#true} is VALID [2022-02-21 00:02:46,886 INFO L290 TraceCheckUtils]: 5: Hoare triple {10618#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,887 INFO L290 TraceCheckUtils]: 6: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume { :end_inline_stub_driver_init } true; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,887 INFO L290 TraceCheckUtils]: 7: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,888 INFO L290 TraceCheckUtils]: 8: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,888 INFO L290 TraceCheckUtils]: 9: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,889 INFO L290 TraceCheckUtils]: 10: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,889 INFO L290 TraceCheckUtils]: 11: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(4bv32 == main_~tmp_ndt_4~0#1);havoc main_~tmp_ndt_5~0#1;main_~tmp_ndt_5~0#1 := main_#t~nondet28#1;havoc main_#t~nondet28#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,895 INFO L290 TraceCheckUtils]: 12: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume 8bv32 == main_~tmp_ndt_5~0#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,896 INFO L290 TraceCheckUtils]: 13: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume { :begin_inline_KbFilter_InternIoCtl } true;KbFilter_InternIoCtl_#in~DeviceObject#1, KbFilter_InternIoCtl_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_InternIoCtl_#res#1;havoc KbFilter_InternIoCtl_#t~nondet63#1, KbFilter_InternIoCtl_#t~nondet64#1, KbFilter_InternIoCtl_#t~nondet65#1, KbFilter_InternIoCtl_#t~nondet66#1, KbFilter_InternIoCtl_#t~nondet67#1, KbFilter_InternIoCtl_#t~nondet68#1, KbFilter_InternIoCtl_#t~nondet69#1, KbFilter_InternIoCtl_#t~nondet70#1, KbFilter_InternIoCtl_#t~nondet71#1, KbFilter_InternIoCtl_#t~nondet72#1, KbFilter_InternIoCtl_#t~nondet73#1, KbFilter_InternIoCtl_#t~nondet74#1, KbFilter_InternIoCtl_#t~nondet75#1, KbFilter_InternIoCtl_#t~nondet76#1, KbFilter_InternIoCtl_#t~nondet77#1, KbFilter_InternIoCtl_#t~nondet78#1, KbFilter_InternIoCtl_#t~nondet79#1, KbFilter_InternIoCtl_#t~ret80#1, KbFilter_InternIoCtl_~DeviceObject#1, KbFilter_InternIoCtl_~Irp#1, KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1, KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1, KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1, KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1, KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1, KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1, KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1, KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1, KbFilter_InternIoCtl_~hookKeyboard~0#1, KbFilter_InternIoCtl_~connectData~0#1, KbFilter_InternIoCtl_~status~3#1, KbFilter_InternIoCtl_~tmp~3#1, KbFilter_InternIoCtl_~__cil_tmp17~0#1, KbFilter_InternIoCtl_~__cil_tmp18~0#1, KbFilter_InternIoCtl_~__cil_tmp19~0#1, KbFilter_InternIoCtl_~__cil_tmp20~0#1, KbFilter_InternIoCtl_~__cil_tmp21~0#1, KbFilter_InternIoCtl_~__cil_tmp22~0#1, KbFilter_InternIoCtl_~__cil_tmp23~1#1, KbFilter_InternIoCtl_~__cil_tmp24~0#1, KbFilter_InternIoCtl_~__cil_tmp25~0#1, KbFilter_InternIoCtl_~__cil_tmp26~0#1, KbFilter_InternIoCtl_~__cil_tmp27~0#1, KbFilter_InternIoCtl_~__cil_tmp28~0#1, KbFilter_InternIoCtl_~__cil_tmp29~0#1, KbFilter_InternIoCtl_~__cil_tmp30~0#1, KbFilter_InternIoCtl_~__cil_tmp31~0#1, KbFilter_InternIoCtl_~__cil_tmp32~0#1, KbFilter_InternIoCtl_~__cil_tmp33~0#1, KbFilter_InternIoCtl_~__cil_tmp34~0#1, KbFilter_InternIoCtl_~__cil_tmp35~0#1, KbFilter_InternIoCtl_~__cil_tmp36~0#1, KbFilter_InternIoCtl_~__cil_tmp37~0#1, KbFilter_InternIoCtl_~__cil_tmp38~0#1, KbFilter_InternIoCtl_~__cil_tmp39~0#1, KbFilter_InternIoCtl_~__cil_tmp40~0#1, KbFilter_InternIoCtl_~__cil_tmp41~0#1, KbFilter_InternIoCtl_~__cil_tmp42~0#1, KbFilter_InternIoCtl_~__cil_tmp43~0#1, KbFilter_InternIoCtl_~__cil_tmp44~0#1, KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~DeviceObject#1 := KbFilter_InternIoCtl_#in~DeviceObject#1;KbFilter_InternIoCtl_~Irp#1 := KbFilter_InternIoCtl_#in~Irp#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 := KbFilter_InternIoCtl_#t~nondet63#1;havoc KbFilter_InternIoCtl_#t~nondet63#1;KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1 := KbFilter_InternIoCtl_#t~nondet64#1;havoc KbFilter_InternIoCtl_#t~nondet64#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__InputBufferLength~0#1 := KbFilter_InternIoCtl_#t~nondet65#1;havoc KbFilter_InternIoCtl_#t~nondet65#1;KbFilter_InternIoCtl_~sizeof__CONNECT_DATA~0#1 := KbFilter_InternIoCtl_#t~nondet66#1;havoc KbFilter_InternIoCtl_#t~nondet66#1;KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__Type3InputBuffer~0#1 := KbFilter_InternIoCtl_#t~nondet67#1;havoc KbFilter_InternIoCtl_#t~nondet67#1;KbFilter_InternIoCtl_~sizeof__INTERNAL_I8042_HOOK_KEYBOARD~0#1 := KbFilter_InternIoCtl_#t~nondet68#1;havoc KbFilter_InternIoCtl_#t~nondet68#1;KbFilter_InternIoCtl_~hookKeyboard__InitializationRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet69#1;havoc KbFilter_InternIoCtl_#t~nondet69#1;KbFilter_InternIoCtl_~hookKeyboard__IsrRoutine~0#1 := KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_#t~nondet70#1;havoc KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1;havoc KbFilter_InternIoCtl_~hookKeyboard~0#1;havoc KbFilter_InternIoCtl_~connectData~0#1;havoc KbFilter_InternIoCtl_~status~3#1;havoc KbFilter_InternIoCtl_~tmp~3#1;havoc KbFilter_InternIoCtl_~__cil_tmp17~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp18~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp19~0#1;KbFilter_InternIoCtl_~__cil_tmp20~0#1 := KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_#t~nondet71#1;havoc KbFilter_InternIoCtl_~__cil_tmp21~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp22~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp23~1#1;KbFilter_InternIoCtl_~__cil_tmp24~0#1 := KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_#t~nondet72#1;havoc KbFilter_InternIoCtl_~__cil_tmp25~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp26~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp27~0#1;KbFilter_InternIoCtl_~__cil_tmp28~0#1 := KbFilter_InternIoCtl_#t~nondet73#1;havoc KbFilter_InternIoCtl_#t~nondet73#1;KbFilter_InternIoCtl_~__cil_tmp29~0#1 := KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_#t~nondet74#1;havoc KbFilter_InternIoCtl_~__cil_tmp30~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp31~0#1;KbFilter_InternIoCtl_~__cil_tmp32~0#1 := KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_#t~nondet75#1;havoc KbFilter_InternIoCtl_~__cil_tmp33~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp34~0#1;KbFilter_InternIoCtl_~__cil_tmp35~0#1 := KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_#t~nondet76#1;havoc KbFilter_InternIoCtl_~__cil_tmp36~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp37~0#1;KbFilter_InternIoCtl_~__cil_tmp38~0#1 := KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_#t~nondet77#1;havoc KbFilter_InternIoCtl_~__cil_tmp39~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp40~0#1;KbFilter_InternIoCtl_~__cil_tmp41~0#1 := KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_#t~nondet78#1;havoc KbFilter_InternIoCtl_~__cil_tmp42~0#1;havoc KbFilter_InternIoCtl_~__cil_tmp43~0#1;KbFilter_InternIoCtl_~__cil_tmp44~0#1 := KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_#t~nondet79#1;havoc KbFilter_InternIoCtl_~__cil_tmp45~0#1;KbFilter_InternIoCtl_~status~3#1 := 0bv32;KbFilter_InternIoCtl_~Irp__IoStatus__Information~1#1 := 0bv32; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,898 INFO L290 TraceCheckUtils]: 14: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume KbFilter_InternIoCtl_~irpStack__Parameters__DeviceIoControl__IoControlCode~0#1 == KbFilter_InternIoCtl_~__cil_tmp20~0#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,899 INFO L290 TraceCheckUtils]: 15: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume 0bv32 != KbFilter_InternIoCtl_~devExt__UpperConnectData__ClassService~1#1;KbFilter_InternIoCtl_~status~3#1 := 3221225539bv32; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,902 INFO L290 TraceCheckUtils]: 16: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~bvslt32(KbFilter_InternIoCtl_~status~3#1, 0bv32);KbFilter_InternIoCtl_~Irp__IoStatus__Status~2#1 := KbFilter_InternIoCtl_~status~3#1;~myStatus~0 := KbFilter_InternIoCtl_~status~3#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,904 INFO L272 TraceCheckUtils]: 17: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} call IofCompleteRequest(KbFilter_InternIoCtl_~Irp#1, 0bv32); {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,906 INFO L290 TraceCheckUtils]: 18: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} ~Irp := #in~Irp;~PriorityBoost := #in~PriorityBoost; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,906 INFO L290 TraceCheckUtils]: 19: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~s~0 == ~NP~0;~s~0 := ~DC~0; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,907 INFO L290 TraceCheckUtils]: 20: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume true; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,908 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {10638#(= ~pended~0 (_ bv0 32))} {10638#(= ~pended~0 (_ bv0 32))} #744#return; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,908 INFO L290 TraceCheckUtils]: 22: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} KbFilter_InternIoCtl_#res#1 := KbFilter_InternIoCtl_~status~3#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,909 INFO L290 TraceCheckUtils]: 23: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} main_#t~ret33#1 := KbFilter_InternIoCtl_#res#1;assume { :end_inline_KbFilter_InternIoCtl } true;main_~status~1#1 := main_#t~ret33#1;havoc main_#t~ret33#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,910 INFO L290 TraceCheckUtils]: 24: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == ~pended~0); {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,910 INFO L290 TraceCheckUtils]: 25: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume !(1bv32 == ~pended~0); {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,911 INFO L290 TraceCheckUtils]: 26: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~UNLOADED~0; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,911 INFO L290 TraceCheckUtils]: 27: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume 4294967295bv32 != main_~status~1#1; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,912 INFO L290 TraceCheckUtils]: 28: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~SKIP2~0; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,912 INFO L290 TraceCheckUtils]: 29: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~s~0 != ~IPC~0; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,913 INFO L290 TraceCheckUtils]: 30: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume ~s~0 == ~DC~0; {10638#(= ~pended~0 (_ bv0 32))} is VALID [2022-02-21 00:02:46,916 INFO L290 TraceCheckUtils]: 31: Hoare triple {10638#(= ~pended~0 (_ bv0 32))} assume 1bv32 == ~pended~0; {10619#false} is VALID [2022-02-21 00:02:46,917 INFO L290 TraceCheckUtils]: 32: Hoare triple {10619#false} assume 259bv32 != main_~status~1#1; {10619#false} is VALID [2022-02-21 00:02:46,917 INFO L272 TraceCheckUtils]: 33: Hoare triple {10619#false} call errorFn(); {10619#false} is VALID [2022-02-21 00:02:46,917 INFO L290 TraceCheckUtils]: 34: Hoare triple {10619#false} assume !false; {10619#false} is VALID [2022-02-21 00:02:46,917 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:46,918 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:46,918 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:46,918 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1426615400] [2022-02-21 00:02:46,919 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1426615400] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:46,919 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:46,919 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:46,919 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [802280153] [2022-02-21 00:02:46,919 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:46,920 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-21 00:02:46,921 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:46,921 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:46,955 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:46,955 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:46,955 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:46,956 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:46,956 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:46,956 INFO L87 Difference]: Start difference. First operand 268 states and 368 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:47,181 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:47,181 INFO L93 Difference]: Finished difference Result 262 states and 356 transitions. [2022-02-21 00:02:47,182 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:47,182 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2022-02-21 00:02:47,182 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:47,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:47,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 265 transitions. [2022-02-21 00:02:47,186 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:47,188 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 265 transitions. [2022-02-21 00:02:47,188 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 265 transitions. [2022-02-21 00:02:47,415 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 265 edges. 265 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:47,419 INFO L225 Difference]: With dead ends: 262 [2022-02-21 00:02:47,419 INFO L226 Difference]: Without dead ends: 232 [2022-02-21 00:02:47,419 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:47,420 INFO L933 BasicCegarLoop]: 259 mSDtfsCounter, 233 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 233 SdHoareTripleChecker+Valid, 259 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:47,420 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [233 Valid, 259 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:47,421 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2022-02-21 00:02:47,425 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 210. [2022-02-21 00:02:47,425 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:47,425 INFO L82 GeneralOperation]: Start isEquivalent. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:47,426 INFO L74 IsIncluded]: Start isIncluded. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:47,426 INFO L87 Difference]: Start difference. First operand 232 states. Second operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:47,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:47,431 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-21 00:02:47,432 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-21 00:02:47,432 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:47,432 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:47,433 INFO L74 IsIncluded]: Start isIncluded. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-21 00:02:47,433 INFO L87 Difference]: Start difference. First operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 232 states. [2022-02-21 00:02:47,438 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:47,439 INFO L93 Difference]: Finished difference Result 232 states and 314 transitions. [2022-02-21 00:02:47,439 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 314 transitions. [2022-02-21 00:02:47,439 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:47,440 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:47,440 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:47,440 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:47,441 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 186 states have (on average 1.39247311827957) internal successors, (259), 189 states have internal predecessors, (259), 16 states have call successors, (16), 8 states have call predecessors, (16), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:47,444 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 287 transitions. [2022-02-21 00:02:47,444 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 287 transitions. Word has length 35 [2022-02-21 00:02:47,445 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:47,445 INFO L470 AbstractCegarLoop]: Abstraction has 210 states and 287 transitions. [2022-02-21 00:02:47,445 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-21 00:02:47,445 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 287 transitions. [2022-02-21 00:02:47,446 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-21 00:02:47,446 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:47,446 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:47,455 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:47,655 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:47,656 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:47,657 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:47,657 INFO L85 PathProgramCache]: Analyzing trace with hash 758626562, now seen corresponding path program 1 times [2022-02-21 00:02:47,657 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:47,657 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [741055838] [2022-02-21 00:02:47,657 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:47,658 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:47,658 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:47,659 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:47,661 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-21 