./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test11.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test11.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d286f1bc6bef2af97aa9bf8e95cd227fcca3bcb186ca467ee6b24a6fc8e433bc --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:49:46,452 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:49:46,454 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:49:46,489 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:49:46,489 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:49:46,492 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:49:46,493 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:49:46,495 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:49:46,496 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:49:46,499 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:49:46,500 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:49:46,501 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:49:46,501 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:49:46,503 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:49:46,504 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:49:46,506 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:49:46,507 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:49:46,508 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:49:46,510 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:49:46,514 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:49:46,515 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:49:46,516 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:49:46,517 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:49:46,518 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:49:46,522 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:49:46,523 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:49:46,523 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:49:46,524 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:49:46,524 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:49:46,525 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:49:46,525 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:49:46,526 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:49:46,527 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:49:46,528 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:49:46,529 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:49:46,529 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:49:46,529 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:49:46,529 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:49:46,530 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:49:46,530 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:49:46,531 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:49:46,532 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:49:46,557 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:49:46,557 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:49:46,557 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:49:46,558 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:49:46,558 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:49:46,558 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:49:46,559 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:49:46,559 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:49:46,559 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:49:46,559 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:49:46,560 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:49:46,560 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:49:46,560 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:49:46,560 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:49:46,560 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:49:46,561 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:49:46,562 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:49:46,562 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:49:46,562 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:49:46,562 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:46,562 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:49:46,563 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:49:46,563 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:49:46,563 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:49:46,564 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d286f1bc6bef2af97aa9bf8e95cd227fcca3bcb186ca467ee6b24a6fc8e433bc [2022-02-20 23:49:46,781 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:49:46,807 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:49:46,809 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:49:46,810 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:49:46,811 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:49:46,812 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test11.i [2022-02-20 23:49:46,885 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/91bf6cd63/9de1b33618994fe8b14c0884b97bb73a/FLAGc6936adb7 [2022-02-20 23:49:47,366 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:49:47,366 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test11.i [2022-02-20 23:49:47,381 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/91bf6cd63/9de1b33618994fe8b14c0884b97bb73a/FLAGc6936adb7 [2022-02-20 23:49:47,396 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/91bf6cd63/9de1b33618994fe8b14c0884b97bb73a [2022-02-20 23:49:47,398 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:49:47,399 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:49:47,401 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:47,401 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:49:47,413 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:49:47,414 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:47" (1/1) ... [2022-02-20 23:49:47,415 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@65566b1e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:47, skipping insertion in model container [2022-02-20 23:49:47,415 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:47" (1/1) ... [2022-02-20 23:49:47,420 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:49:47,454 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:47,857 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:47,871 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-02-20 23:49:47,871 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@3900a586 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:47, skipping insertion in model container [2022-02-20 23:49:47,872 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:47,872 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-02-20 23:49:47,875 INFO L158 Benchmark]: Toolchain (without parser) took 474.15ms. Allocated memory is still 115.3MB. Free memory was 81.5MB in the beginning and 83.0MB in the end (delta: -1.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 23:49:47,875 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 81.8MB. Free memory was 40.0MB in the beginning and 39.9MB in the end (delta: 40.5kB). There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 23:49:47,876 INFO L158 Benchmark]: CACSL2BoogieTranslator took 471.86ms. Allocated memory is still 115.3MB. Free memory was 81.2MB in the beginning and 83.0MB in the end (delta: -1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 23:49:47,877 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 81.8MB. Free memory was 40.0MB in the beginning and 39.9MB in the end (delta: 40.5kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 471.86ms. Allocated memory is still 115.3MB. Free memory was 81.2MB in the beginning and 83.0MB in the end (delta: -1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test11.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d286f1bc6bef2af97aa9bf8e95cd227fcca3bcb186ca467ee6b24a6fc8e433bc --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:49:49,426 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:49:49,429 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:49:49,468 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:49:49,468 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:49:49,471 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:49:49,472 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:49:49,475 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:49:49,477 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:49:49,480 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:49:49,481 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:49:49,482 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:49:49,482 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:49:49,484 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:49:49,485 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:49:49,489 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:49:49,490 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:49:49,490 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:49:49,492 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:49:49,496 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:49:49,497 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:49:49,498 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:49:49,499 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:49:49,501 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:49:49,506 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:49:49,506 