./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 207ea7efa81a205528159a2c1c5225b996f0eb4901bda418907cbc964f19b86c --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:49:43,878 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:49:43,880 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:49:43,913 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:49:43,914 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:49:43,916 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:49:43,917 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:49:43,919 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:49:43,920 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:49:43,923 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:49:43,923 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:49:43,924 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:49:43,925 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:49:43,927 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:49:43,928 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:49:43,930 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:49:43,931 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:49:43,932 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:49:43,934 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:49:43,939 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:49:43,940 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:49:43,940 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:49:43,942 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:49:43,942 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:49:43,947 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:49:43,947 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:49:43,948 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:49:43,949 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:49:43,949 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:49:43,950 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:49:43,950 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:49:43,951 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:49:43,952 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:49:43,952 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:49:43,953 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:49:43,953 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:49:43,954 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:49:43,954 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:49:43,954 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:49:43,955 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:49:43,955 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:49:43,956 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:49:43,977 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:49:43,977 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:49:43,978 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:49:43,978 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:49:43,978 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:49:43,979 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:49:43,979 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:49:43,979 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:49:43,979 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:49:43,980 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:49:43,980 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:49:43,980 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:49:43,981 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:49:43,982 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:49:43,982 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:49:43,982 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:49:43,982 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:49:43,982 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:49:43,982 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:49:43,983 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:43,983 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:49:43,983 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:49:43,983 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:49:43,983 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:49:43,983 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 207ea7efa81a205528159a2c1c5225b996f0eb4901bda418907cbc964f19b86c [2022-02-20 23:49:44,168 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:49:44,187 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:49:44,189 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:49:44,190 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:49:44,191 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:49:44,192 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i [2022-02-20 23:49:44,234 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/fecbbf1dd/20240fdbbe7842179be66f50f637f8cc/FLAGeb269eeb3 [2022-02-20 23:49:44,662 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:49:44,662 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i [2022-02-20 23:49:44,682 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/fecbbf1dd/20240fdbbe7842179be66f50f637f8cc/FLAGeb269eeb3 [2022-02-20 23:49:44,691 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/fecbbf1dd/20240fdbbe7842179be66f50f637f8cc [2022-02-20 23:49:44,693 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:49:44,694 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:49:44,696 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:44,697 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:49:44,699 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:49:44,700 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:44" (1/1) ... [2022-02-20 23:49:44,701 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@445808a9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:44, skipping insertion in model container [2022-02-20 23:49:44,701 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:44" (1/1) ... [2022-02-20 23:49:44,705 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:49:44,746 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:45,085 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:45,095 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-02-20 23:49:45,096 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@4d9fe0df and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:45, skipping insertion in model container [2022-02-20 23:49:45,096 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:45,096 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-02-20 23:49:45,098 INFO L158 Benchmark]: Toolchain (without parser) took 403.00ms. Allocated memory is still 102.8MB. Free memory was 69.4MB in the beginning and 71.1MB in the end (delta: -1.7MB). Peak memory consumption was 7.8MB. Max. memory is 16.1GB. [2022-02-20 23:49:45,098 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 102.8MB. Free memory is still 58.1MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 23:49:45,099 INFO L158 Benchmark]: CACSL2BoogieTranslator took 399.95ms. Allocated memory is still 102.8MB. Free memory was 69.2MB in the beginning and 71.1MB in the end (delta: -2.0MB). Peak memory consumption was 7.8MB. Max. memory is 16.1GB. [2022-02-20 23:49:45,100 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 102.8MB. Free memory is still 58.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 399.95ms. Allocated memory is still 102.8MB. Free memory was 69.2MB in the beginning and 71.1MB in the end (delta: -2.0MB). Peak memory consumption was 7.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 207ea7efa81a205528159a2c1c5225b996f0eb4901bda418907cbc964f19b86c --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:49:46,565 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:49:46,567 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:49:46,593 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:49:46,593 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:49:46,594 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:49:46,597 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:49:46,606 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:49:46,608 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:49:46,613 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:49:46,614 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:49:46,617 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:49:46,618 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:49:46,620 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:49:46,621 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:49:46,622 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:49:46,622 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:49:46,623 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:49:46,624 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:49:46,625 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:49:46,625 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:49:46,626 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:49:46,627 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:49:46,627 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:49:46,629 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:49:46,629 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:49:46,629 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:49:46,630 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:49:46,630 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:49:46,631 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:49:46,633 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:49:46,634 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:49:46,635 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:49:46,636 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:49:46,637 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:49:46,638 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:49:46,639 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:49:46,639 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:49:46,639 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:49:46,640 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:49:46,641 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:49:46,642 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-20 23:49:46,668 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:49:46,668 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:49:46,669 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:49:46,669 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:49:46,670 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:49:46,671 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:49:46,672 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:49:46,672 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:49:46,672 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:49:46,672 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:49:46,673 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:49:46,673 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:49:46,674 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:49:46,675 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:49:46,676 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:49:46,676 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:49:46,676 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:49:46,676 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:46,677 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:49:46,677 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:49:46,677 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 23:49:46,677 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 23:49:46,678 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 23:49:46,678 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 207ea7efa81a205528159a2c1c5225b996f0eb4901bda418907cbc964f19b86c [2022-02-20 23:49:46,937 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:49:46,958 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:49:46,960 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:49:46,961 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:49:46,962 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:49:46,963 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i [2022-02-20 23:49:47,031 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e1c84c11c/6aa1ea843fad4b95a4cdfe56d0ccff02/FLAG53e0ddf95 [2022-02-20 23:49:47,560 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:49:47,561 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test10-1.i [2022-02-20 23:49:47,574 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e1c84c11c/6aa1ea843fad4b95a4cdfe56d0ccff02/FLAG53e0ddf95 [2022-02-20 23:49:47,894 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e1c84c11c/6aa1ea843fad4b95a4cdfe56d0ccff02 [2022-02-20 23:49:47,896 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:49:47,898 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:49:47,899 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:47,899 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:49:47,901 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:49:47,902 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:47" (1/1) ... [2022-02-20 23:49:47,903 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@25d5d384 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:47, skipping insertion in model container [2022-02-20 23:49:47,903 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:47" (1/1) ... [2022-02-20 23:49:47,909 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:49:47,933 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:48,244 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:48,266 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 23:49:48,287 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:48,320 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:48,325 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:49:48,370 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:48,407 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:49:48,407 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48 WrapperNode [2022-02-20 23:49:48,407 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:48,408 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:49:48,409 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:49:48,409 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:49:48,413 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,450 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,473 INFO L137 Inliner]: procedures = 167, calls = 91, calls flagged for inlining = 22, calls inlined = 4, statements flattened = 66 [2022-02-20 23:49:48,476 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:49:48,477 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:49:48,477 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:49:48,477 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:49:48,483 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,483 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,494 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,495 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,503 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,504 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,505 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,508 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:49:48,508 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:49:48,508 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:49:48,509 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:49:48,509 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (1/1) ... [2022-02-20 23:49:48,515 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:48,528 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:49:48,547 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:49:48,550 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:49:48,589 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-02-20 23:49:48,589 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-02-20 23:49:48,590 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:49:48,590 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:49:48,590 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:49:48,590 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:49:48,590 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:49:48,591 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:49:48,592 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:49:48,592 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:49:48,746 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:49:48,748 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:49:49,022 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:49:49,027 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:49:49,028 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 23:49:49,029 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:49:49 BoogieIcfgContainer [2022-02-20 23:49:49,029 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:49:49,030 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:49:49,030 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:49:49,039 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:49:49,039 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:49:47" (1/3) ... [2022-02-20 23:49:49,040 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1fe867ce and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:49:49, skipping insertion in model container [2022-02-20 23:49:49,040 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:48" (2/3) ... [2022-02-20 23:49:49,040 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1fe867ce and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:49:49, skipping insertion in model container [2022-02-20 23:49:49,040 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:49:49" (3/3) ... [2022-02-20 23:49:49,041 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test10-1.i [2022-02-20 23:49:49,044 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:49:49,045 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 34 error locations. [2022-02-20 23:49:49,074 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:49:49,080 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:49:49,081 INFO L340 AbstractCegarLoop]: Starting to check reachability of 34 error locations. [2022-02-20 23:49:49,095 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 37 states have (on average 2.027027027027027) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:49:49,099 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:49:49,099 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:49,100 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:49,100 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr33ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:49:49,103 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:49,104 INFO L85 PathProgramCache]: Analyzing trace with hash 1838783457, now seen corresponding path program 1 times [2022-02-20 23:49:49,112 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:49,112 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [392113251] [2022-02-20 23:49:49,113 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:49,113 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:49,113 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:49,115 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:49,119 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 23:49:49,216 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:49,235 INFO L263 TraceCheckSpWp]: Trace formula consists of 40 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:49:49,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:49,246 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:49,361 INFO L290 TraceCheckUtils]: 0: Hoare triple {80#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {80#true} is VALID [2022-02-20 23:49:49,362 INFO L290 TraceCheckUtils]: 1: Hoare triple {80#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {80#true} is VALID [2022-02-20 23:49:49,362 INFO L272 TraceCheckUtils]: 2: Hoare triple {80#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {80#true} is VALID [2022-02-20 23:49:49,362 INFO L290 TraceCheckUtils]: 3: Hoare triple {80#true} ~size := #in~size; {80#true} is VALID [2022-02-20 23:49:49,363 INFO L290 TraceCheckUtils]: 4: Hoare triple {80#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {97#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:49,363 INFO L290 TraceCheckUtils]: 5: Hoare triple {97#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {97#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:49,364 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {97#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {80#true} #97#return; {104#(not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:49,365 INFO L290 TraceCheckUtils]: 7: Hoare triple {104#(not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {108#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:49,366 INFO L290 TraceCheckUtils]: 8: Hoare triple {108#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32)))} assume entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32; {81#false} is VALID [2022-02-20 23:49:49,366 INFO L290 TraceCheckUtils]: 9: Hoare triple {81#false} assume { :end_inline_entry_point } true; {81#false} is VALID [2022-02-20 23:49:49,366 INFO L290 TraceCheckUtils]: 10: Hoare triple {81#false} assume !(#valid == main_old_#valid#1); {81#false} is VALID [2022-02-20 23:49:49,367 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:49,367 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:49:49,368 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:49,368 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [392113251] [2022-02-20 23:49:49,369 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [392113251] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:49:49,369 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:49:49,369 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:49:49,371 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [530396851] [2022-02-20 23:49:49,371 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:49:49,375 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:49,378 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:49,381 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:49,399 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:49,400 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:49:49,400 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:49,425 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:49:49,426 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:49,429 INFO L87 Difference]: Start difference. First operand has 77 states, 37 states have (on average 2.027027027027027) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:50,121 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:50,123 INFO L93 Difference]: Finished difference Result 148 states and 165 transitions. [2022-02-20 23:49:50,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:49:50,124 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:50,125 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:50,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:50,144 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 166 transitions. [2022-02-20 23:49:50,144 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:50,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 166 transitions. [2022-02-20 23:49:50,154 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 166 transitions. [2022-02-20 23:49:50,303 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 166 edges. 