00:02:47,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:47,750 INFO L263 TraceCheckSpWp]: Trace formula consists of 152 conjuncts, 2 conjunts are in the unsatisfiable core [2022-02-21 00:02:47,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:47,770 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 0: Hoare triple {11661#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 1: Hoare triple {11661#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 2: Hoare triple {11661#true} assume { :end_inline__BLAST_init } true; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 3: Hoare triple {11661#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 4: Hoare triple {11661#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 5: Hoare triple {11661#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {11661#true} is VALID [2022-02-21 00:02:47,886 INFO L290 TraceCheckUtils]: 6: Hoare triple {11661#true} assume { :end_inline_stub_driver_init } true; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 7: Hoare triple {11661#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 8: Hoare triple {11661#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 9: Hoare triple {11661#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 10: Hoare triple {11661#true} assume 3bv32 == main_~tmp_ndt_3~0#1; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 11: Hoare triple {11661#true} assume { :begin_inline_KbFilter_PnP } true;KbFilter_PnP_#in~DeviceObject#1, KbFilter_PnP_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_PnP_#res#1;havoc KbFilter_PnP_#t~nondet4#1, KbFilter_PnP_#t~nondet5#1, KbFilter_PnP_#t~nondet6#1, KbFilter_PnP_#t~nondet7#1, KbFilter_PnP_#t~nondet8#1, KbFilter_PnP_#t~nondet9#1, KbFilter_PnP_#t~ret10#1, KbFilter_PnP_#t~ret11#1, KbFilter_PnP_#t~post12#1, KbFilter_PnP_#t~post13#1, KbFilter_PnP_#t~ret14#1, KbFilter_PnP_#t~post15#1, KbFilter_PnP_#t~post16#1, KbFilter_PnP_#t~ret17#1, KbFilter_PnP_#t~post18#1, KbFilter_PnP_#t~post19#1, KbFilter_PnP_#t~ret20#1, KbFilter_PnP_~DeviceObject#1, KbFilter_PnP_~Irp#1, KbFilter_PnP_~devExt~0#1, KbFilter_PnP_~irpStack~0#1, KbFilter_PnP_~status~0#1, KbFilter_PnP_~event~0#1, KbFilter_PnP_~DeviceObject__DeviceExtension~0#1, KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, KbFilter_PnP_~irpStack__MinorFunction~0#1, KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~devExt__Started~0#1, KbFilter_PnP_~devExt__Removed~0#1, KbFilter_PnP_~devExt__SurpriseRemoved~0#1, KbFilter_PnP_~Irp__IoStatus__Status~0#1, KbFilter_PnP_~Irp__IoStatus__Information~0#1, KbFilter_PnP_~Irp__CurrentLocation~0#1, KbFilter_PnP_~irpSp~0#1, KbFilter_PnP_~nextIrpSp~0#1, KbFilter_PnP_~nextIrpSp__Control~0#1, KbFilter_PnP_~irpSp___0~0#1, KbFilter_PnP_~irpSp__Context~0#1, KbFilter_PnP_~irpSp__Control~0#1, KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~DeviceObject#1 := KbFilter_PnP_#in~DeviceObject#1;KbFilter_PnP_~Irp#1 := KbFilter_PnP_#in~Irp#1;havoc KbFilter_PnP_~devExt~0#1;havoc KbFilter_PnP_~irpStack~0#1;havoc KbFilter_PnP_~status~0#1;KbFilter_PnP_~event~0#1 := KbFilter_PnP_#t~nondet4#1;havoc KbFilter_PnP_#t~nondet4#1;KbFilter_PnP_~DeviceObject__DeviceExtension~0#1 := KbFilter_PnP_#t~nondet5#1;havoc KbFilter_PnP_#t~nondet5#1;KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1 := KbFilter_PnP_#t~nondet6#1;havoc KbFilter_PnP_#t~nondet6#1;KbFilter_PnP_~irpStack__MinorFunction~0#1 := KbFilter_PnP_#t~nondet7#1;havoc KbFilter_PnP_#t~nondet7#1;KbFilter_PnP_~devExt__TopOfStack~0#1 := KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_#t~nondet8#1;havoc KbFilter_PnP_~devExt__Started~0#1;havoc KbFilter_PnP_~devExt__Removed~0#1;havoc KbFilter_PnP_~devExt__SurpriseRemoved~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Status~0#1;havoc KbFilter_PnP_~Irp__IoStatus__Information~0#1;KbFilter_PnP_~Irp__CurrentLocation~0#1 := KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_#t~nondet9#1;havoc KbFilter_PnP_~irpSp~0#1;havoc KbFilter_PnP_~nextIrpSp~0#1;havoc KbFilter_PnP_~nextIrpSp__Control~0#1;havoc KbFilter_PnP_~irpSp___0~0#1;havoc KbFilter_PnP_~irpSp__Context~0#1;havoc KbFilter_PnP_~irpSp__Control~0#1;havoc KbFilter_PnP_~__cil_tmp23~0#1;KbFilter_PnP_~status~0#1 := 0bv32;KbFilter_PnP_~devExt~0#1 := KbFilter_PnP_~DeviceObject__DeviceExtension~0#1;KbFilter_PnP_~irpStack~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1; {11661#true} is VALID [2022-02-21 00:02:47,887 INFO L290 TraceCheckUtils]: 12: Hoare triple {11661#true} assume 0bv32 == KbFilter_PnP_~irpStack__MinorFunction~0#1; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 13: Hoare triple {11661#true} KbFilter_PnP_~irpSp~0#1 := KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1;KbFilter_PnP_~nextIrpSp~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~nextIrpSp__Control~0#1 := 0bv32; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 14: Hoare triple {11661#true} assume !(~s~0 != ~NP~0); {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 15: Hoare triple {11661#true} assume !(0bv32 != ~compRegistered~0);~compRegistered~0 := 1bv32; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 16: Hoare triple {11661#true} KbFilter_PnP_~irpSp___0~0#1 := ~bvsub32(KbFilter_PnP_~Irp__Tail__Overlay__CurrentStackLocation~0#1, 1bv32);KbFilter_PnP_~irpSp__Context~0#1 := KbFilter_PnP_~event~0#1;KbFilter_PnP_~irpSp__Control~0#1 := 224bv32; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L272 TraceCheckUtils]: 17: Hoare triple {11661#true} call KbFilter_PnP_#t~ret10#1 := IofCallDriver(KbFilter_PnP_~devExt__TopOfStack~0#1, KbFilter_PnP_~Irp#1); {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 18: Hoare triple {11661#true} ~DeviceObject := #in~DeviceObject;~Irp := #in~Irp;havoc ~returnVal2~0;havoc ~compRetStatus~0;~lcontext~0 := #t~nondet34;havoc #t~nondet34;havoc ~__cil_tmp7~0; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L290 TraceCheckUtils]: 19: Hoare triple {11661#true} assume 0bv32 != ~compRegistered~0; {11661#true} is VALID [2022-02-21 00:02:47,888 INFO L272 TraceCheckUtils]: 20: Hoare triple {11661#true} call #t~ret35 := KbFilter_Complete(~DeviceObject, ~Irp, ~lcontext~0); {11661#true} is VALID [2022-02-21 00:02:47,889 INFO L290 TraceCheckUtils]: 21: Hoare triple {11661#true} ~DeviceObject#1 := #in~DeviceObject#1;~Irp#1 := #in~Irp#1;~Context#1 := #in~Context#1;havoc ~event~1#1;~event~1#1 := ~Context#1;assume { :begin_inline_KeSetEvent } true;KeSetEvent_#in~Event#1, KeSetEvent_#in~Increment#1, KeSetEvent_#in~Wait#1 := ~event~1#1, 0bv32, 0bv32;havoc KeSetEvent_#res#1;havoc KeSetEvent_#t~nondet38#1, KeSetEvent_~Event#1, KeSetEvent_~Increment#1, KeSetEvent_~Wait#1, KeSetEvent_~l~0#1;KeSetEvent_~Event#1 := KeSetEvent_#in~Event#1;KeSetEvent_~Increment#1 := KeSetEvent_#in~Increment#1;KeSetEvent_~Wait#1 := KeSetEvent_#in~Wait#1;KeSetEvent_~l~0#1 := KeSetEvent_#t~nondet38#1;havoc KeSetEvent_#t~nondet38#1;~setEventCalled~0 := 1bv32;KeSetEvent_#res#1 := KeSetEvent_~l~0#1; {11661#true} is VALID [2022-02-21 00:02:47,889 INFO L290 TraceCheckUtils]: 22: Hoare triple {11661#true} #t~ret40#1 := KeSetEvent_#res#1;assume { :end_inline_KeSetEvent } true;havoc #t~ret40#1;#res#1 := 3221225494bv32; {11661#true} is VALID [2022-02-21 00:02:47,889 INFO L290 TraceCheckUtils]: 23: Hoare triple {11661#true} assume true; {11661#true} is VALID [2022-02-21 00:02:47,889 INFO L284 TraceCheckUtils]: 24: Hoare quadruple {11661#true} {11661#true} #756#return; {11661#true} is VALID [2022-02-21 00:02:47,889 INFO L290 TraceCheckUtils]: 25: Hoare triple {11661#true} ~compRetStatus~0 := #t~ret35;havoc #t~ret35;~__cil_tmp7~0 := ~sign_extendFrom32To64(~compRetStatus~0); {11661#true} is VALID [2022-02-21 00:02:47,890 INFO L290 TraceCheckUtils]: 26: Hoare triple {11661#true} assume 18446744072635809814bv64 == ~__cil_tmp7~0; {11661#true} is VALID [2022-02-21 00:02:47,890 INFO L272 TraceCheckUtils]: 27: Hoare triple {11661#true} call stubMoreProcessingRequired(); {11661#true} is VALID [2022-02-21 00:02:47,890 INFO L290 TraceCheckUtils]: 28: Hoare triple {11661#true} assume ~s~0 == ~NP~0;~s~0 := ~MPR1~0; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,891 INFO L290 TraceCheckUtils]: 29: Hoare triple {11750#(= ~s~0 ~MPR1~0)} assume true; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,891 INFO L284 TraceCheckUtils]: 30: Hoare quadruple {11750#(= ~s~0 ~MPR1~0)} {11661#true} #758#return; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,892 INFO L290 TraceCheckUtils]: 31: Hoare triple {11750#(= ~s~0 ~MPR1~0)} havoc ~tmp_ndt_6~0;~tmp_ndt_6~0 := #t~nondet36;havoc #t~nondet36; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,892 INFO L290 TraceCheckUtils]: 32: Hoare triple {11750#(= ~s~0 ~MPR1~0)} assume 0bv32 == ~tmp_ndt_6~0; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,892 INFO L290 TraceCheckUtils]: 33: Hoare triple {11750#(= ~s~0 ~MPR1~0)} ~returnVal2~0 := 0bv32; {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,893 INFO L290 TraceCheckUtils]: 34: Hoare triple {11750#(= ~s~0 ~MPR1~0)} assume !