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:49:49,506 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:49:49,508 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:49:49,508 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:49:49,509 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:49:49,509 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:49:49,509 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:49:49,511 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:49:49,511 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:49:49,512 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:49:49,512 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:49:49,513 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:49:49,513 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:49:49,513 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:49:49,514 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:49:49,515 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:49:49,518 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-20 23:49:49,547 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:49:49,548 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:49:49,549 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:49:49,549 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:49:49,550 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:49:49,550 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:49:49,551 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:49:49,551 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:49:49,551 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:49:49,551 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:49:49,552 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:49:49,552 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:49:49,552 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:49:49,552 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:49:49,552 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 23:49:49,553 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 23:49:49,554 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:49:49,554 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:49:49,554 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:49:49,554 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:49:49,554 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:49:49,554 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:49,554 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:49:49,555 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:49:49,555 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 23:49:49,555 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 23:49:49,555 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 23:49:49,555 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d286f1bc6bef2af97aa9bf8e95cd227fcca3bcb186ca467ee6b24a6fc8e433bc [2022-02-20 23:49:49,812 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:49:49,833 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:49:49,834 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:49:49,835 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:49:49,837 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:49:49,838 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test11.i [2022-02-20 23:49:49,888 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/07cca6732/9a6bfe2b8706496f9df6be76435e0ec9/FLAG554c3820f [2022-02-20 23:49:50,272 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:49:50,273 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test11.i [2022-02-20 23:49:50,286 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/07cca6732/9a6bfe2b8706496f9df6be76435e0ec9/FLAG554c3820f [2022-02-20 23:49:50,619 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/07cca6732/9a6bfe2b8706496f9df6be76435e0ec9 [2022-02-20 23:49:50,621 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:49:50,622 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:49:50,622 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:50,622 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:49:50,637 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:49:50,638 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:50" (1/1) ... [2022-02-20 23:49:50,639 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1958c1f2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:50, skipping insertion in model container [2022-02-20 23:49:50,639 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:49:50" (1/1) ... [2022-02-20 23:49:50,643 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:49:50,665 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:50,980 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:50,996 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 23:49:51,006 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:49:51,062 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:51,073 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:49:51,115 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:49:51,165 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:49:51,166 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51 WrapperNode [2022-02-20 23:49:51,166 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:49:51,167 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:49:51,168 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:49:51,168 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:49:51,172 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,198 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,234 INFO L137 Inliner]: procedures = 169, calls = 87, calls flagged for inlining = 26, calls inlined = 8, statements flattened = 92 [2022-02-20 23:49:51,235 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:49:51,236 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:49:51,236 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:49:51,236 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:49:51,242 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,242 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,245 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,246 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,258 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,268 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,270 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,272 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:49:51,273 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:49:51,273 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:49:51,273 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:49:51,274 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (1/1) ... [2022-02-20 23:49:51,283 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:49:51,299 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:49:51,332 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:49:51,365 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:49:51,392 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-02-20 23:49:51,393 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-02-20 23:49:51,393 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_i2c_set_clientdata [2022-02-20 23:49:51,393 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_i2c_set_clientdata [2022-02-20 23:49:51,393 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:49:51,394 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:49:51,394 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:49:51,528 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:49:51,529 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:49:51,820 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:49:51,827 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:49:51,828 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 23:49:51,830 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:49:51 BoogieIcfgContainer [2022-02-20 23:49:51,831 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:49:51,832 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:49:51,832 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:49:51,834 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:49:51,834 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:49:50" (1/3) ... [2022-02-20 23:49:51,835 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b38092e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:49:51, skipping insertion in model container [2022-02-20 23:49:51,835 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:49:51" (2/3) ... [2022-02-20 23:49:51,836 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b38092e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:49:51, skipping insertion in model container [2022-02-20 23:49:51,836 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:49:51" (3/3) ... [2022-02-20 23:49:51,837 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test11.i [2022-02-20 23:49:51,840 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:49:51,841 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 27 error locations. [2022-02-20 23:49:51,883 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:49:51,890 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:49:51,890 INFO L340 AbstractCegarLoop]: Starting to check reachability of 27 error locations. [2022-02-20 23:49:51,905 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 76 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:49:51,909 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:49:51,910 