166 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:50,314 INFO L225 Difference]: With dead ends: 148 [2022-02-20 23:49:50,314 INFO L226 Difference]: Without dead ends: 144 [2022-02-20 23:49:50,316 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:50,332 INFO L933 BasicCegarLoop]: 110 mSDtfsCounter, 67 mSDsluCounter, 274 mSDsCounter, 0 mSdLazyCounter, 103 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 384 SdHoareTripleChecker+Invalid, 104 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 103 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:50,332 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [73 Valid, 384 Invalid, 104 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 103 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:49:50,344 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2022-02-20 23:49:50,360 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 79. [2022-02-20 23:49:50,361 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:50,362 INFO L82 GeneralOperation]: Start isEquivalent. First operand 144 states. Second operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) [2022-02-20 23:49:50,363 INFO L74 IsIncluded]: Start isIncluded. First operand 144 states. Second operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) [2022-02-20 23:49:50,363 INFO L87 Difference]: Start difference. First operand 144 states. Second operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) [2022-02-20 23:49:50,373 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:50,374 INFO L93 Difference]: Finished difference Result 144 states and 161 transitions. [2022-02-20 23:49:50,374 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 161 transitions. [2022-02-20 23:49:50,375 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:50,375 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:50,376 INFO L74 IsIncluded]: Start isIncluded. First operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) Second operand 144 states. [2022-02-20 23:49:50,376 INFO L87 Difference]: Start difference. First operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) Second operand 144 states. [2022-02-20 23:49:50,384 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:50,384 INFO L93 Difference]: Finished difference Result 144 states and 161 transitions. [2022-02-20 23:49:50,384 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 161 transitions. [2022-02-20 23:49:50,385 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:50,385 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:50,386 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:50,386 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:50,386 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 39 states have (on average 1.9487179487179487) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 5 states have call predecessors, (8), 4 states have call successors, (8) [2022-02-20 23:49:50,389 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 88 transitions. [2022-02-20 23:49:50,390 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 88 transitions. Word has length 11 [2022-02-20 23:49:50,390 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:50,390 INFO L470 AbstractCegarLoop]: Abstraction has 79 states and 88 transitions. [2022-02-20 23:49:50,390 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:50,391 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 88 transitions. [2022-02-20 23:49:50,391 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:49:50,391 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:50,391 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:50,400 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:50,598 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:50,598 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr33ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:49:50,599 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:50,599 INFO L85 PathProgramCache]: Analyzing trace with hash -1568680158, now seen corresponding path program 1 times [2022-02-20 23:49:50,599 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:50,600 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1945092845] [2022-02-20 23:49:50,600 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:50,600 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:50,600 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:50,601 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:50,603 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 23:49:50,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:50,641 INFO L263 TraceCheckSpWp]: Trace formula consists of 34 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:49:50,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:50,654 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:50,734 INFO L290 TraceCheckUtils]: 0: Hoare triple {632#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {632#true} is VALID [2022-02-20 23:49:50,735 INFO L290 TraceCheckUtils]: 1: Hoare triple {632#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:50,736 INFO L272 TraceCheckUtils]: 2: Hoare triple {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {644#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:50,736 INFO L290 TraceCheckUtils]: 3: Hoare triple {644#(= |old(#valid)| |#valid|)} ~size := #in~size; {644#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:50,737 INFO L290 TraceCheckUtils]: 4: Hoare triple {644#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {644#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:50,737 INFO L290 TraceCheckUtils]: 5: Hoare triple {644#(= |old(#valid)| |#valid|)} assume true; {644#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:50,738 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {644#(= |old(#valid)| |#valid|)} {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #97#return; {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:50,739 INFO L290 TraceCheckUtils]: 7: Hoare triple {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:50,739 INFO L290 TraceCheckUtils]: 8: Hoare triple {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32; {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:50,740 INFO L290 TraceCheckUtils]: 9: Hoare triple {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline_entry_point } true; {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:50,740 INFO L290 TraceCheckUtils]: 10: Hoare triple {640#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(#valid == main_old_#valid#1); {633#false} is VALID [2022-02-20 23:49:50,740 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:50,740 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:49:50,741 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:50,741 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1945092845] [2022-02-20 23:49:50,741 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1945092845] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:49:50,741 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:49:50,741 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:49:50,742 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1028901768] [2022-02-20 23:49:50,742 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:49:50,743 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:50,744 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:50,744 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:50,754 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:50,754 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:49:50,754 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:50,755 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:49:50,755 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:49:50,755 INFO L87 Difference]: Start difference. First operand 79 states and 88 transitions. Second operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:51,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:51,379 INFO L93 Difference]: Finished difference Result 144 states and 160 transitions. [2022-02-20 23:49:51,379 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:49:51,379 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:51,380 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:51,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:51,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 161 transitions. [2022-02-20 23:49:51,382 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:51,384 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 161 transitions. [2022-02-20 23:49:51,384 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 161 transitions. [2022-02-20 23:49:51,536 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 161 edges. 161 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:51,539 INFO L225 Difference]: With dead ends: 144 [2022-02-20 23:49:51,539 INFO L226 Difference]: Without dead ends: 142 [2022-02-20 23:49:51,539 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:49:51,540 INFO L933 BasicCegarLoop]: 124 mSDtfsCounter, 60 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 153 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 153 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:51,540 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [60 Valid, 247 Invalid, 159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 153 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:49:51,541 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 142 states. [2022-02-20 23:49:51,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 142 to 75. [2022-02-20 23:49:51,545 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:51,545 INFO L82 GeneralOperation]: Start isEquivalent. First operand 142 states. Second operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:49:51,546 INFO L74 IsIncluded]: Start isIncluded. First operand 142 states. Second operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:49:51,546 INFO L87 Difference]: Start difference. First operand 142 states. Second operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:49:51,550 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:51,551 INFO L93 Difference]: Finished difference Result 142 states and 158 transitions. [2022-02-20 23:49:51,551 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 158 transitions. [2022-02-20 23:49:51,552 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:51,552 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:51,552 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand 142 states. [2022-02-20 23:49:51,552 INFO L87 Difference]: Start difference. First operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand 142 states. [2022-02-20 23:49:51,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:51,557 INFO L93 Difference]: Finished difference Result 142 states and 158 transitions. [2022-02-20 23:49:51,557 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 158 transitions. [2022-02-20 23:49:51,558 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:51,558 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:51,558 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:51,559 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:51,559 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 36 states have (on average 2.0) internal successors, (72), 69 states have internal predecessors, (72), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:49:51,561 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 80 transitions. [2022-02-20 23:49:51,561 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 80 transitions. Word has length 11 [2022-02-20 23:49:51,561 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:51,561 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 80 transitions. [2022-02-20 23:49:51,562 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:51,562 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 80 transitions. [2022-02-20 23:49:51,562 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:49:51,562 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:51,562 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:51,574 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:51,769 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:51,769 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:49:51,769 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:51,770 INFO L85 PathProgramCache]: Analyzing trace with hash -27781040, now seen corresponding path program 1 times [2022-02-20 23:49:51,770 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:51,771 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1702422979] [2022-02-20 23:49:51,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:51,772 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:51,773 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:51,773 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:51,774 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 23:49:51,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:51,835 INFO L263 TraceCheckSpWp]: Trace formula consists of 56 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:49:51,848 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:51,849 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:51,905 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:52,028 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:49:52,028 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:49:52,040 INFO L290 TraceCheckUtils]: 0: Hoare triple {1171#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1171#true} is VALID [2022-02-20 23:49:52,040 INFO L290 TraceCheckUtils]: 1: Hoare triple {1171#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {1171#true} is VALID [2022-02-20 23:49:52,040 INFO L272 TraceCheckUtils]: 2: Hoare triple {1171#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1171#true} is VALID [2022-02-20 23:49:52,041 INFO L290 TraceCheckUtils]: 3: Hoare triple {1171#true} ~size := #in~size; {1171#true} is VALID [2022-02-20 23:49:52,041 INFO L290 TraceCheckUtils]: 4: Hoare triple {1171#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:52,042 INFO L290 TraceCheckUtils]: 5: Hoare triple {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:52,043 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {1171#true} #97#return; {1195#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,043 INFO L290 TraceCheckUtils]: 7: Hoare triple {1195#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,044 INFO L290 TraceCheckUtils]: 8: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,045 INFO L272 TraceCheckUtils]: 9: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {1206#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:52,046 INFO L290 TraceCheckUtils]: 10: Hoare triple {1206#(= |old(#valid)| |#valid|)} ~size := #in~size; {1206#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:52,048 INFO L290 TraceCheckUtils]: 11: Hoare triple {1206#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:49:52,048 INFO L290 TraceCheckUtils]: 12: Hoare triple {1213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {1213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:49:52,049 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} #99#return; {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,050 INFO L290 TraceCheckUtils]: 14: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~a10~0#1.base]); {1172#false} is VALID [2022-02-20 23:49:52,051 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:52,051 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:49:52,269 INFO L290 TraceCheckUtils]: 14: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~a10~0#1.base]); {1172#false} is VALID [2022-02-20 23:49:52,270 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} #99#return; {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,273 INFO L290 TraceCheckUtils]: 12: Hoare triple {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} assume true; {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} is VALID [2022-02-20 23:49:52,274 INFO L290 TraceCheckUtils]: 11: Hoare triple {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} is VALID [2022-02-20 23:49:52,275 INFO L290 TraceCheckUtils]: 10: Hoare triple {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} ~size := #in~size; {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} is VALID [2022-02-20 23:49:52,275 INFO L272 TraceCheckUtils]: 9: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {1229#(forall ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (_ bv1 1) (select |#valid| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_2|))))} is VALID [2022-02-20 23:49:52,276 INFO L290 TraceCheckUtils]: 8: Hoare triple {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,276 INFO L290 TraceCheckUtils]: 7: Hoare triple {1195#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1199#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,277 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {1171#true} #97#return; {1195#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:52,277 INFO L290 TraceCheckUtils]: 5: Hoare triple {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:52,278 INFO L290 TraceCheckUtils]: 4: Hoare triple {1171#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1188#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:52,278 INFO L290 TraceCheckUtils]: 3: Hoare triple {1171#true} ~size := #in~size; {1171#true} is VALID [2022-02-20 23:49:52,278 INFO L272 TraceCheckUtils]: 2: Hoare triple {1171#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1171#true} is VALID [2022-02-20 23:49:52,278 INFO L290 TraceCheckUtils]: 1: Hoare triple {1171#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {1171#true} is VALID [2022-02-20 23:49:52,278 INFO L290 TraceCheckUtils]: 0: Hoare triple {1171#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1171#true} is VALID [2022-02-20 23:49:52,278 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:52,278 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:52,278 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1702422979] [2022-02-20 23:49:52,279 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1702422979] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:49:52,279 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:49:52,279 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 5] total 7 [2022-02-20 23:49:52,279 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2067114292] [2022-02-20 23:49:52,279 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:49:52,279 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 15 [2022-02-20 23:49:52,279 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:52,280 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:52,296 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:52,296 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:49:52,296 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:52,297 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:49:52,297 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:49:52,297 INFO L87 Difference]: Start difference. First operand 75 states and 80 transitions. Second operand has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:52,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,822 INFO L93 Difference]: Finished difference Result 93 states and 102 transitions. [2022-02-20 23:49:52,823 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:49:52,823 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 15 [2022-02-20 23:49:52,823 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:52,823 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:52,825 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 107 transitions. [2022-02-20 23:49:52,825 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:52,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 107 transitions. [2022-02-20 23:49:52,827 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 107 transitions. [2022-02-20 23:49:52,912 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 107 edges. 107 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:52,914 INFO L225 Difference]: With dead ends: 93 [2022-02-20 23:49:52,914 INFO L226 Difference]: Without dead ends: 93 [2022-02-20 23:49:52,914 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 19 SyntacticMatches, 3 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:49:52,915 INFO L933 BasicCegarLoop]: 57 mSDtfsCounter, 42 mSDsluCounter, 115 mSDsCounter, 0 mSdLazyCounter, 162 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 172 SdHoareTripleChecker+Invalid, 229 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 162 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 58 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:52,915 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [42 Valid, 172 Invalid, 229 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 162 Invalid, 0 Unknown, 58 Unchecked, 0.2s Time] [2022-02-20 23:49:52,916 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2022-02-20 23:49:52,918 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 87. [2022-02-20 23:49:52,918 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:52,919 INFO L82 GeneralOperation]: Start isEquivalent. First operand 93 states. Second operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:49:52,919 INFO L74 IsIncluded]: Start isIncluded. First operand 93 states. Second operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:49:52,919 INFO L87 Difference]: Start difference. First operand 93 states. Second operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:49:52,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,922 INFO L93 Difference]: Finished difference Result 93 states and 102 transitions. [2022-02-20 23:49:52,922 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 102 transitions. [2022-02-20 23:49:52,923 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:52,923 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:52,923 INFO L74 IsIncluded]: Start isIncluded. First operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 93 states. [2022-02-20 23:49:52,923 INFO L87 Difference]: Start difference. First operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 93 states. [2022-02-20 23:49:52,926 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,926 INFO L93 Difference]: Finished difference Result 93 states and 102 transitions. [2022-02-20 23:49:52,926 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 102 transitions. [2022-02-20 23:49:52,927 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:52,927 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:52,927 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:52,927 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:52,927 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 47 states have (on average 1.8297872340425532) internal successors, (86), 78 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:49:52,930 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 99 transitions. [2022-02-20 23:49:52,930 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 99 transitions. Word has length 15 [2022-02-20 23:49:52,930 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:52,930 INFO L470 AbstractCegarLoop]: Abstraction has 87 states and 99 transitions. [2022-02-20 23:49:52,931 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.0) internal successors, (14), 7 states have internal predecessors, (14), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:52,931 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 99 transitions. [2022-02-20 23:49:52,931 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:49:52,931 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:52,931 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:52,940 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:53,138 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:53,138 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:49:53,139 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:53,139 INFO L85 PathProgramCache]: Analyzing trace with hash -27781039, now seen corresponding path program 1 times [2022-02-20 23:49:53,139 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:53,139 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1417075671] [2022-02-20 23:49:53,139 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:53,139 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:53,139 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:53,140 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:53,141 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 23:49:53,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:53,197 INFO L263 TraceCheckSpWp]: Trace formula consists of 56 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:49:53,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:53,209 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:53,227 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:57,399 INFO L356 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2022-02-20 23:49:57,399 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:49:57,413 INFO L290 TraceCheckUtils]: 0: Hoare triple {1633#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1633#true} is VALID [2022-02-20 23:49:57,413 INFO L290 TraceCheckUtils]: 1: Hoare triple {1633#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {1633#true} is VALID [2022-02-20 23:49:57,413 INFO L272 TraceCheckUtils]: 2: Hoare triple {1633#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1633#true} is VALID [2022-02-20 23:49:57,413 INFO L290 TraceCheckUtils]: 3: Hoare triple {1633#true} ~size := #in~size; {1647#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:49:57,414 INFO L290 TraceCheckUtils]: 4: Hoare triple {1647#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1651#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,414 INFO L290 TraceCheckUtils]: 5: Hoare triple {1651#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {1651#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,415 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1651#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {1633#true} #97#return; {1658#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,416 INFO L290 TraceCheckUtils]: 7: Hoare triple {1658#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,416 INFO L290 TraceCheckUtils]: 8: Hoare triple {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,417 INFO L272 TraceCheckUtils]: 9: Hoare triple {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {1669#(= |#length| |old(#length)|)} is VALID [2022-02-20 23:49:57,417 INFO L290 TraceCheckUtils]: 10: Hoare triple {1669#(= |#length| |old(#length)|)} ~size := #in~size; {1673#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:49:57,418 INFO L290 TraceCheckUtils]: 11: Hoare triple {1673#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1677#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:49:57,419 INFO L290 TraceCheckUtils]: 12: Hoare triple {1677#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} assume true; {1677#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:49:57,422 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1677#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #99#return; {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:57,422 INFO L290 TraceCheckUtils]: 14: Hoare triple {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~a10~0#1.offset), #length[entry_point_~a10~0#1.base]) && ~bvule32(entry_point_~a10~0#1.offset, ~bvadd32(4bv32, entry_point_~a10~0#1.offset))) && ~bvule32(0bv32, entry_point_~a10~0#1.offset)); {1634#false} is VALID [2022-02-20 23:49:57,423 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:57,423 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:49:57,606 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:57,607 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1417075671] [2022-02-20 23:49:57,607 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1417075671] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:49:57,607 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1702009930] [2022-02-20 23:49:57,607 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:57,607 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:49:57,619 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:49:57,621 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:49:57,633 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (6)] Waiting until timeout for monitored process [2022-02-20 23:49:57,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:57,688 INFO L263 TraceCheckSpWp]: Trace formula consists of 56 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:49:57,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:57,697 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:57,724 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:57,730 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:00,007 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:00,010 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:00,019 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:00,020 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:00,034 INFO L290 TraceCheckUtils]: 0: Hoare triple {1633#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1633#true} is VALID [2022-02-20 23:50:00,034 INFO L290 TraceCheckUtils]: 1: Hoare triple {1633#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {1633#true} is VALID [2022-02-20 23:50:00,034 INFO L272 TraceCheckUtils]: 2: Hoare triple {1633#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1633#true} is VALID [2022-02-20 23:50:00,035 INFO L290 TraceCheckUtils]: 3: Hoare triple {1633#true} ~size := #in~size; {1647#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:00,036 INFO L290 TraceCheckUtils]: 4: Hoare triple {1647#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1707#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,036 INFO L290 TraceCheckUtils]: 5: Hoare triple {1707#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {1707#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,038 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1707#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {1633#true} #97#return; {1714#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,038 INFO L290 TraceCheckUtils]: 7: Hoare triple {1714#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1718#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,039 INFO L290 TraceCheckUtils]: 8: Hoare triple {1718#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {1718#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,039 INFO L272 TraceCheckUtils]: 9: Hoare triple {1718#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {1725#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:00,040 INFO L290 TraceCheckUtils]: 10: Hoare triple {1725#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {1725#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:00,041 INFO L290 TraceCheckUtils]: 11: Hoare triple {1725#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1732#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_24 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_24))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:00,042 INFO L290 TraceCheckUtils]: 12: Hoare triple {1732#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_24 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_24))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {1732#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_24 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_24))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:00,043 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1732#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_24 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_24))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {1718#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #99#return; {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:00,044 INFO L290 TraceCheckUtils]: 14: Hoare triple {1662#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~a10~0#1.offset), #length[entry_point_~a10~0#1.base]) && ~bvule32(entry_point_~a10~0#1.offset, ~bvadd32(4bv32, entry_point_~a10~0#1.offset))) && ~bvule32(0bv32, entry_point_~a10~0#1.offset)); {1634#false} is VALID [2022-02-20 23:50:00,044 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 1 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:00,044 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:00,254 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1702009930] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:00,254 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:00,255 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 13 [2022-02-20 23:50:00,255 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1337003684] [2022-02-20 23:50:00,255 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:00,255 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 15 [2022-02-20 23:50:00,255 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:00,255 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-02-20 23:50:00,276 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:00,277 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-02-20 23:50:00,277 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:00,277 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-02-20 23:50:00,277 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=43, Invalid=226, Unknown=3, NotChecked=0, Total=272 [2022-02-20 23:50:00,278 INFO L87 Difference]: Start difference. First operand 87 states and 99 transitions. Second operand has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-02-20 23:50:07,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:07,044 INFO L93 Difference]: Finished difference Result 147 states and 164 transitions. [2022-02-20 23:50:07,044 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:50:07,045 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 15 [2022-02-20 23:50:07,045 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:07,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-02-20 23:50:07,047 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 164 transitions. [2022-02-20 23:50:07,047 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-02-20 23:50:07,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 164 transitions. [2022-02-20 23:50:07,049 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 164 transitions. [2022-02-20 23:50:07,201 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 164 edges. 164 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:07,202 INFO L225 Difference]: With dead ends: 147 [2022-02-20 23:50:07,202 INFO L226 Difference]: Without dead ends: 147 [2022-02-20 23:50:07,203 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 16 SyntacticMatches, 1 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 53 ImplicationChecksByTransitivity, 8.5s TimeCoverageRelationStatistics Valid=56, Invalid=282, Unknown=4, NotChecked=0, Total=342 [2022-02-20 23:50:07,203 INFO L933 BasicCegarLoop]: 91 mSDtfsCounter, 106 mSDsluCounter, 486 mSDsCounter, 0 mSdLazyCounter, 565 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 106 SdHoareTripleChecker+Valid, 577 SdHoareTripleChecker+Invalid, 755 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 565 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 164 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:07,204 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [106 Valid, 577 Invalid, 755 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 565 Invalid, 0 Unknown, 164 Unchecked, 0.9s Time] [2022-02-20 23:50:07,204 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 147 states. [2022-02-20 23:50:07,208 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 147 to 115. [2022-02-20 23:50:07,208 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:07,208 INFO L82 GeneralOperation]: Start isEquivalent. First operand 147 states. Second operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:07,208 INFO L74 IsIncluded]: Start isIncluded. First operand 147 states. Second operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:07,209 INFO L87 Difference]: Start difference. First operand 147 states. Second operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:07,212 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:07,212 INFO L93 Difference]: Finished difference Result 147 states and 164 transitions. [2022-02-20 23:50:07,212 INFO L276 IsEmpty]: Start isEmpty. Operand 147 states and 164 transitions. [2022-02-20 23:50:07,212 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:07,213 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:07,213 INFO L74 IsIncluded]: Start isIncluded. First operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) Second operand 147 states. [2022-02-20 23:50:07,213 INFO L87 Difference]: Start difference. First operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) Second operand 147 states. [2022-02-20 23:50:07,216 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:07,216 INFO L93 Difference]: Finished difference Result 147 states and 164 transitions. [2022-02-20 23:50:07,217 INFO L276 IsEmpty]: Start isEmpty. Operand 147 states and 164 transitions. [2022-02-20 23:50:07,217 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:07,217 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:07,217 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:07,217 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:07,218 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 115 states, 73 states have (on average 1.8082191780821917) internal successors, (132), 104 states have internal predecessors, (132), 7 states have call successors, (7), 2 states have call predecessors, (7), 3 states have return successors, (12), 8 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:07,220 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 115 states to 115 states and 151 transitions. [2022-02-20 23:50:07,220 INFO L78 Accepts]: Start accepts. Automaton has 115 states and 151 transitions. Word has length 15 [2022-02-20 23:50:07,220 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:07,220 INFO L470 AbstractCegarLoop]: Abstraction has 115 states and 151 transitions. [2022-02-20 23:50:07,220 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 1.3846153846153846) internal successors, (18), 11 states have internal predecessors, (18), 3 states have call successors, (3), 3 states have call predecessors, (3), 4 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-02-20 23:50:07,221 INFO L276 IsEmpty]: Start isEmpty. Operand 115 states and 151 transitions. [2022-02-20 23:50:07,221 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:50:07,221 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:07,221 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:07,232 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:07,429 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (6)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:07,627 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:07,627 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:07,628 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:07,628 INFO L85 PathProgramCache]: Analyzing trace with hash -1824732399, now seen corresponding path program 1 times [2022-02-20 23:50:07,628 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:07,628 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1494609016] [2022-02-20 23:50:07,628 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:07,628 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:07,628 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:07,629 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:07,630 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 23:50:07,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:07,673 INFO L263 TraceCheckSpWp]: Trace formula consists of 50 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:07,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:07,679 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:07,765 INFO L290 TraceCheckUtils]: 0: Hoare triple {2308#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2308#true} is VALID [2022-02-20 23:50:07,765 INFO L290 TraceCheckUtils]: 1: Hoare triple {2308#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {2308#true} is VALID [2022-02-20 23:50:07,766 INFO L272 TraceCheckUtils]: 2: Hoare triple {2308#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {2308#true} is VALID [2022-02-20 23:50:07,766 INFO L290 TraceCheckUtils]: 3: Hoare triple {2308#true} ~size := #in~size; {2308#true} is VALID [2022-02-20 23:50:07,766 INFO L290 TraceCheckUtils]: 4: Hoare triple {2308#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2325#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:07,766 INFO L290 TraceCheckUtils]: 5: Hoare triple {2325#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {2325#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:07,767 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2325#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {2308#true} #97#return; {2332#(and (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:07,767 INFO L290 TraceCheckUtils]: 7: Hoare triple {2332#(and (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {2336#(and (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:07,768 INFO L290 TraceCheckUtils]: 8: Hoare triple {2336#(and (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {2309#false} is VALID [2022-02-20 23:50:07,768 INFO L272 TraceCheckUtils]: 9: Hoare triple {2309#false} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {2309#false} is VALID [2022-02-20 23:50:07,768 INFO L290 TraceCheckUtils]: 10: Hoare triple {2309#false} ~size := #in~size; {2309#false} is VALID [2022-02-20 23:50:07,768 INFO L290 TraceCheckUtils]: 11: Hoare triple {2309#false} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2309#false} is VALID [2022-02-20 23:50:07,769 INFO L290 TraceCheckUtils]: 12: Hoare triple {2309#false} assume true; {2309#false} is VALID [2022-02-20 23:50:07,769 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2309#false} {2309#false} #99#return; {2309#false} is VALID [2022-02-20 23:50:07,769 INFO L290 TraceCheckUtils]: 14: Hoare triple {2309#false} assume !(1bv1 == #valid[entry_point_~a10~0#1.base]); {2309#false} is VALID [2022-02-20 23:50:07,769 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:07,769 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:07,769 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:07,769 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1494609016] [2022-02-20 23:50:07,769 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1494609016] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:07,770 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:07,770 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:07,770 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [783202931] [2022-02-20 23:50:07,770 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:07,770 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 15 [2022-02-20 23:50:07,770 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:07,771 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:07,781 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:07,781 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:07,781 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:07,782 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:07,782 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:07,782 INFO L87 Difference]: Start difference. First operand 115 states and 151 transitions. Second operand has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,117 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,117 INFO L93 Difference]: Finished difference Result 105 states and 135 transitions. [2022-02-20 23:50:08,117 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:08,117 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 15 [2022-02-20 23:50:08,118 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:08,118 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,119 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 81 transitions. [2022-02-20 23:50:08,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,120 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 81 transitions. [2022-02-20 23:50:08,120 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 81 transitions. [2022-02-20 23:50:08,185 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 81 edges. 81 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:08,187 INFO L225 Difference]: With dead ends: 105 [2022-02-20 23:50:08,187 INFO L226 Difference]: Without dead ends: 103 [2022-02-20 23:50:08,187 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:08,188 INFO L933 BasicCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:08,188 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 288 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:50:08,188 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-02-20 23:50:08,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 101. [2022-02-20 23:50:08,192 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:08,192 INFO L82 GeneralOperation]: Start isEquivalent. First operand 103 states. Second operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:08,192 INFO L74 IsIncluded]: Start isIncluded. First operand 103 states. Second operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:08,193 INFO L87 Difference]: Start difference. First operand 103 states. Second operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:08,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,195 INFO L93 Difference]: Finished difference Result 103 states and 133 transitions. [2022-02-20 23:50:08,195 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 133 transitions. [2022-02-20 23:50:08,196 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:08,196 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:08,196 INFO L74 IsIncluded]: Start isIncluded. First operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 103 states. [2022-02-20 23:50:08,196 INFO L87 Difference]: Start difference. First operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 103 states. [2022-02-20 23:50:08,199 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,199 INFO L93 Difference]: Finished difference Result 103 states and 133 transitions. [2022-02-20 23:50:08,199 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 133 transitions. [2022-02-20 23:50:08,199 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:08,199 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:08,199 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:08,199 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:08,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 65 states have (on average 1.8153846153846154) internal successors, (118), 92 states have internal predecessors, (118), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:08,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 131 transitions. [2022-02-20 23:50:08,202 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 131 transitions. Word has length 15 [2022-02-20 23:50:08,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:08,202 INFO L470 AbstractCegarLoop]: Abstraction has 101 states and 131 transitions. [2022-02-20 23:50:08,202 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.2) internal successors, (11), 4 states have internal predecessors, (11), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,202 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 131 transitions. [2022-02-20 23:50:08,202 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:50:08,202 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:08,203 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:08,222 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:08,409 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:08,409 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr31ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:08,410 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:08,410 INFO L85 PathProgramCache]: Analyzing trace with hash -1259761877, now seen corresponding path program 1 times [2022-02-20 23:50:08,410 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:08,410 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2027810135] [2022-02-20 23:50:08,410 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:08,410 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:08,410 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:08,411 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:08,412 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 23:50:08,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:08,459 INFO L263 TraceCheckSpWp]: Trace formula consists of 79 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:08,467 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:08,468 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:08,519 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:08,541 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 8 [2022-02-20 23:50:08,554 INFO L290 TraceCheckUtils]: 0: Hoare triple {2769#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2769#true} is VALID [2022-02-20 23:50:08,555 INFO L290 TraceCheckUtils]: 1: Hoare triple {2769#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {2769#true} is VALID [2022-02-20 23:50:08,555 INFO L272 TraceCheckUtils]: 2: Hoare triple {2769#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {2769#true} is VALID [2022-02-20 23:50:08,555 INFO L290 TraceCheckUtils]: 3: Hoare triple {2769#true} ~size := #in~size; {2769#true} is VALID [2022-02-20 23:50:08,555 INFO L290 TraceCheckUtils]: 4: Hoare triple {2769#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2769#true} is VALID [2022-02-20 23:50:08,557 INFO L290 TraceCheckUtils]: 5: Hoare triple {2769#true} assume true; {2769#true} is VALID [2022-02-20 23:50:08,558 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2769#true} {2769#true} #97#return; {2769#true} is VALID [2022-02-20 23:50:08,558 INFO L290 TraceCheckUtils]: 7: Hoare triple {2769#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {2769#true} is VALID [2022-02-20 23:50:08,558 INFO L290 TraceCheckUtils]: 8: Hoare triple {2769#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {2769#true} is VALID [2022-02-20 23:50:08,558 INFO L272 TraceCheckUtils]: 9: Hoare triple {2769#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {2769#true} is VALID [2022-02-20 23:50:08,558 INFO L290 TraceCheckUtils]: 10: Hoare triple {2769#true} ~size := #in~size; {2769#true} is VALID [2022-02-20 23:50:08,559 INFO L290 TraceCheckUtils]: 11: Hoare triple {2769#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2807#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,559 INFO L290 TraceCheckUtils]: 12: Hoare triple {2807#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {2807#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,560 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2807#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {2769#true} #99#return; {2814#(not (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,561 INFO L290 TraceCheckUtils]: 14: Hoare triple {2814#(not (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {2818#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:08,562 INFO L290 TraceCheckUtils]: 15: Hoare triple {2818#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {2818#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:08,563 INFO L290 TraceCheckUtils]: 16: Hoare triple {2818#(not (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {2825#(not (= |ULTIMATE.start_entry_point_#t~mem46#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,563 INFO L290 TraceCheckUtils]: 17: Hoare triple {2825#(not (= |ULTIMATE.start_entry_point_#t~mem46#1.base| (_ bv0 32)))} assume entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32;havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {2770#false} is VALID [2022-02-20 23:50:08,564 INFO L290 TraceCheckUtils]: 18: Hoare triple {2770#false} assume 0bv32 == entry_point_~a10~0#1.offset; {2770#false} is VALID [2022-02-20 23:50:08,565 INFO L290 TraceCheckUtils]: 19: Hoare triple {2770#false} assume !