(~s~0 == ~NP~0); {11750#(= ~s~0 ~MPR1~0)} is VALID [2022-02-21 00:02:47,893 INFO L290 TraceCheckUtils]: 35: Hoare triple {11750#(= ~s~0 ~MPR1~0)} assume !(~s~0 == ~MPR1~0); {11662#false} is VALID [2022-02-21 00:02:47,893 INFO L290 TraceCheckUtils]: 36: Hoare triple {11662#false} assume !(~s~0 == ~SKIP1~0); {11662#false} is VALID [2022-02-21 00:02:47,893 INFO L272 TraceCheckUtils]: 37: Hoare triple {11662#false} call errorFn(); {11662#false} is VALID [2022-02-21 00:02:47,893 INFO L290 TraceCheckUtils]: 38: Hoare triple {11662#false} assume !false; {11662#false} is VALID [2022-02-21 00:02:47,895 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:47,896 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:47,896 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:47,896 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [741055838] [2022-02-21 00:02:47,896 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [741055838] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:47,896 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:47,896 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-21 00:02:47,897 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1552541923] [2022-02-21 00:02:47,897 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:47,897 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-21 00:02:47,898 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:47,898 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:47,926 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:47,927 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-21 00:02:47,927 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:47,927 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-21 00:02:47,928 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:47,928 INFO L87 Difference]: Start difference. First operand 210 states and 287 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:48,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:48,255 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:48,255 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-21 00:02:48,255 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 39 [2022-02-21 00:02:48,255 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:48,255 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:48,257 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 261 transitions. [2022-02-21 00:02:48,257 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:48,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 261 transitions. [2022-02-21 00:02:48,259 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 261 transitions. [2022-02-21 00:02:48,458 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 261 edges. 261 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:48,462 INFO L225 Difference]: With dead ends: 208 [2022-02-21 00:02:48,462 INFO L226 Difference]: Without dead ends: 208 [2022-02-21 00:02:48,463 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 38 GetRequests, 37 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-21 00:02:48,463 INFO L933 BasicCegarLoop]: 257 mSDtfsCounter, 5 mSDsluCounter, 213 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 5 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:48,464 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [5 Valid, 470 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-21 00:02:48,464 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-21 00:02:48,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 208. [2022-02-21 00:02:48,467 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:48,468 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:48,468 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:48,469 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:48,474 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:48,474 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:48,475 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:48,475 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:48,475 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:48,476 INFO L74 IsIncluded]: Start isIncluded. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-21 00:02:48,476 INFO L87 Difference]: Start difference. First operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 208 states. [2022-02-21 00:02:48,481 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:48,481 INFO L93 Difference]: Finished difference Result 208 states and 283 transitions. [2022-02-21 00:02:48,481 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:48,482 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:48,482 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:48,482 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:48,482 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:48,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 185 states have (on average 1.3837837837837839) internal successors, (256), 187 states have internal predecessors, (256), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:48,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 283 transitions. [2022-02-21 00:02:48,487 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 283 transitions. Word has length 39 [2022-02-21 00:02:48,487 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:48,487 INFO L470 AbstractCegarLoop]: Abstraction has 208 states and 283 transitions. [2022-02-21 00:02:48,487 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-21 00:02:48,487 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 283 transitions. [2022-02-21 00:02:48,489 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-21 00:02:48,489 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:48,489 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:48,498 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:48,698 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:48,698 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:48,699 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:48,699 INFO L85 PathProgramCache]: Analyzing trace with hash 143802726, now seen corresponding path program 1 times [2022-02-21 00:02:48,699 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:48,699 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1696954225] [2022-02-21 00:02:48,699 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:48,700 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:48,700 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:48,701 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:48,703 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-21 00:02:48,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:48,772 INFO L263 TraceCheckSpWp]: Trace formula consists of 124 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-21 00:02:48,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:48,785 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:48,953 INFO L290 TraceCheckUtils]: 0: Hoare triple {12612#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {12612#true} is VALID [2022-02-21 00:02:48,953 INFO L290 TraceCheckUtils]: 1: Hoare triple {12612#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {12612#true} is VALID [2022-02-21 00:02:48,953 INFO L290 TraceCheckUtils]: 2: Hoare triple {12612#true} assume { :end_inline__BLAST_init } true; {12612#true} is VALID [2022-02-21 00:02:48,954 INFO L290 TraceCheckUtils]: 3: Hoare triple {12612#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {12612#true} is VALID [2022-02-21 00:02:48,954 INFO L290 TraceCheckUtils]: 4: Hoare triple {12612#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {12612#true} is VALID [2022-02-21 00:02:48,954 INFO L290 TraceCheckUtils]: 5: Hoare triple {12612#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {12612#true} is VALID [2022-02-21 00:02:48,955 INFO L290 TraceCheckUtils]: 6: Hoare triple {12612#true} assume { :end_inline_stub_driver_init } true; {12612#true} is VALID [2022-02-21 00:02:48,955 INFO L290 TraceCheckUtils]: 7: Hoare triple {12612#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {12612#true} is VALID [2022-02-21 00:02:48,956 INFO L290 TraceCheckUtils]: 8: Hoare triple {12612#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {12612#true} is VALID [2022-02-21 00:02:48,956 INFO L290 TraceCheckUtils]: 9: Hoare triple {12612#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {12612#true} is VALID [2022-02-21 00:02:48,956 INFO L290 TraceCheckUtils]: 10: Hoare triple {12612#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {12612#true} is VALID [2022-02-21 00:02:48,956 INFO L290 TraceCheckUtils]: 11: Hoare triple {12612#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {12612#true} is VALID [2022-02-21 00:02:48,956 INFO L290 TraceCheckUtils]: 12: Hoare triple {12612#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 13: Hoare triple {12612#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 14: Hoare triple {12612#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 15: Hoare triple {12612#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 16: Hoare triple {12612#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 17: Hoare triple {12612#true} assume !(0bv32 != ~compRegistered~0); {12612#true} is VALID [2022-02-21 00:02:48,957 INFO L290 TraceCheckUtils]: 18: Hoare triple {12612#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {12612#true} is VALID [2022-02-21 00:02:48,958 INFO L290 TraceCheckUtils]: 19: Hoare triple {12612#true} assume 0bv32 == PoCallDriver_~tmp_ndt_9~0#1; {12612#true} is VALID [2022-02-21 00:02:48,958 INFO L290 TraceCheckUtils]: 20: Hoare triple {12612#true} PoCallDriver_~returnVal~0#1 := 0bv32; {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-21 00:02:48,959 INFO L290 TraceCheckUtils]: 21: Hoare triple {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume !(~s~0 == ~NP~0); {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-21 00:02:48,959 INFO L290 TraceCheckUtils]: 22: Hoare triple {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume !(~s~0 == ~MPR1~0); {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} is VALID [2022-02-21 00:02:48,960 INFO L290 TraceCheckUtils]: 23: Hoare triple {12677#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {12687#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32)))} is VALID [2022-02-21 00:02:48,960 INFO L290 TraceCheckUtils]: 24: Hoare triple {12687#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv0 32)))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {12691#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,961 INFO L290 TraceCheckUtils]: 25: Hoare triple {12691#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {12695#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,961 INFO L290 TraceCheckUtils]: 26: Hoare triple {12695#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,962 INFO L290 TraceCheckUtils]: 27: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,962 INFO L290 TraceCheckUtils]: 28: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,963 INFO L290 TraceCheckUtils]: 29: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,963 INFO L290 TraceCheckUtils]: 30: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,964 INFO L290 TraceCheckUtils]: 31: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,964 INFO L290 TraceCheckUtils]: 32: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,965 INFO L290 TraceCheckUtils]: 33: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:48,965 INFO L290 TraceCheckUtils]: 34: Hoare triple {12699#(and (= (_ bv0 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {12613#false} is VALID [2022-02-21 00:02:48,965 INFO L272 TraceCheckUtils]: 35: Hoare triple {12613#false} call errorFn(); {12613#false} is VALID [2022-02-21 00:02:48,966 INFO L290 TraceCheckUtils]: 36: Hoare triple {12613#false} assume !false; {12613#false} is VALID [2022-02-21 00:02:48,966 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:48,966 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:48,966 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:48,966 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1696954225] [2022-02-21 00:02:48,967 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1696954225] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:48,967 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:48,967 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-21 00:02:48,967 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [777269671] [2022-02-21 00:02:48,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:48,968 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-21 00:02:48,968 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:48,968 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:49,002 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 37 edges. 37 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:49,002 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-21 00:02:49,002 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:49,003 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-21 00:02:49,003 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:49,004 INFO L87 Difference]: Start difference. First operand 208 states and 283 transitions. Second operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:49,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:49,943 INFO L93 Difference]: Finished difference Result 224 states and 301 transitions. [2022-02-21 00:02:49,943 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-21 00:02:49,944 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 37 [2022-02-21 00:02:49,944 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:49,944 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:49,946 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 268 transitions. [2022-02-21 00:02:49,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:49,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 268 transitions. [2022-02-21 00:02:49,949 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 268 transitions. [2022-02-21 00:02:50,189 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 268 edges. 268 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:50,192 INFO L225 Difference]: With dead ends: 224 [2022-02-21 00:02:50,192 INFO L226 Difference]: Without dead ends: 207 [2022-02-21 00:02:50,192 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2022-02-21 00:02:50,193 INFO L933 BasicCegarLoop]: 239 mSDtfsCounter, 179 mSDsluCounter, 777 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 179 SdHoareTripleChecker+Valid, 1016 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:50,193 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [179 Valid, 1016 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:50,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2022-02-21 00:02:50,196 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 207. [2022-02-21 00:02:50,196 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:50,197 INFO L82 GeneralOperation]: Start isEquivalent. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:50,197 INFO L74 IsIncluded]: Start isIncluded. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:50,197 INFO L87 Difference]: Start difference. First operand 207 states. Second operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:50,205 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:50,205 INFO L93 Difference]: Finished difference Result 207 states and 281 transitions. [2022-02-21 00:02:50,205 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-21 00:02:50,206 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:50,206 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:50,207 INFO L74 IsIncluded]: Start isIncluded. First operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 207 states. [2022-02-21 00:02:50,221 INFO L87 Difference]: Start difference. First operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 207 states. [2022-02-21 00:02:50,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:50,227 INFO L93 Difference]: Finished difference Result 207 states and 281 transitions. [2022-02-21 00:02:50,228 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-21 00:02:50,228 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:50,228 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:50,228 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:50,229 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:50,230 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 184 states have (on average 1.3804347826086956) internal successors, (254), 186 states have internal predecessors, (254), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:50,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 281 transitions. [2022-02-21 00:02:50,234 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 281 transitions. Word has length 37 [2022-02-21 00:02:50,234 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:50,234 INFO L470 AbstractCegarLoop]: Abstraction has 207 states and 281 transitions. [2022-02-21 00:02:50,234 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.142857142857143) internal successors, (36), 7 states have internal predecessors, (36), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:50,234 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 281 transitions. [2022-02-21 00:02:50,235 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-21 00:02:50,235 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:50,235 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:50,250 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:50,445 