~bvult32(entry_point_~a10~0#1.base, #StackHeapBarrier); {2770#false} is VALID [2022-02-20 23:50:08,565 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:08,565 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:08,565 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:08,565 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2027810135] [2022-02-20 23:50:08,566 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2027810135] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:08,566 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:08,566 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:50:08,566 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1430856642] [2022-02-20 23:50:08,566 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:08,566 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 20 [2022-02-20 23:50:08,566 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:08,567 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:08,581 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:08,582 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:50:08,582 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:08,582 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:50:08,582 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:50:08,582 INFO L87 Difference]: Start difference. First operand 101 states and 131 transitions. Second operand has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:09,053 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,053 INFO L93 Difference]: Finished difference Result 113 states and 147 transitions. [2022-02-20 23:50:09,053 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:50:09,053 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 20 [2022-02-20 23:50:09,053 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:09,054 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:09,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 90 transitions. [2022-02-20 23:50:09,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:09,056 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 90 transitions. [2022-02-20 23:50:09,056 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 90 transitions. [2022-02-20 23:50:09,127 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 90 edges. 90 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:09,128 INFO L225 Difference]: With dead ends: 113 [2022-02-20 23:50:09,128 INFO L226 Difference]: Without dead ends: 113 [2022-02-20 23:50:09,129 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:50:09,129 INFO L933 BasicCegarLoop]: 70 mSDtfsCounter, 5 mSDsluCounter, 248 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 318 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:09,129 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [7 Valid, 318 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:50:09,130 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113 states. [2022-02-20 23:50:09,133 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113 to 107. [2022-02-20 23:50:09,133 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:09,133 INFO L82 GeneralOperation]: Start isEquivalent. First operand 113 states. Second operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:09,133 INFO L74 IsIncluded]: Start isIncluded. First operand 113 states. Second operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:09,134 INFO L87 Difference]: Start difference. First operand 113 states. Second operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:09,136 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,136 INFO L93 Difference]: Finished difference Result 113 states and 147 transitions. [2022-02-20 23:50:09,136 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 147 transitions. [2022-02-20 23:50:09,136 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:09,136 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:09,137 INFO L74 IsIncluded]: Start isIncluded. First operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) Second operand 113 states. [2022-02-20 23:50:09,137 INFO L87 Difference]: Start difference. First operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) Second operand 113 states. [2022-02-20 23:50:09,139 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,139 INFO L93 Difference]: Finished difference Result 113 states and 147 transitions. [2022-02-20 23:50:09,140 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 147 transitions. [2022-02-20 23:50:09,140 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:09,140 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:09,140 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:09,140 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:09,140 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 107 states, 70 states have (on average 1.7571428571428571) internal successors, (123), 97 states have internal predecessors, (123), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:09,142 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 137 transitions. [2022-02-20 23:50:09,142 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 137 transitions. Word has length 20 [2022-02-20 23:50:09,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:09,143 INFO L470 AbstractCegarLoop]: Abstraction has 107 states and 137 transitions. [2022-02-20 23:50:09,143 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 2.5) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:09,143 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 137 transitions. [2022-02-20 23:50:09,143 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:50:09,143 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:09,143 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:09,164 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:09,352 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:09,352 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr31ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:09,353 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:09,353 INFO L85 PathProgramCache]: Analyzing trace with hash 1227750956, now seen corresponding path program 1 times [2022-02-20 23:50:09,353 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:09,353 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [136347687] [2022-02-20 23:50:09,353 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:09,353 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:09,353 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:09,354 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:09,355 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 23:50:09,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:09,403 INFO L263 TraceCheckSpWp]: Trace formula consists of 73 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:50:09,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:09,413 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:09,691 INFO L290 TraceCheckUtils]: 0: Hoare triple {3284#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,692 INFO L290 TraceCheckUtils]: 1: Hoare triple {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,702 INFO L272 TraceCheckUtils]: 2: Hoare triple {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,703 INFO L290 TraceCheckUtils]: 3: Hoare triple {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,706 INFO L290 TraceCheckUtils]: 4: Hoare triple {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3302#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,707 INFO L290 TraceCheckUtils]: 5: Hoare triple {3302#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {3302#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,708 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3302#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {3289#(bvult (_ bv0 32) |#StackHeapBarrier|)} #97#return; {3309#(and (not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:09,708 INFO L290 TraceCheckUtils]: 7: Hoare triple {3309#(and (not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,708 INFO L290 TraceCheckUtils]: 8: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,711 INFO L272 TraceCheckUtils]: 9: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,713 INFO L290 TraceCheckUtils]: 10: Hoare triple {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} ~size := #in~size; {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,715 INFO L290 TraceCheckUtils]: 11: Hoare triple {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,718 INFO L290 TraceCheckUtils]: 12: Hoare triple {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} assume true; {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,719 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3320#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} #99#return; {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,720 INFO L290 TraceCheckUtils]: 14: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,720 INFO L290 TraceCheckUtils]: 15: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,721 INFO L290 TraceCheckUtils]: 16: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,721 INFO L290 TraceCheckUtils]: 17: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} assume entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32;havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,721 INFO L290 TraceCheckUtils]: 18: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} assume 0bv32 == entry_point_~a10~0#1.offset; {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,722 INFO L290 TraceCheckUtils]: 19: Hoare triple {3313#(and (bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 32))))} assume !~bvult32(entry_point_~a10~0#1.base, #StackHeapBarrier); {3285#false} is VALID [2022-02-20 23:50:09,722 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:09,722 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:09,841 INFO L290 TraceCheckUtils]: 19: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~a10~0#1.base, #StackHeapBarrier); {3285#false} is VALID [2022-02-20 23:50:09,842 INFO L290 TraceCheckUtils]: 18: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~a10~0#1.offset; {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,842 INFO L290 TraceCheckUtils]: 17: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} assume entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32;havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,842 INFO L290 TraceCheckUtils]: 16: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,843 INFO L290 TraceCheckUtils]: 15: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,843 INFO L290 TraceCheckUtils]: 14: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,844 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3284#true} {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} #99#return; {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,844 INFO L290 TraceCheckUtils]: 12: Hoare triple {3284#true} assume true; {3284#true} is VALID [2022-02-20 23:50:09,844 INFO L290 TraceCheckUtils]: 11: Hoare triple {3284#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3284#true} is VALID [2022-02-20 23:50:09,844 INFO L290 TraceCheckUtils]: 10: Hoare triple {3284#true} ~size := #in~size; {3284#true} is VALID [2022-02-20 23:50:09,844 INFO L272 TraceCheckUtils]: 9: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {3284#true} is VALID [2022-02-20 23:50:09,844 INFO L290 TraceCheckUtils]: 8: Hoare triple {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,845 INFO L290 TraceCheckUtils]: 7: Hoare triple {3388#(bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|)} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3351#(bvult |ULTIMATE.start_entry_point_~a10~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,845 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3395#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {3284#true} #97#return; {3388#(bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,846 INFO L290 TraceCheckUtils]: 5: Hoare triple {3395#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {3395#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,846 INFO L290 TraceCheckUtils]: 4: Hoare triple {3284#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3395#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,846 INFO L290 TraceCheckUtils]: 3: Hoare triple {3284#true} ~size := #in~size; {3284#true} is VALID [2022-02-20 23:50:09,846 INFO L272 TraceCheckUtils]: 2: Hoare triple {3284#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3284#true} is VALID [2022-02-20 23:50:09,846 INFO L290 TraceCheckUtils]: 1: Hoare triple {3284#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {3284#true} is VALID [2022-02-20 23:50:09,846 INFO L290 TraceCheckUtils]: 0: Hoare triple {3284#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3284#true} is VALID [2022-02-20 23:50:09,847 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:09,847 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:09,847 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [136347687] [2022-02-20 23:50:09,847 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [136347687] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:09,847 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:09,847 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:50:09,847 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [742564559] [2022-02-20 23:50:09,847 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:09,847 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 20 [2022-02-20 23:50:09,848 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:09,848 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:09,888 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:09,888 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:50:09,888 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:09,889 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:50:09,889 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:50:09,889 INFO L87 Difference]: Start difference. First operand 107 states and 137 transitions. Second operand has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,687 INFO L93 Difference]: Finished difference Result 106 states and 135 transitions. [2022-02-20 23:50:10,687 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:50:10,687 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 20 [2022-02-20 23:50:10,687 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:10,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 82 transitions. [2022-02-20 23:50:10,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,690 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 82 transitions. [2022-02-20 23:50:10,690 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 82 transitions. [2022-02-20 23:50:10,786 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 82 edges. 82 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:10,787 INFO L225 Difference]: With dead ends: 106 [2022-02-20 23:50:10,787 INFO L226 Difference]: Without dead ends: 106 [2022-02-20 23:50:10,787 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 39 GetRequests, 29 SyntacticMatches, 1 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=74, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:50:10,788 INFO L933 BasicCegarLoop]: 49 mSDtfsCounter, 166 mSDsluCounter, 132 mSDsCounter, 0 mSdLazyCounter, 119 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 171 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 119 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 20 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:10,788 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [171 Valid, 181 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 119 Invalid, 0 Unknown, 20 Unchecked, 0.2s Time] [2022-02-20 23:50:10,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states. [2022-02-20 23:50:10,791 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 106. [2022-02-20 23:50:10,791 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:10,791 INFO L82 GeneralOperation]: Start isEquivalent. First operand 106 states. Second operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:10,792 INFO L74 IsIncluded]: Start isIncluded. First operand 106 states. Second operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:10,792 INFO L87 Difference]: Start difference. First operand 106 states. Second operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:10,794 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,794 INFO L93 Difference]: Finished difference Result 106 states and 135 transitions. [2022-02-20 23:50:10,794 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 135 transitions. [2022-02-20 23:50:10,794 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:10,794 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:10,795 INFO L74 IsIncluded]: Start isIncluded. First operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) Second operand 106 states. [2022-02-20 23:50:10,795 INFO L87 Difference]: Start difference. First operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) Second operand 106 states. [2022-02-20 23:50:10,802 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,802 INFO L93 Difference]: Finished difference Result 106 states and 135 transitions. [2022-02-20 23:50:10,802 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 135 transitions. [2022-02-20 23:50:10,802 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:10,802 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:10,802 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:10,802 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:10,803 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 70 states have (on average 1.7285714285714286) internal successors, (121), 96 states have internal predecessors, (121), 5 states have call successors, (5), 2 states have call predecessors, (5), 4 states have return successors, (9), 7 states have call predecessors, (9), 5 states have call successors, (9) [2022-02-20 23:50:10,805 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 135 transitions. [2022-02-20 23:50:10,805 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 135 transitions. Word has length 20 [2022-02-20 23:50:10,806 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:10,806 INFO L470 AbstractCegarLoop]: Abstraction has 106 states and 135 transitions. [2022-02-20 23:50:10,806 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 3.4444444444444446) internal successors, (31), 8 states have internal predecessors, (31), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,806 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 135 transitions. [2022-02-20 23:50:10,806 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 23:50:10,807 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:10,807 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:10,817 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Ended with exit code 0 [2022-02-20 23:50:11,015 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:11,016 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr33ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:11,016 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:11,016 INFO L85 PathProgramCache]: Analyzing trace with hash -12644306, now seen corresponding path program 1 times [2022-02-20 23:50:11,016 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:11,016 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1473922119] [2022-02-20 23:50:11,016 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:11,016 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:11,017 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:11,017 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:11,018 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 23:50:11,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:11,064 INFO L263 TraceCheckSpWp]: Trace formula consists of 78 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:50:11,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:11,071 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:11,284 INFO L290 TraceCheckUtils]: 0: Hoare triple {3836#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3836#true} is VALID [2022-02-20 23:50:11,284 INFO L290 TraceCheckUtils]: 1: Hoare triple {3836#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {3844#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:11,285 INFO L272 TraceCheckUtils]: 2: Hoare triple {3844#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,285 INFO L290 TraceCheckUtils]: 3: Hoare triple {3848#(= |old(#valid)| |#valid|)} ~size := #in~size; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,286 INFO L290 TraceCheckUtils]: 4: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:11,287 INFO L290 TraceCheckUtils]: 5: Hoare triple {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:11,288 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {3844#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #97#return; {3862#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base|))) (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base| v_ArrVal_59) |#valid|)))} is VALID [2022-02-20 23:50:11,288 INFO L290 TraceCheckUtils]: 7: Hoare triple {3862#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base|))) (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base| v_ArrVal_59) |#valid|)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,289 INFO L290 TraceCheckUtils]: 8: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,290 INFO L272 TraceCheckUtils]: 9: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,290 INFO L290 TraceCheckUtils]: 10: Hoare triple {3848#(= |old(#valid)| |#valid|)} ~size := #in~size; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,295 INFO L290 TraceCheckUtils]: 11: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,296 INFO L290 TraceCheckUtils]: 12: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume true; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,297 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3848#(= |old(#valid)| |#valid|)} {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} #99#return; {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,297 INFO L290 TraceCheckUtils]: 14: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,298 INFO L290 TraceCheckUtils]: 15: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,298 INFO L290 TraceCheckUtils]: 16: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,299 INFO L290 TraceCheckUtils]: 17: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} assume entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32;havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,299 INFO L290 TraceCheckUtils]: 18: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} assume 0bv32 == entry_point_~a10~0#1.offset; {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,300 INFO L290 TraceCheckUtils]: 19: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} assume ~bvult32(entry_point_~a10~0#1.base, #StackHeapBarrier); {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} is VALID [2022-02-20 23:50:11,301 INFO L290 TraceCheckUtils]: 20: Hoare triple {3866#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))))} assume 0bv32 == entry_point_~a10~0#1.base || 1bv1 == #valid[entry_point_~a10~0#1.base];call ULTIMATE.dealloc(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset); {3906#(exists ((|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 1)) |#valid|) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|)))))} is VALID [2022-02-20 23:50:11,301 INFO L290 TraceCheckUtils]: 21: Hoare triple {3906#(exists ((|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 1)) |#valid|) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|)))))} assume { :end_inline_entry_point } true; {3906#(exists ((|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 1)) |#valid|) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|)))))} is VALID [2022-02-20 23:50:11,302 INFO L290 TraceCheckUtils]: 22: Hoare triple {3906#(exists ((|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| (_ bv0 1)) |#valid|) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|)))))} assume !