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:50,446 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:50,446 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:50,446 INFO L85 PathProgramCache]: Analyzing trace with hash -1174329751, now seen corresponding path program 1 times [2022-02-21 00:02:50,446 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:50,447 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [416901665] [2022-02-21 00:02:50,447 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:50,447 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:50,447 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:50,448 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:50,450 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2022-02-21 00:02:50,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:50,513 INFO L263 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-21 00:02:50,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:50,526 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:50,698 INFO L290 TraceCheckUtils]: 0: Hoare triple {13580#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {13580#true} is VALID [2022-02-21 00:02:50,698 INFO L290 TraceCheckUtils]: 1: Hoare triple {13580#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 2: Hoare triple {13580#true} assume { :end_inline__BLAST_init } true; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 3: Hoare triple {13580#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 4: Hoare triple {13580#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 5: Hoare triple {13580#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 6: Hoare triple {13580#true} assume { :end_inline_stub_driver_init } true; {13580#true} is VALID [2022-02-21 00:02:50,699 INFO L290 TraceCheckUtils]: 7: Hoare triple {13580#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 8: Hoare triple {13580#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 9: Hoare triple {13580#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 10: Hoare triple {13580#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 11: Hoare triple {13580#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 12: Hoare triple {13580#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {13580#true} is VALID [2022-02-21 00:02:50,700 INFO L290 TraceCheckUtils]: 13: Hoare triple {13580#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 14: Hoare triple {13580#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 15: Hoare triple {13580#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 16: Hoare triple {13580#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 17: Hoare triple {13580#true} assume !(0bv32 != ~compRegistered~0); {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 18: Hoare triple {13580#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {13580#true} is VALID [2022-02-21 00:02:50,701 INFO L290 TraceCheckUtils]: 19: Hoare triple {13580#true} assume !(0bv32 == PoCallDriver_~tmp_ndt_9~0#1);havoc PoCallDriver_~tmp_ndt_10~0#1;PoCallDriver_~tmp_ndt_10~0#1 := PoCallDriver_#t~nondet62#1;havoc PoCallDriver_#t~nondet62#1; {13580#true} is VALID [2022-02-21 00:02:50,702 INFO L290 TraceCheckUtils]: 20: Hoare triple {13580#true} assume 1bv32 == PoCallDriver_~tmp_ndt_10~0#1; {13580#true} is VALID [2022-02-21 00:02:50,702 INFO L290 TraceCheckUtils]: 21: Hoare triple {13580#true} PoCallDriver_~returnVal~0#1 := 3221225473bv32; {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-21 00:02:50,702 INFO L290 TraceCheckUtils]: 22: Hoare triple {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume !(~s~0 == ~NP~0); {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-21 00:02:50,703 INFO L290 TraceCheckUtils]: 23: Hoare triple {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume !(~s~0 == ~MPR1~0); {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} is VALID [2022-02-21 00:02:50,704 INFO L290 TraceCheckUtils]: 24: Hoare triple {13648#(= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|)} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {13658#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|))} is VALID [2022-02-21 00:02:50,704 INFO L290 TraceCheckUtils]: 25: Hoare triple {13658#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= (_ bv3221225473 32) |ULTIMATE.start_PoCallDriver_~returnVal~0#1|))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {13662#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,705 INFO L290 TraceCheckUtils]: 26: Hoare triple {13662#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {13666#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,705 INFO L290 TraceCheckUtils]: 27: Hoare triple {13666#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,706 INFO L290 TraceCheckUtils]: 28: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,706 INFO L290 TraceCheckUtils]: 29: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,707 INFO L290 TraceCheckUtils]: 30: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,708 INFO L290 TraceCheckUtils]: 31: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,708 INFO L290 TraceCheckUtils]: 32: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,710 INFO L290 TraceCheckUtils]: 33: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,711 INFO L290 TraceCheckUtils]: 34: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:50,712 INFO L290 TraceCheckUtils]: 35: Hoare triple {13670#(and (= (_ bv3221225473 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {13581#false} is VALID [2022-02-21 00:02:50,712 INFO L272 TraceCheckUtils]: 36: Hoare triple {13581#false} call errorFn(); {13581#false} is VALID [2022-02-21 00:02:50,712 INFO L290 TraceCheckUtils]: 37: Hoare triple {13581#false} assume !false; {13581#false} is VALID [2022-02-21 00:02:50,712 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:50,712 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:50,713 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:50,713 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [416901665] [2022-02-21 00:02:50,713 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [416901665] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:50,713 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:50,713 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-21 00:02:50,713 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [87986771] [2022-02-21 00:02:50,713 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:50,714 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-21 00:02:50,714 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:50,714 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:50,742 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:50,742 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-21 00:02:50,742 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:50,743 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-21 00:02:50,743 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:50,743 INFO L87 Difference]: Start difference. First operand 207 states and 281 transitions. Second operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:51,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:51,703 INFO L93 Difference]: Finished difference Result 223 states and 299 transitions. [2022-02-21 00:02:51,703 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-21 00:02:51,703 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-21 00:02:51,703 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-21 00:02:51,703 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:51,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 266 transitions. [2022-02-21 00:02:51,706 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:51,707 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 266 transitions. [2022-02-21 00:02:51,708 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 266 transitions. [2022-02-21 00:02:51,928 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 266 edges. 266 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:51,931 INFO L225 Difference]: With dead ends: 223 [2022-02-21 00:02:51,931 INFO L226 Difference]: Without dead ends: 206 [2022-02-21 00:02:51,932 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2022-02-21 00:02:51,932 INFO L933 BasicCegarLoop]: 239 mSDtfsCounter, 37 mSDsluCounter, 1155 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 1394 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-21 00:02:51,932 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 1394 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-21 00:02:51,933 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 206 states. [2022-02-21 00:02:51,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 206 to 206. [2022-02-21 00:02:51,939 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-21 00:02:51,939 INFO L82 GeneralOperation]: Start isEquivalent. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:51,940 INFO L74 IsIncluded]: Start isIncluded. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:51,940 INFO L87 Difference]: Start difference. First operand 206 states. Second operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:51,944 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:51,945 INFO L93 Difference]: Finished difference Result 206 states and 279 transitions. [2022-02-21 00:02:51,945 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-21 00:02:51,945 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:51,946 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:51,946 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 206 states. [2022-02-21 00:02:51,947 INFO L87 Difference]: Start difference. First operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) Second operand 206 states. [2022-02-21 00:02:51,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-21 00:02:51,951 INFO L93 Difference]: Finished difference Result 206 states and 279 transitions. [2022-02-21 00:02:51,951 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-21 00:02:51,952 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-21 00:02:51,952 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-21 00:02:51,952 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-21 00:02:51,952 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-21 00:02:51,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 183 states have (on average 1.3770491803278688) internal successors, (252), 185 states have internal predecessors, (252), 15 states have call successors, (15), 8 states have call predecessors, (15), 7 states have return successors, (12), 12 states have call predecessors, (12), 11 states have call successors, (12) [2022-02-21 00:02:51,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 279 transitions. [2022-02-21 00:02:51,956 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 279 transitions. Word has length 38 [2022-02-21 00:02:51,957 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-21 00:02:51,957 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 279 transitions. [2022-02-21 00:02:51,957 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:51,958 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 279 transitions. [2022-02-21 00:02:51,958 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-02-21 00:02:51,958 INFO L506 BasicCegarLoop]: Found error trace [2022-02-21 00:02:51,958 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-21 00:02:51,970 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Forceful destruction successful, exit code 0 [2022-02-21 00:02:52,167 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-21 00:02:52,168 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK === [errorFnErr0ASSERT_VIOLATIONMEMORY_LEAK, ULTIMATE.startErr0ASSERT_VIOLATIONMEMORY_LEAK] === [2022-02-21 00:02:52,168 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-21 00:02:52,168 INFO L85 PathProgramCache]: Analyzing trace with hash -461855063, now seen corresponding path program 1 times [2022-02-21 00:02:52,168 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-21 00:02:52,168 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1598194963] [2022-02-21 00:02:52,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-21 00:02:52,169 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-21 00:02:52,169 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-21 00:02:52,170 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-21 00:02:52,171 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-21 00:02:52,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:52,245 INFO L263 TraceCheckSpWp]: Trace formula consists of 126 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-21 00:02:52,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-21 00:02:52,259 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 0: Hoare triple {14547#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);call #Ultimate.allocInit(2bv32, 1bv32);call write~init~intINTTYPE1(48bv8, 1bv32, 0bv32, 1bv32);call write~init~intINTTYPE1(0bv8, 1bv32, 1bv32, 1bv32);call #Ultimate.allocInit(23bv32, 2bv32);call #Ultimate.allocInit(12bv32, 3bv32);~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 0bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32; {14547#true} is VALID [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 1: Hoare triple {14547#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet21#1, main_#t~nondet22#1, main_#t~nondet23#1, main_#t~nondet24#1, main_#t~nondet25#1, main_#t~nondet26#1, main_#t~nondet27#1, main_#t~nondet28#1, main_#t~ret29#1, main_#t~ret30#1, main_#t~ret31#1, main_#t~ret32#1, main_#t~ret33#1, main_~tmp_ndt_5~0#1, main_~tmp_ndt_4~0#1, main_~tmp_ndt_3~0#1, main_~tmp_ndt_2~0#1, main_~tmp_ndt_1~0#1, main_~status~1#1, main_~irp~0#1, main_~pirp~0#1, main_~pirp__IoStatus__Status~0#1, main_~irp_choice~0#1, main_~devobj~0#1, main_~__cil_tmp8~0#1;havoc main_~status~1#1;main_~irp~0#1 := main_#t~nondet21#1;havoc main_#t~nondet21#1;havoc main_~pirp~0#1;havoc main_~pirp__IoStatus__Status~0#1;main_~irp_choice~0#1 := main_#t~nondet22#1;havoc main_#t~nondet22#1;main_~devobj~0#1 := main_#t~nondet23#1;havoc main_#t~nondet23#1;havoc main_~__cil_tmp8~0#1;~KernelMode~0 := 0bv32;~Executive~0 := 0bv32;~DevicePowerState~0 := 1bv32;~s~0 := 0bv32;~UNLOADED~0 := 0bv32;~NP~0 := 0bv32;~DC~0 := 0bv32;~SKIP1~0 := 0bv32;~SKIP2~0 := 0bv32;~MPR1~0 := 0bv32;~MPR3~0 := 0bv32;~IPC~0 := 0bv32;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32;~myStatus~0 := 0bv32;main_~status~1#1 := 0bv32;main_~pirp~0#1 := main_~irp~0#1;assume { :begin_inline__BLAST_init } true;~UNLOADED~0 := 0bv32;~NP~0 := 1bv32;~DC~0 := 2bv32;~SKIP1~0 := 3bv32;~SKIP2~0 := 4bv32;~MPR1~0 := 5bv32;~MPR3~0 := 6bv32;~IPC~0 := 7bv32;~s~0 := ~UNLOADED~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {14547#true} is VALID [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 2: Hoare triple {14547#true} assume { :end_inline__BLAST_init } true; {14547#true} is VALID [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 3: Hoare triple {14547#true} assume ~bvsge32(main_~status~1#1, 0bv32);~s~0 := ~NP~0;~customIrp~0 := 0bv32;~setEventCalled~0 := ~customIrp~0;~lowerDriverReturn~0 := ~setEventCalled~0;~compRegistered~0 := ~lowerDriverReturn~0;~pended~0 := ~compRegistered~0;main_~pirp__IoStatus__Status~0#1 := 0bv32;~myStatus~0 := 0bv32; {14547#true} is VALID [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 4: Hoare triple {14547#true} assume 0bv32 == main_~irp_choice~0#1;main_~pirp__IoStatus__Status~0#1 := 3221225659bv32;~myStatus~0 := 3221225659bv32; {14547#true} is VALID [2022-02-21 00:02:52,445 INFO L290 TraceCheckUtils]: 5: Hoare triple {14547#true} assume { :begin_inline_stub_driver_init } true;~s~0 := ~NP~0;~pended~0 := 0bv32;~compFptr~0 := 0bv32;~compRegistered~0 := 0bv32;~lowerDriverReturn~0 := 0bv32;~setEventCalled~0 := 0bv32;~customIrp~0 := 0bv32; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 6: Hoare triple {14547#true} assume { :end_inline_stub_driver_init } true; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 7: Hoare triple {14547#true} assume !~bvslt32(main_~status~1#1, 0bv32);havoc main_~tmp_ndt_1~0#1;main_~tmp_ndt_1~0#1 := main_#t~nondet24#1;havoc main_#t~nondet24#1; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 8: Hoare triple {14547#true} assume !(0bv32 == main_~tmp_ndt_1~0#1);havoc main_~tmp_ndt_2~0#1;main_~tmp_ndt_2~0#1 := main_#t~nondet25#1;havoc main_#t~nondet25#1; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 9: Hoare triple {14547#true} assume !(1bv32 == main_~tmp_ndt_2~0#1);havoc main_~tmp_ndt_3~0#1;main_~tmp_ndt_3~0#1 := main_#t~nondet26#1;havoc main_#t~nondet26#1; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 10: Hoare triple {14547#true} assume !