(#valid == main_old_#valid#1); {3837#false} is VALID [2022-02-20 23:50:11,302 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:11,302 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:15,518 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:15,519 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1473922119] [2022-02-20 23:50:15,519 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1473922119] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:15,519 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1841638889] [2022-02-20 23:50:15,519 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:15,519 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:15,519 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:15,520 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:15,520 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Waiting until timeout for monitored process [2022-02-20 23:50:15,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:15,594 INFO L263 TraceCheckSpWp]: Trace formula consists of 78 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:50:15,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:15,604 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:15,890 INFO L290 TraceCheckUtils]: 0: Hoare triple {3836#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3967#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} is VALID [2022-02-20 23:50:15,891 INFO L290 TraceCheckUtils]: 1: Hoare triple {3967#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,892 INFO L272 TraceCheckUtils]: 2: Hoare triple {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,892 INFO L290 TraceCheckUtils]: 3: Hoare triple {3848#(= |old(#valid)| |#valid|)} ~size := #in~size; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,893 INFO L290 TraceCheckUtils]: 4: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:15,894 INFO L290 TraceCheckUtils]: 5: Hoare triple {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:15,895 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3855#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_59) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} #97#return; {3987#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base|))) (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,895 INFO L290 TraceCheckUtils]: 7: Hoare triple {3987#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base|))) (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret44#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,896 INFO L290 TraceCheckUtils]: 8: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,896 INFO L272 TraceCheckUtils]: 9: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,897 INFO L290 TraceCheckUtils]: 10: Hoare triple {3848#(= |old(#valid)| |#valid|)} ~size := #in~size; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,897 INFO L290 TraceCheckUtils]: 11: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,897 INFO L290 TraceCheckUtils]: 12: Hoare triple {3848#(= |old(#valid)| |#valid|)} assume true; {3848#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,898 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3848#(= |old(#valid)| |#valid|)} {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} #99#return; {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,899 INFO L290 TraceCheckUtils]: 14: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,900 INFO L290 TraceCheckUtils]: 15: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,900 INFO L290 TraceCheckUtils]: 16: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,901 INFO L290 TraceCheckUtils]: 17: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32;havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,901 INFO L290 TraceCheckUtils]: 18: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~a10~0#1.offset; {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,906 INFO L290 TraceCheckUtils]: 19: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume ~bvult32(entry_point_~a10~0#1.base, #StackHeapBarrier); {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,907 INFO L290 TraceCheckUtils]: 20: Hoare triple {3991#(and (exists ((v_ArrVal_59 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base| v_ArrVal_59) |#valid|)) (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~a10~0#1.base|))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~a10~0#1.base || 1bv1 == #valid[entry_point_~a10~0#1.base];call ULTIMATE.dealloc(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset); {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,908 INFO L290 TraceCheckUtils]: 21: Hoare triple {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume { :end_inline_entry_point } true; {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,908 INFO L290 TraceCheckUtils]: 22: Hoare triple {3971#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume !(#valid == main_old_#valid#1); {3837#false} is VALID [2022-02-20 23:50:15,909 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:15,909 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:20,072 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1841638889] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:20,073 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:20,073 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6] total 11 [2022-02-20 23:50:20,073 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2109650460] [2022-02-20 23:50:20,073 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:20,073 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 23 [2022-02-20 23:50:20,073 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:20,073 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,122 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 39 edges. 39 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:20,122 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:50:20,122 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:20,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:50:20,123 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=166, Unknown=2, NotChecked=0, Total=210 [2022-02-20 23:50:20,123 INFO L87 Difference]: Start difference. First operand 106 states and 135 transitions. Second operand has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,738 INFO L93 Difference]: Finished difference Result 115 states and 142 transitions. [2022-02-20 23:50:20,738 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:50:20,738 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 23 [2022-02-20 23:50:20,738 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:20,739 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,740 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 92 transitions. [2022-02-20 23:50:20,740 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,741 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 92 transitions. [2022-02-20 23:50:20,741 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 92 transitions. [2022-02-20 23:50:20,817 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 92 edges. 92 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:20,819 INFO L225 Difference]: With dead ends: 115 [2022-02-20 23:50:20,819 INFO L226 Difference]: Without dead ends: 108 [2022-02-20 23:50:20,819 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 80 GetRequests, 60 SyntacticMatches, 5 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 2 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 8.3s TimeCoverageRelationStatistics Valid=50, Invalid=220, Unknown=2, NotChecked=0, Total=272 [2022-02-20 23:50:20,820 INFO L933 BasicCegarLoop]: 70 mSDtfsCounter, 8 mSDsluCounter, 229 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 245 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 145 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:20,820 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [8 Valid, 299 Invalid, 245 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 96 Invalid, 0 Unknown, 145 Unchecked, 0.1s Time] [2022-02-20 23:50:20,825 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2022-02-20 23:50:20,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 101. [2022-02-20 23:50:20,828 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:20,828 INFO L82 GeneralOperation]: Start isEquivalent. First operand 108 states. Second operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:20,829 INFO L74 IsIncluded]: Start isIncluded. First operand 108 states. Second operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:20,829 INFO L87 Difference]: Start difference. First operand 108 states. Second operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:20,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,831 INFO L93 Difference]: Finished difference Result 108 states and 135 transitions. [2022-02-20 23:50:20,831 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2022-02-20 23:50:20,831 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:20,832 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:20,832 INFO L74 IsIncluded]: Start isIncluded. First operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 108 states. [2022-02-20 23:50:20,832 INFO L87 Difference]: Start difference. First operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 108 states. [2022-02-20 23:50:20,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,837 INFO L93 Difference]: Finished difference Result 108 states and 135 transitions. [2022-02-20 23:50:20,837 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2022-02-20 23:50:20,837 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:20,837 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:20,837 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:20,837 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:20,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 65 states have (on average 1.7692307692307692) internal successors, (115), 91 states have internal predecessors, (115), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:20,839 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 128 transitions. [2022-02-20 23:50:20,839 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 128 transitions. Word has length 23 [2022-02-20 23:50:20,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:20,840 INFO L470 AbstractCegarLoop]: Abstraction has 101 states and 128 transitions. [2022-02-20 23:50:20,840 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 3.1) internal successors, (31), 10 states have internal predecessors, (31), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,840 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 128 transitions. [2022-02-20 23:50:20,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:20,840 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:20,840 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:20,843 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Ended with exit code 0 [2022-02-20 23:50:21,049 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:21,243 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:21,243 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr6REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:21,243 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:21,243 INFO L85 PathProgramCache]: Analyzing trace with hash -1738347476, now seen corresponding path program 1 times [2022-02-20 23:50:21,243 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:21,244 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1022037943] [2022-02-20 23:50:21,244 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:21,244 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:21,244 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:21,245 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:21,245 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-20 23:50:21,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:21,301 INFO L263 TraceCheckSpWp]: Trace formula consists of 101 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:50:21,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:21,310 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:21,332 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:21,356 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:21,381 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:50:21,460 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:50:21,461 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:50:21,471 INFO L290 TraceCheckUtils]: 0: Hoare triple {4523#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 1: Hoare triple {4523#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L272 TraceCheckUtils]: 2: Hoare triple {4523#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 3: Hoare triple {4523#true} ~size := #in~size; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 4: Hoare triple {4523#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 5: Hoare triple {4523#true} assume true; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4523#true} {4523#true} #97#return; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 7: Hoare triple {4523#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 8: Hoare triple {4523#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L272 TraceCheckUtils]: 9: Hoare triple {4523#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {4523#true} is VALID [2022-02-20 23:50:21,472 INFO L290 TraceCheckUtils]: 10: Hoare triple {4523#true} ~size := #in~size; {4523#true} is VALID [2022-02-20 23:50:21,473 INFO L290 TraceCheckUtils]: 11: Hoare triple {4523#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,473 INFO L290 TraceCheckUtils]: 12: Hoare triple {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,474 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {4523#true} #99#return; {4568#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,475 INFO L290 TraceCheckUtils]: 14: Hoare triple {4568#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,476 INFO L290 TraceCheckUtils]: 15: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,476 INFO L290 TraceCheckUtils]: 16: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,477 INFO L290 TraceCheckUtils]: 17: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,477 INFO L290 TraceCheckUtils]: 18: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,478 INFO L272 TraceCheckUtils]: 19: Hoare triple {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {4589#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:21,478 INFO L290 TraceCheckUtils]: 20: Hoare triple {4589#(= |old(#valid)| |#valid|)} ~size := #in~size; {4589#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:21,479 INFO L290 TraceCheckUtils]: 21: Hoare triple {4589#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4596#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:21,479 INFO L290 TraceCheckUtils]: 22: Hoare triple {4596#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {4596#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:21,480 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {4596#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} #101#return; {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,481 INFO L290 TraceCheckUtils]: 24: Hoare triple {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_#t~mem47#1.base]); {4524#false} is VALID [2022-02-20 23:50:21,481 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:21,481 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:21,668 INFO L290 TraceCheckUtils]: 24: Hoare triple {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_#t~mem47#1.base]); {4524#false} is VALID [2022-02-20 23:50:21,669 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} #101#return; {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,670 INFO L290 TraceCheckUtils]: 22: Hoare triple {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} assume true; {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:50:21,671 INFO L290 TraceCheckUtils]: 21: Hoare triple {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:50:21,671 INFO L290 TraceCheckUtils]: 20: Hoare triple {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} ~size := #in~size; {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:50:21,672 INFO L272 TraceCheckUtils]: 19: Hoare triple {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {4612#(forall ((|v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|))) (= (select |#valid| |v_ULTIMATE.start_entry_point_#t~mem47#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:50:21,672 INFO L290 TraceCheckUtils]: 18: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {4585#(= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,673 INFO L290 TraceCheckUtils]: 17: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,673 INFO L290 TraceCheckUtils]: 16: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,673 INFO L290 TraceCheckUtils]: 15: Hoare triple {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,675 INFO L290 TraceCheckUtils]: 14: Hoare triple {4568#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {4572#(= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:21,675 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {4523#true} #99#return; {4568#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,676 INFO L290 TraceCheckUtils]: 12: Hoare triple {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,676 INFO L290 TraceCheckUtils]: 11: Hoare triple {4523#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4561#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,677 INFO L290 TraceCheckUtils]: 10: Hoare triple {4523#true} ~size := #in~size; {4523#true} is VALID [2022-02-20 23:50:21,677 INFO L272 TraceCheckUtils]: 9: Hoare triple {4523#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {4523#true} is VALID [2022-02-20 23:50:21,679 INFO L290 TraceCheckUtils]: 8: Hoare triple {4523#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {4523#true} is VALID [2022-02-20 23:50:21,680 INFO L290 TraceCheckUtils]: 7: Hoare triple {4523#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {4523#true} is VALID [2022-02-20 23:50:21,681 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4523#true} {4523#true} #97#return; {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L290 TraceCheckUtils]: 5: Hoare triple {4523#true} assume true; {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L290 TraceCheckUtils]: 4: Hoare triple {4523#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L290 TraceCheckUtils]: 3: Hoare triple {4523#true} ~size := #in~size; {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L272 TraceCheckUtils]: 2: Hoare triple {4523#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L290 TraceCheckUtils]: 1: Hoare triple {4523#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L290 TraceCheckUtils]: 0: Hoare triple {4523#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4523#true} is VALID [2022-02-20 23:50:21,682 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:21,682 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:21,682 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1022037943] [2022-02-20 23:50:21,682 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1022037943] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:21,682 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:21,682 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6] total 8 [2022-02-20 23:50:21,683 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [837327734] [2022-02-20 23:50:21,683 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:21,683 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 25 [2022-02-20 23:50:21,683 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:21,683 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:21,708 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:21,708 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:50:21,708 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:21,708 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:50:21,708 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=55, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:50:21,709 INFO L87 Difference]: Start difference. First operand 101 states and 128 transitions. Second operand has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,638 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,638 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:22,638 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:50:22,639 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 25 [2022-02-20 23:50:22,639 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:22,640 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 90 transitions. [2022-02-20 23:50:22,647 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 90 transitions. [2022-02-20 23:50:22,649 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 90 transitions. [2022-02-20 23:50:22,722 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 90 edges. 90 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:22,723 INFO L225 Difference]: With dead ends: 113 [2022-02-20 23:50:22,724 INFO L226 Difference]: Without dead ends: 113 [2022-02-20 23:50:22,724 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 51 GetRequests, 38 SyntacticMatches, 3 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=102, Unknown=0, NotChecked=0, Total=132 [2022-02-20 23:50:22,724 INFO L933 BasicCegarLoop]: 70 mSDtfsCounter, 7 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 208 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 294 SdHoareTripleChecker+Invalid, 322 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 208 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 108 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:22,725 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [7 Valid, 294 Invalid, 322 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 208 Invalid, 0 Unknown, 108 Unchecked, 0.3s Time] [2022-02-20 23:50:22,725 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113 states. [2022-02-20 23:50:22,727 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113 to 111. [2022-02-20 23:50:22,727 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:22,728 INFO L82 GeneralOperation]: Start isEquivalent. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:22,728 INFO L74 IsIncluded]: Start isIncluded. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:22,728 INFO L87 Difference]: Start difference. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:22,756 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,756 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:22,756 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 142 transitions. [2022-02-20 23:50:22,756 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:22,757 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:22,757 INFO L74 IsIncluded]: Start isIncluded. First operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) Second operand 113 states. [2022-02-20 23:50:22,757 INFO L87 Difference]: Start difference. First operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) Second operand 113 states. [2022-02-20 23:50:22,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,759 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:22,759 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 142 transitions. [2022-02-20 23:50:22,759 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:22,760 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:22,760 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:22,760 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:22,760 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 73 states have (on average 1.7123287671232876) internal successors, (125), 98 states have internal predecessors, (125), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:22,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 142 transitions. [2022-02-20 23:50:22,762 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 142 transitions. Word has length 25 [2022-02-20 23:50:22,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:22,762 INFO L470 AbstractCegarLoop]: Abstraction has 111 states and 142 transitions. [2022-02-20 23:50:22,762 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 2.625) internal successors, (21), 8 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,762 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 142 transitions. [2022-02-20 23:50:22,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:22,763 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:22,763 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:22,776 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:22,967 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:22,967 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr7REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:22,968 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:22,968 INFO L85 PathProgramCache]: Analyzing trace with hash -1738347475, now seen corresponding path program 1 times [2022-02-20 23:50:22,968 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:22,968 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1532461232] [2022-02-20 23:50:22,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:22,968 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:22,968 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:22,969 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:22,970 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-20 23:50:23,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:23,027 INFO L263 TraceCheckSpWp]: Trace formula consists of 101 conjuncts, 22 conjunts are in the unsatisfiable core [2022-02-20 23:50:23,042 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:23,043 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:23,072 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:23,117 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:23,123 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:23,171 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:50:23,176 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:50:27,285 INFO L356 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2022-02-20 23:50:27,285 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:27,300 INFO L290 TraceCheckUtils]: 0: Hoare triple {5134#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5134#true} is VALID [2022-02-20 23:50:27,300 INFO L290 TraceCheckUtils]: 1: Hoare triple {5134#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {5134#true} is VALID [2022-02-20 23:50:27,300 INFO L272 TraceCheckUtils]: 2: Hoare triple {5134#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5134#true} is VALID [2022-02-20 23:50:27,300 INFO L290 TraceCheckUtils]: 3: Hoare triple {5134#true} ~size := #in~size; {5134#true} is VALID [2022-02-20 23:50:27,300 INFO L290 TraceCheckUtils]: 4: Hoare triple {5134#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5134#true} is VALID [2022-02-20 23:50:27,300 INFO L290 TraceCheckUtils]: 5: Hoare triple {5134#true} assume true; {5134#true} is VALID [2022-02-20 23:50:27,301 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5134#true} {5134#true} #97#return; {5134#true} is VALID [2022-02-20 23:50:27,301 INFO L290 TraceCheckUtils]: 7: Hoare triple {5134#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {5134#true} is VALID [2022-02-20 23:50:27,301 INFO L290 TraceCheckUtils]: 8: Hoare triple {5134#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {5134#true} is VALID [2022-02-20 23:50:27,301 INFO L272 TraceCheckUtils]: 9: Hoare triple {5134#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {5134#true} is VALID [2022-02-20 23:50:27,301 INFO L290 TraceCheckUtils]: 10: Hoare triple {5134#true} ~size := #in~size; {5169#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:27,302 INFO L290 TraceCheckUtils]: 11: Hoare triple {5169#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5173#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,303 INFO L290 TraceCheckUtils]: 12: Hoare triple {5173#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {5173#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,304 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5173#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {5134#true} #99#return; {5180#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv4 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,305 INFO L290 TraceCheckUtils]: 14: Hoare triple {5180#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv4 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:27,306 INFO L290 TraceCheckUtils]: 15: Hoare triple {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:27,306 INFO L290 TraceCheckUtils]: 16: Hoare triple {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:27,306 INFO L290 TraceCheckUtils]: 17: Hoare triple {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:27,307 INFO L290 TraceCheckUtils]: 18: Hoare triple {5184#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,307 INFO L272 TraceCheckUtils]: 19: Hoare triple {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {5201#(= |#length| |old(#length)|)} is VALID [2022-02-20 23:50:27,308 INFO L290 TraceCheckUtils]: 20: Hoare triple {5201#(= |#length| |old(#length)|)} ~size := #in~size; {5205#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:27,309 INFO L290 TraceCheckUtils]: 21: Hoare triple {5205#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5209#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:50:27,309 INFO L290 TraceCheckUtils]: 22: Hoare triple {5209#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} assume true; {5209#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:50:27,310 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {5209#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} #101#return; {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,311 INFO L290 TraceCheckUtils]: 24: Hoare triple {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_#t~mem47#1.offset), #length[entry_point_#t~mem47#1.base]) && ~bvule32(entry_point_#t~mem47#1.offset, ~bvadd32(4bv32, entry_point_#t~mem47#1.offset))) && ~bvule32(0bv32, entry_point_#t~mem47#1.offset)); {5135#false} is VALID [2022-02-20 23:50:27,311 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 9 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:50:27,311 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:27,548 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:27,548 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1532461232] [2022-02-20 23:50:27,548 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1532461232] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:27,548 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1585117526] [2022-02-20 23:50:27,548 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:27,548 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:27,549 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:27,549 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:27,550 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Waiting until timeout for monitored process [2022-02-20 23:50:27,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:27,635 INFO L263 TraceCheckSpWp]: Trace formula consists of 101 conjuncts, 24 conjunts are in the unsatisfiable core [2022-02-20 23:50:27,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:27,647 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:27,676 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:27,681 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:27,778 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:27,785 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:27,863 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 26 treesize of output 14 [2022-02-20 23:50:27,867 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:50:34,047 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:34,048 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:34,055 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:34,056 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:34,065 INFO L290 TraceCheckUtils]: 0: Hoare triple {5134#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5134#true} is VALID [2022-02-20 23:50:34,065 INFO L290 TraceCheckUtils]: 1: Hoare triple {5134#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L272 TraceCheckUtils]: 2: Hoare triple {5134#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L290 TraceCheckUtils]: 3: Hoare triple {5134#true} ~size := #in~size; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L290 TraceCheckUtils]: 4: Hoare triple {5134#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L290 TraceCheckUtils]: 5: Hoare triple {5134#true} assume true; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5134#true} {5134#true} #97#return; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L290 TraceCheckUtils]: 7: Hoare triple {5134#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L290 TraceCheckUtils]: 8: Hoare triple {5134#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {5134#true} is VALID [2022-02-20 23:50:34,066 INFO L272 TraceCheckUtils]: 9: Hoare triple {5134#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {5134#true} is VALID [2022-02-20 23:50:34,067 INFO L290 TraceCheckUtils]: 10: Hoare triple {5134#true} ~size := #in~size; {5169#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:34,068 INFO L290 TraceCheckUtils]: 11: Hoare triple {5169#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5260#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,068 INFO L290 TraceCheckUtils]: 12: Hoare triple {5260#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {5260#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,069 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5260#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {5134#true} #99#return; {5267#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv4 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,070 INFO L290 TraceCheckUtils]: 14: Hoare triple {5267#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv4 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret45#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:34,071 INFO L290 TraceCheckUtils]: 15: Hoare triple {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:34,071 INFO L290 TraceCheckUtils]: 16: Hoare triple {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:34,071 INFO L290 TraceCheckUtils]: 17: Hoare triple {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:34,072 INFO L290 TraceCheckUtils]: 18: Hoare triple {5271#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (_ bv4 32) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {5284#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,072 INFO L272 TraceCheckUtils]: 19: Hoare triple {5284#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {5288#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:34,073 INFO L290 TraceCheckUtils]: 20: Hoare triple {5288#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {5288#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:34,074 INFO L290 TraceCheckUtils]: 21: Hoare triple {5288#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5295#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_133 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_133) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:34,074 INFO L290 TraceCheckUtils]: 22: Hoare triple {5295#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_133 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_133) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {5295#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_133 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_133) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:34,075 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {5295#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_133 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_133) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {5284#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~mem47#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} #101#return; {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,076 INFO L290 TraceCheckUtils]: 24: Hoare triple {5197#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~mem47#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_#t~mem47#1.offset), #length[entry_point_#t~mem47#1.base]) && ~bvule32(entry_point_#t~mem47#1.offset, ~bvadd32(4bv32, entry_point_#t~mem47#1.offset))) && ~bvule32(0bv32, entry_point_#t~mem47#1.offset)); {5135#false} is VALID [2022-02-20 23:50:34,076 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:50:34,076 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:34,304 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1585117526] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:34,304 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:34,304 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 15 [2022-02-20 23:50:34,304 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1416652946] [2022-02-20 23:50:34,304 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:34,305 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 25 [2022-02-20 23:50:34,306 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:34,306 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:34,342 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 38 edges. 38 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:34,342 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-02-20 23:50:34,342 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:34,343 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-02-20 23:50:34,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=290, Unknown=4, NotChecked=0, Total=342 [2022-02-20 23:50:34,343 INFO L87 Difference]: Start difference. First operand 111 states and 142 transitions. Second operand has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:40,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:40,428 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:40,428 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:50:40,429 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 25 [2022-02-20 23:50:40,429 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:40,430 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:40,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 89 transitions. [2022-02-20 23:50:40,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:40,434 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 89 transitions. [2022-02-20 23:50:40,434 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 89 transitions. [2022-02-20 23:50:40,534 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 89 edges. 89 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:40,535 INFO L225 Difference]: With dead ends: 113 [2022-02-20 23:50:40,535 INFO L226 Difference]: Without dead ends: 113 [2022-02-20 23:50:40,536 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 57 GetRequests, 35 SyntacticMatches, 1 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 80 ImplicationChecksByTransitivity, 12.7s TimeCoverageRelationStatistics Valid=76, Invalid=425, Unknown=5, NotChecked=0, Total=506 [2022-02-20 23:50:40,536 INFO L933 BasicCegarLoop]: 64 mSDtfsCounter, 13 mSDsluCounter, 401 mSDsCounter, 0 mSdLazyCounter, 333 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 13 SdHoareTripleChecker+Valid, 465 SdHoareTripleChecker+Invalid, 425 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 333 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 79 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:40,536 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [13 Valid, 465 Invalid, 425 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 333 Invalid, 0 Unknown, 79 Unchecked, 0.6s Time] [2022-02-20 23:50:40,537 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113 states. [2022-02-20 23:50:40,539 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113 to 111. [2022-02-20 23:50:40,539 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:40,539 INFO L82 GeneralOperation]: Start isEquivalent. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:40,540 INFO L74 IsIncluded]: Start isIncluded. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:40,540 INFO L87 Difference]: Start difference. First operand 113 states. Second operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:40,544 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:40,544 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:40,544 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 142 transitions. [2022-02-20 23:50:40,545 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:40,545 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:40,545 INFO L74 IsIncluded]: Start isIncluded. First operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) Second operand 113 states. [2022-02-20 23:50:40,545 INFO L87 Difference]: Start difference. First operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) Second operand 113 states. [2022-02-20 23:50:40,547 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:40,547 INFO L93 Difference]: Finished difference Result 113 states and 142 transitions. [2022-02-20 23:50:40,547 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 142 transitions. [2022-02-20 23:50:40,547 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:40,547 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:40,548 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:40,548 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:40,549 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 73 states have (on average 1.6849315068493151) internal successors, (123), 98 states have internal predecessors, (123), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (11), 9 states have call predecessors, (11), 6 states have call successors, (11) [2022-02-20 23:50:40,550 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 140 transitions. [2022-02-20 23:50:40,550 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 140 transitions. Word has length 25 [2022-02-20 23:50:40,551 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:40,551 INFO L470 AbstractCegarLoop]: Abstraction has 111 states and 140 transitions. [2022-02-20 23:50:40,551 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 14 states have (on average 2.0714285714285716) internal successors, (29), 13 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:40,551 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 140 transitions. [2022-02-20 23:50:40,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:40,551 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:40,552 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:40,554 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:40,760 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Ended with exit code 0 [2022-02-20 23:50:40,960 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:40,960 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr6REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:40,960 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:40,960 INFO L85 PathProgramCache]: Analyzing trace with hash 2051061195, now seen corresponding path program 1 times [2022-02-20 23:50:40,961 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:40,961 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [835754967] [2022-02-20 23:50:40,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:40,961 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:40,961 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:40,962 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:40,963 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-20 23:50:41,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:41,014 INFO L263 TraceCheckSpWp]: Trace formula consists of 95 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:50:41,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:41,025 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:41,090 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:41,096 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:41,140 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:50:41,144 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:50:41,171 INFO L290 TraceCheckUtils]: 0: Hoare triple {5770#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5770#true} is VALID [2022-02-20 23:50:41,171 INFO L290 TraceCheckUtils]: 1: Hoare triple {5770#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {5770#true} is VALID [2022-02-20 23:50:41,171 INFO L272 TraceCheckUtils]: 2: Hoare triple {5770#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5770#true} is VALID [2022-02-20 23:50:41,171 INFO L290 TraceCheckUtils]: 3: Hoare triple {5770#true} ~size := #in~size; {5770#true} is VALID [2022-02-20 23:50:41,172 INFO L290 TraceCheckUtils]: 4: Hoare triple {5770#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L290 TraceCheckUtils]: 5: Hoare triple {5770#true} assume true; {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5770#true} {5770#true} #97#return; {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L290 TraceCheckUtils]: 7: Hoare triple {5770#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L290 TraceCheckUtils]: 8: Hoare triple {5770#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L272 TraceCheckUtils]: 9: Hoare triple {5770#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {5770#true} is VALID [2022-02-20 23:50:41,173 INFO L290 TraceCheckUtils]: 10: Hoare triple {5770#true} ~size := #in~size; {5770#true} is VALID [2022-02-20 23:50:41,174 INFO L290 TraceCheckUtils]: 11: Hoare triple {5770#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {5808#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:41,174 INFO L290 TraceCheckUtils]: 12: Hoare triple {5808#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {5808#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:41,175 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5808#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {5770#true} #99#return; {5815#(and (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:41,177 INFO L290 TraceCheckUtils]: 14: Hoare triple {5815#(and (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {5819#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:41,177 INFO L290 TraceCheckUtils]: 15: Hoare triple {5819#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {5819#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:41,178 INFO L290 TraceCheckUtils]: 16: Hoare triple {5819#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= (_ bv0 32) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {5826#(and (= |ULTIMATE.start_entry_point_#t~mem46#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem46#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:41,178 INFO L290 TraceCheckUtils]: 17: Hoare triple {5826#(and (= |ULTIMATE.start_entry_point_#t~mem46#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem46#1.offset| (_ bv0 32)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {5771#false} is VALID [2022-02-20 23:50:41,178 INFO L290 TraceCheckUtils]: 18: Hoare triple {5771#false} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {5771#false} is VALID [2022-02-20 23:50:41,178 INFO L272 TraceCheckUtils]: 19: Hoare triple {5771#false} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L290 TraceCheckUtils]: 20: Hoare triple {5771#false} ~size := #in~size; {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L290 TraceCheckUtils]: 21: Hoare triple {5771#false} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L290 TraceCheckUtils]: 22: Hoare triple {5771#false} assume true; {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {5771#false} {5771#false} #101#return; {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L290 TraceCheckUtils]: 24: Hoare triple {5771#false} assume !(1bv1 == #valid[entry_point_#t~mem47#1.base]); {5771#false} is VALID [2022-02-20 23:50:41,179 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:41,179 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:41,179 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:41,180 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [835754967] [2022-02-20 23:50:41,180 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [835754967] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:41,180 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:41,180 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:50:41,180 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [97761952] [2022-02-20 23:50:41,180 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:41,181 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 25 [2022-02-20 23:50:41,181 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:41,181 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:41,202 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:41,203 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:50:41,203 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:41,203 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:50:41,203 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:50:41,204 INFO L87 Difference]: Start difference. First operand 111 states and 140 transitions. Second operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:41,772 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:41,773 INFO L93 Difference]: Finished difference Result 105 states and 129 transitions. [2022-02-20 23:50:41,773 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:50:41,773 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 25 [2022-02-20 23:50:41,773 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:41,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:41,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 78 transitions. [2022-02-20 23:50:41,774 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:41,775 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 78 transitions. [2022-02-20 23:50:41,775 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 78 transitions. [2022-02-20 23:50:41,846 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 78 edges. 