(3bv32 == main_~tmp_ndt_3~0#1);havoc main_~tmp_ndt_4~0#1;main_~tmp_ndt_4~0#1 := main_#t~nondet27#1;havoc main_#t~nondet27#1; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 11: Hoare triple {14547#true} assume 4bv32 == main_~tmp_ndt_4~0#1; {14547#true} is VALID [2022-02-21 00:02:52,446 INFO L290 TraceCheckUtils]: 12: Hoare triple {14547#true} assume { :begin_inline_KbFilter_Power } true;KbFilter_Power_#in~DeviceObject#1, KbFilter_Power_#in~Irp#1 := main_~devobj~0#1, main_~pirp~0#1;havoc KbFilter_Power_#res#1;havoc KbFilter_Power_#t~nondet50#1, KbFilter_Power_#t~nondet51#1, KbFilter_Power_#t~nondet52#1, KbFilter_Power_#t~nondet53#1, KbFilter_Power_#t~nondet54#1, KbFilter_Power_#t~nondet55#1, KbFilter_Power_#t~post56#1, KbFilter_Power_#t~post57#1, KbFilter_Power_#t~ret58#1, KbFilter_Power_~DeviceObject#1, KbFilter_Power_~Irp#1, KbFilter_Power_~irpStack__MinorFunction~1#1, KbFilter_Power_~devExt__DeviceState~0#1, KbFilter_Power_~powerState__DeviceState~0#1, KbFilter_Power_~Irp__CurrentLocation~2#1, KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1, KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~powerType~0#1, KbFilter_Power_~tmp~2#1;KbFilter_Power_~DeviceObject#1 := KbFilter_Power_#in~DeviceObject#1;KbFilter_Power_~Irp#1 := KbFilter_Power_#in~Irp#1;KbFilter_Power_~irpStack__MinorFunction~1#1 := KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_#t~nondet50#1;havoc KbFilter_Power_~devExt__DeviceState~0#1;KbFilter_Power_~powerState__DeviceState~0#1 := KbFilter_Power_#t~nondet51#1;havoc KbFilter_Power_#t~nondet51#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := KbFilter_Power_#t~nondet52#1;havoc KbFilter_Power_#t~nondet52#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := KbFilter_Power_#t~nondet53#1;havoc KbFilter_Power_#t~nondet53#1;KbFilter_Power_~devExt__TopOfStack~1#1 := KbFilter_Power_#t~nondet54#1;havoc KbFilter_Power_#t~nondet54#1;KbFilter_Power_~powerType~0#1 := KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_#t~nondet55#1;havoc KbFilter_Power_~tmp~2#1; {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 13: Hoare triple {14547#true} assume 2bv32 == KbFilter_Power_~irpStack__MinorFunction~1#1; {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 14: Hoare triple {14547#true} assume !(KbFilter_Power_~powerType~0#1 == ~DevicePowerState~0); {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 15: Hoare triple {14547#true} assume ~s~0 == ~NP~0;~s~0 := ~SKIP1~0; {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 16: Hoare triple {14547#true} KbFilter_Power_#t~post56#1 := KbFilter_Power_~Irp__CurrentLocation~2#1;KbFilter_Power_~Irp__CurrentLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post56#1);havoc KbFilter_Power_#t~post56#1;KbFilter_Power_#t~post57#1 := KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1;KbFilter_Power_~Irp__Tail__Overlay__CurrentStackLocation~2#1 := ~bvadd32(1bv32, KbFilter_Power_#t~post57#1);havoc KbFilter_Power_#t~post57#1;assume { :begin_inline_PoCallDriver } true;PoCallDriver_#in~DeviceObject#1, PoCallDriver_#in~Irp#1 := KbFilter_Power_~devExt__TopOfStack~1#1, KbFilter_Power_~Irp#1;havoc PoCallDriver_#res#1;havoc PoCallDriver_#t~nondet59#1, PoCallDriver_#t~ret60#1, PoCallDriver_#t~nondet61#1, PoCallDriver_#t~nondet62#1, PoCallDriver_~tmp_ndt_10~0#1, PoCallDriver_~tmp_ndt_9~0#1, PoCallDriver_~DeviceObject#1, PoCallDriver_~Irp#1, PoCallDriver_~compRetStatus~1#1, PoCallDriver_~returnVal~0#1, PoCallDriver_~lcontext~1#1, PoCallDriver_~__cil_tmp7~1#1, PoCallDriver_~__cil_tmp8~1#1;PoCallDriver_~DeviceObject#1 := PoCallDriver_#in~DeviceObject#1;PoCallDriver_~Irp#1 := PoCallDriver_#in~Irp#1;havoc PoCallDriver_~compRetStatus~1#1;havoc PoCallDriver_~returnVal~0#1;PoCallDriver_~lcontext~1#1 := PoCallDriver_#t~nondet59#1;havoc PoCallDriver_#t~nondet59#1;havoc PoCallDriver_~__cil_tmp7~1#1;havoc PoCallDriver_~__cil_tmp8~1#1; {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 17: Hoare triple {14547#true} assume !(0bv32 != ~compRegistered~0); {14547#true} is VALID [2022-02-21 00:02:52,447 INFO L290 TraceCheckUtils]: 18: Hoare triple {14547#true} havoc PoCallDriver_~tmp_ndt_9~0#1;PoCallDriver_~tmp_ndt_9~0#1 := PoCallDriver_#t~nondet61#1;havoc PoCallDriver_#t~nondet61#1; {14547#true} is VALID [2022-02-21 00:02:52,448 INFO L290 TraceCheckUtils]: 19: Hoare triple {14547#true} assume !(0bv32 == PoCallDriver_~tmp_ndt_9~0#1);havoc PoCallDriver_~tmp_ndt_10~0#1;PoCallDriver_~tmp_ndt_10~0#1 := PoCallDriver_#t~nondet62#1;havoc PoCallDriver_#t~nondet62#1; {14547#true} is VALID [2022-02-21 00:02:52,448 INFO L290 TraceCheckUtils]: 20: Hoare triple {14547#true} assume !(1bv32 == PoCallDriver_~tmp_ndt_10~0#1); {14547#true} is VALID [2022-02-21 00:02:52,448 INFO L290 TraceCheckUtils]: 21: Hoare triple {14547#true} PoCallDriver_~returnVal~0#1 := 259bv32; {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-21 00:02:52,449 INFO L290 TraceCheckUtils]: 22: Hoare triple {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume !(~s~0 == ~NP~0); {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-21 00:02:52,449 INFO L290 TraceCheckUtils]: 23: Hoare triple {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume !(~s~0 == ~MPR1~0); {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} is VALID [2022-02-21 00:02:52,450 INFO L290 TraceCheckUtils]: 24: Hoare triple {14615#(= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32))} assume ~s~0 == ~SKIP1~0;~s~0 := ~SKIP2~0;~lowerDriverReturn~0 := PoCallDriver_~returnVal~0#1; {14625#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32)))} is VALID [2022-02-21 00:02:52,450 INFO L290 TraceCheckUtils]: 25: Hoare triple {14625#(and (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_~returnVal~0#1| (_ bv259 32)))} PoCallDriver_#res#1 := PoCallDriver_~returnVal~0#1; {14629#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,451 INFO L290 TraceCheckUtils]: 26: Hoare triple {14629#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_PoCallDriver_#res#1| ~lowerDriverReturn~0))} KbFilter_Power_#t~ret58#1 := PoCallDriver_#res#1;assume { :end_inline_PoCallDriver } true;KbFilter_Power_~tmp~2#1 := KbFilter_Power_#t~ret58#1;havoc KbFilter_Power_#t~ret58#1;KbFilter_Power_#res#1 := KbFilter_Power_~tmp~2#1; {14633#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,451 INFO L290 TraceCheckUtils]: 27: Hoare triple {14633#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_KbFilter_Power_#res#1| ~lowerDriverReturn~0))} main_#t~ret32#1 := KbFilter_Power_#res#1;assume { :end_inline_KbFilter_Power } true;main_~status~1#1 := main_#t~ret32#1;havoc main_#t~ret32#1; {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,452 INFO L290 TraceCheckUtils]: 28: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,452 INFO L290 TraceCheckUtils]: 29: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,453 INFO L290 TraceCheckUtils]: 30: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume ~s~0 != ~UNLOADED~0; {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,453 INFO L290 TraceCheckUtils]: 31: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume 4294967295bv32 != main_~status~1#1; {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,454 INFO L290 TraceCheckUtils]: 32: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 != ~SKIP2~0); {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,454 INFO L290 TraceCheckUtils]: 33: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(1bv32 == ~pended~0); {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,455 INFO L290 TraceCheckUtils]: 34: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume !(~s~0 == ~DC~0); {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} is VALID [2022-02-21 00:02:52,455 INFO L290 TraceCheckUtils]: 35: Hoare triple {14637#(and (= (_ bv259 32) ~lowerDriverReturn~0) (= |ULTIMATE.start_main_~status~1#1| ~lowerDriverReturn~0))} assume main_~status~1#1 != ~lowerDriverReturn~0; {14548#false} is VALID [2022-02-21 00:02:52,455 INFO L272 TraceCheckUtils]: 36: Hoare triple {14548#false} call errorFn(); {14548#false} is VALID [2022-02-21 00:02:52,455 INFO L290 TraceCheckUtils]: 37: Hoare triple {14548#false} assume !false; {14548#false} is VALID [2022-02-21 00:02:52,456 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-21 00:02:52,456 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-21 00:02:52,456 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-21 00:02:52,456 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1598194963] [2022-02-21 00:02:52,456 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1598194963] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-21 00:02:52,457 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-21 00:02:52,457 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-21 00:02:52,457 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [381502239] [2022-02-21 00:02:52,457 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-21 00:02:52,458 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 38 [2022-02-21 00:02:52,458 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-21 00:02:52,458 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-21 00:02:52,488 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-21 00:02:52,488 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-21 00:02:52,488 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-21 00:02:52,489 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-21 00:02:52,489 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-21 00:02:52,489 INFO L87 Difference]: Start difference. First operand 206 states and 279 transitions. Second operand has 7 states, 7 states have (on average 5.285714285714286) internal successors, (37), 7 states have internal predecessors, (37), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0)