78 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:41,848 INFO L225 Difference]: With dead ends: 105 [2022-02-20 23:50:41,848 INFO L226 Difference]: Without dead ends: 99 [2022-02-20 23:50:41,848 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:50:41,849 INFO L933 BasicCegarLoop]: 75 mSDtfsCounter, 2 mSDsluCounter, 260 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 335 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:41,849 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [2 Valid, 335 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:50:41,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2022-02-20 23:50:41,852 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 99. [2022-02-20 23:50:41,852 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:41,852 INFO L82 GeneralOperation]: Start isEquivalent. First operand 99 states. Second operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:41,852 INFO L74 IsIncluded]: Start isIncluded. First operand 99 states. Second operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:41,853 INFO L87 Difference]: Start difference. First operand 99 states. Second operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:41,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:41,854 INFO L93 Difference]: Finished difference Result 99 states and 123 transitions. [2022-02-20 23:50:41,854 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 123 transitions. [2022-02-20 23:50:41,855 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:41,855 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:41,855 INFO L74 IsIncluded]: Start isIncluded. First operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 99 states. [2022-02-20 23:50:41,855 INFO L87 Difference]: Start difference. First operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 99 states. [2022-02-20 23:50:41,857 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:41,857 INFO L93 Difference]: Finished difference Result 99 states and 123 transitions. [2022-02-20 23:50:41,857 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 123 transitions. [2022-02-20 23:50:41,858 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:41,858 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:41,858 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:41,858 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:41,858 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 99 states, 65 states have (on average 1.6923076923076923) internal successors, (110), 89 states have internal predecessors, (110), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:41,860 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 99 states to 99 states and 123 transitions. [2022-02-20 23:50:41,860 INFO L78 Accepts]: Start accepts. Automaton has 99 states and 123 transitions. Word has length 25 [2022-02-20 23:50:41,860 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:41,860 INFO L470 AbstractCegarLoop]: Abstraction has 99 states and 123 transitions. [2022-02-20 23:50:41,860 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:41,860 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 123 transitions. [2022-02-20 23:50:41,861 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:50:41,861 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:41,861 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:41,883 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Ended with exit code 0 [2022-02-20 23:50:42,069 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:42,070 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:42,070 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:42,070 INFO L85 PathProgramCache]: Analyzing trace with hash 190353901, now seen corresponding path program 1 times [2022-02-20 23:50:42,070 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:42,070 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [533375150] [2022-02-20 23:50:42,070 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:42,070 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:42,071 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:42,071 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:42,072 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-02-20 23:50:42,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:42,148 INFO L263 TraceCheckSpWp]: Trace formula consists of 115 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:50:42,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:42,160 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:42,184 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:42,266 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:50:42,266 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:50:42,289 INFO L290 TraceCheckUtils]: 0: Hoare triple {6256#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6256#true} is VALID [2022-02-20 23:50:42,289 INFO L290 TraceCheckUtils]: 1: Hoare triple {6256#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {6256#true} is VALID [2022-02-20 23:50:42,289 INFO L272 TraceCheckUtils]: 2: Hoare triple {6256#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {6256#true} is VALID [2022-02-20 23:50:42,289 INFO L290 TraceCheckUtils]: 3: Hoare triple {6256#true} ~size := #in~size; {6256#true} is VALID [2022-02-20 23:50:42,289 INFO L290 TraceCheckUtils]: 4: Hoare triple {6256#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 5: Hoare triple {6256#true} assume true; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6256#true} {6256#true} #97#return; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 7: Hoare triple {6256#true} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 8: Hoare triple {6256#true} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L272 TraceCheckUtils]: 9: Hoare triple {6256#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 10: Hoare triple {6256#true} ~size := #in~size; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 11: Hoare triple {6256#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 12: Hoare triple {6256#true} assume true; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6256#true} {6256#true} #99#return; {6256#true} is VALID [2022-02-20 23:50:42,290 INFO L290 TraceCheckUtils]: 14: Hoare triple {6256#true} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,291 INFO L290 TraceCheckUtils]: 15: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,291 INFO L290 TraceCheckUtils]: 16: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,292 INFO L290 TraceCheckUtils]: 17: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,292 INFO L290 TraceCheckUtils]: 18: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,292 INFO L272 TraceCheckUtils]: 19: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {6319#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:42,293 INFO L290 TraceCheckUtils]: 20: Hoare triple {6319#(= |old(#valid)| |#valid|)} ~size := #in~size; {6319#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:42,294 INFO L290 TraceCheckUtils]: 21: Hoare triple {6319#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6326#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:42,294 INFO L290 TraceCheckUtils]: 22: Hoare triple {6326#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {6326#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:42,295 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {6326#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} #101#return; {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,296 INFO L290 TraceCheckUtils]: 24: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, 4bv32); srcloc: L777-2 {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,296 INFO L290 TraceCheckUtils]: 25: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} havoc entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset;havoc entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset; {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:42,297 INFO L290 TraceCheckUtils]: 26: Hoare triple {6303#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~a10~0#1.base]); {6257#false} is VALID [2022-02-20 23:50:42,297 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:50:42,297 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:42,297 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:42,297 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [533375150] [2022-02-20 23:50:42,297 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [533375150] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:42,297 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:42,297 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:50:42,297 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1966572734] [2022-02-20 23:50:42,297 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:42,298 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 27 [2022-02-20 23:50:42,298 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:42,298 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:42,321 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:42,322 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:42,322 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:42,322 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:42,322 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:42,322 INFO L87 Difference]: Start difference. First operand 99 states and 123 transitions. Second operand has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:42,892 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:42,892 INFO L93 Difference]: Finished difference Result 106 states and 129 transitions. [2022-02-20 23:50:42,892 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:42,893 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 27 [2022-02-20 23:50:42,893 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:42,893 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:42,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 83 transitions. [2022-02-20 23:50:42,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:42,895 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 83 transitions. [2022-02-20 23:50:42,895 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 83 transitions. [2022-02-20 23:50:42,988 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 83 edges. 83 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:42,989 INFO L225 Difference]: With dead ends: 106 [2022-02-20 23:50:42,989 INFO L226 Difference]: Without dead ends: 106 [2022-02-20 23:50:42,989 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 22 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:42,990 INFO L933 BasicCegarLoop]: 50 mSDtfsCounter, 36 mSDsluCounter, 75 mSDsCounter, 0 mSdLazyCounter, 84 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 142 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 84 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 50 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:42,990 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [36 Valid, 125 Invalid, 142 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 84 Invalid, 0 Unknown, 50 Unchecked, 0.2s Time] [2022-02-20 23:50:42,990 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states. [2022-02-20 23:50:42,993 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 102. [2022-02-20 23:50:42,995 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:42,996 INFO L82 GeneralOperation]: Start isEquivalent. First operand 106 states. Second operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:42,996 INFO L74 IsIncluded]: Start isIncluded. First operand 106 states. Second operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:42,996 INFO L87 Difference]: Start difference. First operand 106 states. Second operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:42,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:42,999 INFO L93 Difference]: Finished difference Result 106 states and 129 transitions. [2022-02-20 23:50:42,999 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 129 transitions. [2022-02-20 23:50:42,999 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:43,000 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:43,000 INFO L74 IsIncluded]: Start isIncluded. First operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) Second operand 106 states. [2022-02-20 23:50:43,000 INFO L87 Difference]: Start difference. First operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) Second operand 106 states. [2022-02-20 23:50:43,003 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:43,004 INFO L93 Difference]: Finished difference Result 106 states and 129 transitions. [2022-02-20 23:50:43,004 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 129 transitions. [2022-02-20 23:50:43,005 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:43,005 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:43,005 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:43,005 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:43,005 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 102 states, 69 states have (on average 1.681159420289855) internal successors, (116), 91 states have internal predecessors, (116), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (8), 7 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:43,007 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 102 states to 102 states and 129 transitions. [2022-02-20 23:50:43,007 INFO L78 Accepts]: Start accepts. Automaton has 102 states and 129 transitions. Word has length 27 [2022-02-20 23:50:43,007 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:43,008 INFO L470 AbstractCegarLoop]: Abstraction has 102 states and 129 transitions. [2022-02-20 23:50:43,008 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 4.5) internal successors, (18), 5 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:43,008 INFO L276 IsEmpty]: Start isEmpty. Operand 102 states and 129 transitions. [2022-02-20 23:50:43,009 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:50:43,009 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:43,009 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:43,026 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:43,219 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:43,219 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:43,220 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:43,220 INFO L85 PathProgramCache]: Analyzing trace with hash 190353902, now seen corresponding path program 1 times [2022-02-20 23:50:43,220 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:43,220 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [584345792] [2022-02-20 23:50:43,220 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:43,221 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:43,221 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:43,222 INFO L229 MonitoredProcess]: Starting monitored process 17 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:43,225 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-02-20 23:50:43,292 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:43,295 INFO L263 TraceCheckSpWp]: Trace formula consists of 115 conjuncts, 25 conjunts are in the unsatisfiable core [2022-02-20 23:50:43,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:43,308 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:43,328 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:43,332 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:43,505 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:43,505 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:43,513 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:43,514 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:43,690 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:43,691 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:43,705 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:43,707 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:43,728 INFO L290 TraceCheckUtils]: 0: Hoare triple {6761#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6761#true} is VALID [2022-02-20 23:50:43,728 INFO L290 TraceCheckUtils]: 1: Hoare triple {6761#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {6761#true} is VALID [2022-02-20 23:50:43,734 INFO L272 TraceCheckUtils]: 2: Hoare triple {6761#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {6761#true} is VALID [2022-02-20 23:50:43,734 INFO L290 TraceCheckUtils]: 3: Hoare triple {6761#true} ~size := #in~size; {6775#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:43,735 INFO L290 TraceCheckUtils]: 4: Hoare triple {6775#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,736 INFO L290 TraceCheckUtils]: 5: Hoare triple {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,737 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {6761#true} #97#return; {6786#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,737 INFO L290 TraceCheckUtils]: 7: Hoare triple {6786#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,737 INFO L290 TraceCheckUtils]: 8: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,738 INFO L272 TraceCheckUtils]: 9: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:43,738 INFO L290 TraceCheckUtils]: 10: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:43,739 INFO L290 TraceCheckUtils]: 11: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:43,740 INFO L290 TraceCheckUtils]: 12: Hoare triple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:43,742 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #99#return; {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,743 INFO L290 TraceCheckUtils]: 14: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,743 INFO L290 TraceCheckUtils]: 15: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,744 INFO L290 TraceCheckUtils]: 16: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,746 INFO L290 TraceCheckUtils]: 17: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,747 INFO L290 TraceCheckUtils]: 18: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,748 INFO L272 TraceCheckUtils]: 19: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:43,749 INFO L290 TraceCheckUtils]: 20: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:43,750 INFO L290 TraceCheckUtils]: 21: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:43,756 INFO L290 TraceCheckUtils]: 22: Hoare triple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:43,758 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #101#return; {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,759 INFO L290 TraceCheckUtils]: 24: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, 4bv32); srcloc: L777-2 {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,759 INFO L290 TraceCheckUtils]: 25: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} havoc entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset;havoc entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset; {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:43,759 INFO L290 TraceCheckUtils]: 26: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~a10~0#1.offset), #length[entry_point_~a10~0#1.base]) && ~bvule32(entry_point_~a10~0#1.offset, ~bvadd32(4bv32, entry_point_~a10~0#1.offset))) && ~bvule32(0bv32, entry_point_~a10~0#1.offset)); {6762#false} is VALID [2022-02-20 23:50:43,760 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 6 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:50:43,760 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:43,972 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:43,972 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [584345792] [2022-02-20 23:50:43,972 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [584345792] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:43,972 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1312370043] [2022-02-20 23:50:43,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:43,972 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:43,972 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:43,973 INFO L229 MonitoredProcess]: Starting monitored process 18 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:43,973 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (18)] Waiting until timeout for monitored process [2022-02-20 23:50:44,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:44,074 INFO L263 TraceCheckSpWp]: Trace formula consists of 115 conjuncts, 30 conjunts are in the unsatisfiable core [2022-02-20 23:50:44,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:44,086 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:44,115 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:44,119 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:44,266 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:44,266 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:44,272 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:44,336 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:44,415 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 4 [2022-02-20 23:50:44,511 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:44,512 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:44,519 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:44,520 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:44,555 INFO L290 TraceCheckUtils]: 0: Hoare triple {6761#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6761#true} is VALID [2022-02-20 23:50:44,555 INFO L290 TraceCheckUtils]: 1: Hoare triple {6761#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {6761#true} is VALID [2022-02-20 23:50:44,555 INFO L272 TraceCheckUtils]: 2: Hoare triple {6761#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {6761#true} is VALID [2022-02-20 23:50:44,556 INFO L290 TraceCheckUtils]: 3: Hoare triple {6761#true} ~size := #in~size; {6775#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:44,557 INFO L290 TraceCheckUtils]: 4: Hoare triple {6775#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,557 INFO L290 TraceCheckUtils]: 5: Hoare triple {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,558 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6779#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {6761#true} #97#return; {6786#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,558 INFO L290 TraceCheckUtils]: 7: Hoare triple {6786#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,558 INFO L290 TraceCheckUtils]: 8: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,559 INFO L272 TraceCheckUtils]: 9: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:44,559 INFO L290 TraceCheckUtils]: 10: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:44,560 INFO L290 TraceCheckUtils]: 11: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6898#(and (exists ((v_ArrVal_216 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_216) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:44,561 INFO L290 TraceCheckUtils]: 12: Hoare triple {6898#(and (exists ((v_ArrVal_216 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_216) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {6898#(and (exists ((v_ArrVal_216 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_216) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:44,562 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6898#(and (exists ((v_ArrVal_216 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_216) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #99#return; {6905#(and (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| |ULTIMATE.start_entry_point_#t~ret45#1.base|)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,563 INFO L290 TraceCheckUtils]: 14: Hoare triple {6905#(and (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| |ULTIMATE.start_entry_point_#t~ret45#1.base|)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:44,563 INFO L290 TraceCheckUtils]: 15: Hoare triple {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:44,564 INFO L290 TraceCheckUtils]: 16: Hoare triple {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:44,564 INFO L290 TraceCheckUtils]: 17: Hoare triple {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:44,565 INFO L290 TraceCheckUtils]: 18: Hoare triple {6909#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,565 INFO L272 TraceCheckUtils]: 19: Hoare triple {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:44,569 INFO L290 TraceCheckUtils]: 20: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:44,570 INFO L290 TraceCheckUtils]: 21: Hoare triple {6797#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:44,571 INFO L290 TraceCheckUtils]: 22: Hoare triple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:44,572 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {6804#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_191 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_191))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6790#(and (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} #101#return; {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,573 INFO L290 TraceCheckUtils]: 24: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, 4bv32); srcloc: L777-2 {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,573 INFO L290 TraceCheckUtils]: 25: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} havoc entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset;havoc entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset; {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:44,573 INFO L290 TraceCheckUtils]: 26: Hoare triple {6811#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~a10~0#1.offset), #length[entry_point_~a10~0#1.base]) && ~bvule32(entry_point_~a10~0#1.offset, ~bvadd32(4bv32, entry_point_~a10~0#1.offset))) && ~bvule32(0bv32, entry_point_~a10~0#1.offset)); {6762#false} is VALID [2022-02-20 23:50:44,574 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:44,574 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:48,789 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1312370043] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:48,789 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:48,789 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 11] total 11 [2022-02-20 23:50:48,789 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1256284550] [2022-02-20 23:50:48,789 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:48,790 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 27 [2022-02-20 23:50:48,790 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:48,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:48,822 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 32 edges. 32 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:48,822 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:50:48,823 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:48,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:50:48,823 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=34, Invalid=148, Unknown=0, NotChecked=0, Total=182 [2022-02-20 23:50:48,823 INFO L87 Difference]: Start difference. First operand 102 states and 129 transitions. Second operand has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:52,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:52,297 INFO L93 Difference]: Finished difference Result 127 states and 149 transitions. [2022-02-20 23:50:52,297 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:50:52,297 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 27 [2022-02-20 23:50:52,297 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:52,297 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:52,301 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 109 transitions. [2022-02-20 23:50:52,301 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:52,302 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 109 transitions. [2022-02-20 23:50:52,302 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 109 transitions. [2022-02-20 23:50:52,397 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 109 edges. 109 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:52,399 INFO L225 Difference]: With dead ends: 127 [2022-02-20 23:50:52,399 INFO L226 Difference]: Without dead ends: 127 [2022-02-20 23:50:52,399 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 64 GetRequests, 44 SyntacticMatches, 4 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 38 ImplicationChecksByTransitivity, 6.4s TimeCoverageRelationStatistics Valid=60, Invalid=245, Unknown=1, NotChecked=0, Total=306 [2022-02-20 23:50:52,399 INFO L933 BasicCegarLoop]: 47 mSDtfsCounter, 85 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 356 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 254 SdHoareTripleChecker+Invalid, 431 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 356 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 57 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:52,400 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [85 Valid, 254 Invalid, 431 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 356 Invalid, 0 Unknown, 57 Unchecked, 0.5s Time] [2022-02-20 23:50:52,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2022-02-20 23:50:52,401 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 88. [2022-02-20 23:50:52,401 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:52,402 INFO L82 GeneralOperation]: Start isEquivalent. First operand 127 states. Second operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:50:52,402 INFO L74 IsIncluded]: Start isIncluded. First operand 127 states. Second operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:50:52,402 INFO L87 Difference]: Start difference. First operand 127 states. Second operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:50:52,404 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:52,404 INFO L93 Difference]: Finished difference Result 127 states and 149 transitions. [2022-02-20 23:50:52,404 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 149 transitions. [2022-02-20 23:50:52,404 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:52,404 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:52,404 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) Second operand 127 states. [2022-02-20 23:50:52,404 INFO L87 Difference]: Start difference. First operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) Second operand 127 states. [2022-02-20 23:50:52,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:52,406 INFO L93 Difference]: Finished difference Result 127 states and 149 transitions. [2022-02-20 23:50:52,406 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 149 transitions. [2022-02-20 23:50:52,406 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:52,406 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:52,406 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:52,406 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:52,407 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 57 states have (on average 1.6140350877192982) internal successors, (92), 79 states have internal predecessors, (92), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:50:52,408 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 102 transitions. [2022-02-20 23:50:52,408 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 102 transitions. Word has length 27 [2022-02-20 23:50:52,408 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:52,408 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 102 transitions. [2022-02-20 23:50:52,408 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 2.272727272727273) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:52,408 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 102 transitions. [2022-02-20 23:50:52,408 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 23:50:52,408 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:52,409 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:52,431 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:52,617 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (18)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:52,815 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3,18 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:52,815 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr10REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 30 more)] === [2022-02-20 23:50:52,816 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:52,816 INFO L85 PathProgramCache]: Analyzing trace with hash 1606003645, now seen corresponding path program 1 times [2022-02-20 23:50:52,816 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:52,816 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1297580838] [2022-02-20 23:50:52,816 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:52,816 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:52,816 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:52,817 INFO L229 MonitoredProcess]: Starting monitored process 19 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:52,818 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-02-20 23:50:52,880 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:52,883 INFO L263 TraceCheckSpWp]: Trace formula consists of 121 conjuncts, 26 conjunts are in the unsatisfiable core [2022-02-20 23:50:52,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:52,894 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:52,955 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:52,960 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:52,998 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:50:53,024 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:53,097 INFO L356 Elim1Store]: treesize reduction 13, result has 45.8 percent of original size [2022-02-20 23:50:53,097 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 29 treesize of output 27 [2022-02-20 23:50:53,190 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:50:53,190 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 3 new quantified variables, introduced 1 case distinctions, treesize of input 47 treesize of output 38 [2022-02-20 23:50:53,242 INFO L290 TraceCheckUtils]: 0: Hoare triple {7434#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7434#true} is VALID [2022-02-20 23:50:53,242 INFO L290 TraceCheckUtils]: 1: Hoare triple {7434#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {7434#true} is VALID [2022-02-20 23:50:53,242 INFO L272 TraceCheckUtils]: 2: Hoare triple {7434#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {7434#true} is VALID [2022-02-20 23:50:53,242 INFO L290 TraceCheckUtils]: 3: Hoare triple {7434#true} ~size := #in~size; {7434#true} is VALID [2022-02-20 23:50:53,243 INFO L290 TraceCheckUtils]: 4: Hoare triple {7434#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,243 INFO L290 TraceCheckUtils]: 5: Hoare triple {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,244 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} {7434#true} #97#return; {7458#(= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,244 INFO L290 TraceCheckUtils]: 7: Hoare triple {7458#(= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {7462#(= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,244 INFO L290 TraceCheckUtils]: 8: Hoare triple {7462#(= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {7462#(= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,244 INFO L272 TraceCheckUtils]: 9: Hoare triple {7462#(= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {7434#true} is VALID [2022-02-20 23:50:53,244 INFO L290 TraceCheckUtils]: 10: Hoare triple {7434#true} ~size := #in~size; {7434#true} is VALID [2022-02-20 23:50:53,245 INFO L290 TraceCheckUtils]: 11: Hoare triple {7434#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,245 INFO L290 TraceCheckUtils]: 12: Hoare triple {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:53,246 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {7451#(= |ldv_malloc_#res.offset| (_ bv0 32))} {7462#(= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32))} #99#return; {7481#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,247 INFO L290 TraceCheckUtils]: 14: Hoare triple {7481#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret45#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,247 INFO L290 TraceCheckUtils]: 15: Hoare triple {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,248 INFO L290 TraceCheckUtils]: 16: Hoare triple {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,248 INFO L290 TraceCheckUtils]: 17: Hoare triple {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,248 INFO L290 TraceCheckUtils]: 18: Hoare triple {7485#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {7498#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,249 INFO L272 TraceCheckUtils]: 19: Hoare triple {7498#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {7434#true} is VALID [2022-02-20 23:50:53,249 INFO L290 TraceCheckUtils]: 20: Hoare triple {7434#true} ~size := #in~size; {7434#true} is VALID [2022-02-20 23:50:53,250 INFO L290 TraceCheckUtils]: 21: Hoare triple {7434#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:53,250 INFO L290 TraceCheckUtils]: 22: Hoare triple {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:53,251 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {7498#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} #101#return; {7515#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret48#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,253 INFO L290 TraceCheckUtils]: 24: Hoare triple {7515#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret48#1.base|) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem47#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, 4bv32); srcloc: L777-2 {7519#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (or (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv0 32))) (_ bv1 1)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (select |#valid| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (_ bv0 32))) (_ bv1 1)))))} is VALID [2022-02-20 23:50:53,254 INFO L290 TraceCheckUtils]: 25: Hoare triple {7519#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (or (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv0 32))) (_ bv1 1)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (select |#valid| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (_ bv0 32))) (_ bv1 1)))))} havoc entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset;havoc entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset; {7519#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (or (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv0 32))) (_ bv1 1)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (select |#valid| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (_ bv0 32))) (_ bv1 1)))))} is VALID [2022-02-20 23:50:53,255 INFO L290 TraceCheckUtils]: 26: Hoare triple {7519#(and (= |ULTIMATE.start_entry_point_~a10~0#1.offset| (_ bv0 32)) (or (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv0 32))) (_ bv1 1)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (= (select |#valid| (select (select |#memory_$Pointer$.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (_ bv0 32))) (_ bv1 1)))))} SUMMARY for call entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L778 {7526#(exists ((v_arrayElimCell_36 (_ BitVec 32)) (|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (or (and (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| v_arrayElimCell_36)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|)))) (or (not (= |ULTIMATE.start_entry_point_#t~mem49#1.base| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem49#1.base| v_arrayElimCell_36))))} is VALID [2022-02-20 23:50:53,255 INFO L290 TraceCheckUtils]: 27: Hoare triple {7526#(exists ((v_arrayElimCell_36 (_ BitVec 32)) (|ULTIMATE.start_entry_point_~a10~0#1.base| (_ BitVec 32))) (and (or (and (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|)) (= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))) (and (= (_ bv1 1) (select |#valid| v_arrayElimCell_36)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|)))) (or (not (= |ULTIMATE.start_entry_point_#t~mem49#1.base| |ULTIMATE.start_entry_point_~a10~0#1.base|)) (= |ULTIMATE.start_entry_point_#t~mem49#1.base| v_arrayElimCell_36))))} assume !(1bv1 == #valid[entry_point_#t~mem49#1.base]); {7435#false} is VALID [2022-02-20 23:50:53,256 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:50:53,256 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:53,374 INFO L356 Elim1Store]: treesize reduction 5, result has 75.0 percent of original size [2022-02-20 23:50:53,375 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 65 treesize of output 64 [2022-02-20 23:50:53,432 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:53,432 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1297580838] [2022-02-20 23:50:53,432 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1297580838] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:53,432 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [976940075] [2022-02-20 23:50:53,432 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:53,432 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:53,432 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:53,433 INFO L229 MonitoredProcess]: Starting monitored process 20 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:53,436 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (20)] Waiting until timeout for monitored process [2022-02-20 23:50:53,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:53,532 INFO L263 TraceCheckSpWp]: Trace formula consists of 121 conjuncts, 17 conjunts are in the unsatisfiable core [2022-02-20 23:50:53,541 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:53,542 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:53,556 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:53,671 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:53,672 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:53,712 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:50:55,787 WARN L860 $PredicateComparison]: unable to prove that (exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |c_#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|)))) is different from true [2022-02-20 23:50:55,867 INFO L356 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2022-02-20 23:50:55,868 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 28 treesize of output 29 [2022-02-20 23:50:55,912 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 13 [2022-02-20 23:50:55,921 INFO L290 TraceCheckUtils]: 0: Hoare triple {7434#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7434#true} is VALID [2022-02-20 23:50:55,921 INFO L290 TraceCheckUtils]: 1: Hoare triple {7434#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset, entry_point_#t~mem50#1.base, entry_point_#t~mem50#1.offset, entry_point_#t~mem51#1.base, entry_point_#t~mem51#1.offset, entry_point_#t~mem52#1.base, entry_point_#t~mem52#1.offset, entry_point_#t~mem53#1.base, entry_point_#t~mem53#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset; {7434#true} is VALID [2022-02-20 23:50:55,921 INFO L272 TraceCheckUtils]: 2: Hoare triple {7434#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {7434#true} is VALID [2022-02-20 23:50:55,921 INFO L290 TraceCheckUtils]: 3: Hoare triple {7434#true} ~size := #in~size; {7434#true} is VALID [2022-02-20 23:50:55,922 INFO L290 TraceCheckUtils]: 4: Hoare triple {7434#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:55,923 INFO L290 TraceCheckUtils]: 5: Hoare triple {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:55,923 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7508#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {7434#true} #97#return; {7567#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:55,924 INFO L290 TraceCheckUtils]: 7: Hoare triple {7567#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {7571#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:55,924 INFO L290 TraceCheckUtils]: 8: Hoare triple {7571#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} assume !(entry_point_~a10~0#1.base == 0bv32 && entry_point_~a10~0#1.offset == 0bv32); {7571#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:55,924 INFO L272 TraceCheckUtils]: 9: Hoare triple {7571#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {7578#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:55,925 INFO L290 TraceCheckUtils]: 10: Hoare triple {7578#(= |old(#valid)| |#valid|)} ~size := #in~size; {7578#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:55,925 INFO L290 TraceCheckUtils]: 11: Hoare triple {7578#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7585#(= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))} is VALID [2022-02-20 23:50:55,925 INFO L290 TraceCheckUtils]: 12: Hoare triple {7585#(= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))} assume true; {7585#(= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))} is VALID [2022-02-20 23:50:55,926 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {7585#(= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))} {7571#(= (select |#valid| |ULTIMATE.start_entry_point_~a10~0#1.base|) (_ bv1 1))} #99#return; {7592#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| |ULTIMATE.start_entry_point_#t~ret45#1.base|))} is VALID [2022-02-20 23:50:55,927 INFO L290 TraceCheckUtils]: 14: Hoare triple {7592#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| |ULTIMATE.start_entry_point_#t~ret45#1.base|))} SUMMARY for call write~$Pointer$(entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L775-1 {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:55,928 INFO L290 TraceCheckUtils]: 15: Hoare triple {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:55,928 INFO L290 TraceCheckUtils]: 16: Hoare triple {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L776 {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:55,928 INFO L290 TraceCheckUtils]: 17: Hoare triple {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} assume !(entry_point_#t~mem46#1.base == 0bv32 && entry_point_#t~mem46#1.offset == 0bv32);havoc entry_point_#t~mem46#1.base, entry_point_#t~mem46#1.offset; {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} is VALID [2022-02-20 23:50:55,929 INFO L290 TraceCheckUtils]: 18: Hoare triple {7596#(not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)))} SUMMARY for call entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L777 {7609#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:55,930 INFO L272 TraceCheckUtils]: 19: Hoare triple {7609#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} call entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset := ldv_malloc(4bv32); {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} is VALID [2022-02-20 23:50:55,930 INFO L290 TraceCheckUtils]: 20: Hoare triple {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} ~size := #in~size; {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} is VALID [2022-02-20 23:50:55,930 INFO L290 TraceCheckUtils]: 21: Hoare triple {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} is VALID [2022-02-20 23:50:55,930 INFO L290 TraceCheckUtils]: 22: Hoare triple {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} assume true; {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} is VALID [2022-02-20 23:50:55,931 INFO L284 TraceCheckUtils]: 23: Hoare quadruple {7613#(exists ((|v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (_ BitVec 32)) (|v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9| (_ BitVec 32))) (not (= |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_entry_point_~a10~0#1.base_BEFORE_CALL_18|) |v_ULTIMATE.start_entry_point_~a10~0#1.offset_BEFORE_CALL_9|))))} {7609#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} #101#return; {7609#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:55,933 INFO L290 TraceCheckUtils]: 24: Hoare triple {7609#(and (= |ULTIMATE.start_entry_point_#t~mem47#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|)) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call write~$Pointer$(entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset, entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset, 4bv32); srcloc: L777-2 {7629#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:55,933 INFO L290 TraceCheckUtils]: 25: Hoare triple {7629#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} havoc entry_point_#t~mem47#1.base, entry_point_#t~mem47#1.offset;havoc entry_point_#t~ret48#1.base, entry_point_#t~ret48#1.offset; {7629#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} is VALID [2022-02-20 23:50:55,939 INFO L290 TraceCheckUtils]: 26: Hoare triple {7629#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))) (not (= |ULTIMATE.start_entry_point_~a10~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~a10~0#1.base|) |ULTIMATE.start_entry_point_~a10~0#1.offset|))))} SUMMARY for call entry_point_#t~mem49#1.base, entry_point_#t~mem49#1.offset := read~$Pointer$(entry_point_~a10~0#1.base, entry_point_~a10~0#1.offset, 4bv32); srcloc: L778 {7530#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|))} is VALID [2022-02-20 23:50:55,940 INFO L290 TraceCheckUtils]: 27: Hoare triple {7530#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem49#1.base|))} assume !(1bv1 == #valid[entry_point_#t~mem49#1.base]); {7435#false} is VALID [2022-02-20 23:50:55,940 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 6 not checked. [2022-02-20 23:50:55,940 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:55,980 INFO L356 Elim1Store]: treesize reduction 5, result has 66.7 percent of original size [2022-02-20 23:50:55,980 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 19 treesize of output 18 [2022-02-20 23:50:55,989 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_ArrVal_270 (Array (_ BitVec 32) (_ BitVec 32)))) (= (select (select (store |c_#memory_$Pointer$.base| |c_ULTIMATE.start_entry_point_#t~mem47#1.base| v_ArrVal_270) |c_ULTIMATE.start_entry_point_~a10~0#1.base|) |c_ULTIMATE.start_entry_point_~a10~0#1.offset|) |c_ULTIMATE.start_entry_point_#t~mem47#1.base|)) is different from false [2022-02-20 23:50:56,000 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [976940075] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:56,000 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:56,001 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 12] total 21 [2022-02-20 23:50:56,002 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [982371813] [2022-02-20 23:50:56,003 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:56,003 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 20 states have (on average 1.75) internal successors, (35), 17 states have internal predecessors, (35), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Word has length 28 [2022-02-20 23:50:56,003 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:56,003 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 22 states, 20 states have (on average 1.75) internal successors, (35), 17 states have internal predecessors, (35), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:56,048 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 46 edges. 46 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:56,048 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2022-02-20 23:50:56,048 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:56,049 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2022-02-20 23:50:56,049 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=66, Invalid=492, Unknown=2, NotChecked=90, Total=650 [2022-02-20 23:50:56,049 INFO L87 Difference]: Start difference. First operand 88 states and 102 transitions. Second operand has 22 states, 20 states have (on average 1.75) internal successors, (35), 17 states have internal predecessors, (35), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6)