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:51,910 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:51,910 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr24ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:49:51,915 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:51,915 INFO L85 PathProgramCache]: Analyzing trace with hash -1738627509, now seen corresponding path program 1 times [2022-02-20 23:49:51,926 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:51,927 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1460206839] [2022-02-20 23:49:51,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:51,928 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:51,928 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:51,933 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:51,961 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 23:49:51,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:51,997 INFO L263 TraceCheckSpWp]: Trace formula consists of 40 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:49:52,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:52,014 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:52,118 INFO L290 TraceCheckUtils]: 0: Hoare triple {88#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {88#true} is VALID [2022-02-20 23:49:52,119 INFO L290 TraceCheckUtils]: 1: Hoare triple {88#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {88#true} is VALID [2022-02-20 23:49:52,119 INFO L272 TraceCheckUtils]: 2: Hoare triple {88#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {88#true} is VALID [2022-02-20 23:49:52,120 INFO L290 TraceCheckUtils]: 3: Hoare triple {88#true} ~size := #in~size; {88#true} is VALID [2022-02-20 23:49:52,120 INFO L290 TraceCheckUtils]: 4: Hoare triple {88#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {105#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:52,121 INFO L290 TraceCheckUtils]: 5: Hoare triple {105#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {105#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:52,122 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {105#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {88#true} #118#return; {112#(not (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:52,123 INFO L290 TraceCheckUtils]: 7: Hoare triple {112#(not (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {116#(not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:52,124 INFO L290 TraceCheckUtils]: 8: Hoare triple {116#(not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32)))} assume entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32; {89#false} is VALID [2022-02-20 23:49:52,124 INFO L290 TraceCheckUtils]: 9: Hoare triple {89#false} assume { :end_inline_entry_point } true; {89#false} is VALID [2022-02-20 23:49:52,124 INFO L290 TraceCheckUtils]: 10: Hoare triple {89#false} assume !(#valid == main_old_#valid#1); {89#false} is VALID [2022-02-20 23:49:52,125 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:52,126 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:49:52,128 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:52,129 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1460206839] [2022-02-20 23:49:52,129 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1460206839] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:49:52,129 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:49:52,130 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:49:52,131 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [167629180] [2022-02-20 23:49:52,131 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:49:52,135 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:52,136 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:52,139 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:52,174 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:52,175 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:49:52,175 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:52,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:49:52,203 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:52,205 INFO L87 Difference]: Start difference. First operand has 85 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 76 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Second operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:52,711 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,712 INFO L93 Difference]: Finished difference Result 157 states and 181 transitions. [2022-02-20 23:49:52,712 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:49:52,712 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:52,712 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:52,713 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:52,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 182 transitions. [2022-02-20 23:49:52,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:52,725 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 182 transitions. [2022-02-20 23:49:52,725 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 182 transitions. [2022-02-20 23:49:52,891 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 182 edges. 182 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:52,900 INFO L225 Difference]: With dead ends: 157 [2022-02-20 23:49:52,901 INFO L226 Difference]: Without dead ends: 153 [2022-02-20 23:49:52,902 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:52,904 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 68 mSDsluCounter, 264 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 48 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:52,905 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [76 Valid, 357 Invalid, 48 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:49:52,916 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2022-02-20 23:49:52,927 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 87. [2022-02-20 23:49:52,928 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:52,929 INFO L82 GeneralOperation]: Start isEquivalent. First operand 153 states. Second operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:52,929 INFO L74 IsIncluded]: Start isIncluded. First operand 153 states. Second operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:52,930 INFO L87 Difference]: Start difference. First operand 153 states. Second operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:52,937 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,937 INFO L93 Difference]: Finished difference Result 153 states and 177 transitions. [2022-02-20 23:49:52,937 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 177 transitions. [2022-02-20 23:49:52,939 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:52,939 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:52,939 INFO L74 IsIncluded]: Start isIncluded. First operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) Second operand 153 states. [2022-02-20 23:49:52,940 INFO L87 Difference]: Start difference. First operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) Second operand 153 states. [2022-02-20 23:49:52,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:52,950 INFO L93 Difference]: Finished difference Result 153 states and 177 transitions. [2022-02-20 23:49:52,950 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 177 transitions. [2022-02-20 23:49:52,951 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:52,952 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:52,952 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:52,953 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:52,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 51 states have (on average 1.6274509803921569) internal successors, (83), 77 states have internal predecessors, (83), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:52,957 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 99 transitions. [2022-02-20 23:49:52,962 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 99 transitions. Word has length 11 [2022-02-20 23:49:52,962 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:52,962 INFO L470 AbstractCegarLoop]: Abstraction has 87 states and 99 transitions. [2022-02-20 23:49:52,963 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:52,963 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 99 transitions. [2022-02-20 23:49:52,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:49:52,964 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:52,964 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:52,973 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:53,171 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:53,171 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr24ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:49:53,172 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:53,174 INFO L85 PathProgramCache]: Analyzing trace with hash -851123828, now seen corresponding path program 1 times [2022-02-20 23:49:53,174 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:53,174 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1569273545] [2022-02-20 23:49:53,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:53,175 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:53,175 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:53,186 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:53,198 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 23:49:53,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:53,252 INFO L263 TraceCheckSpWp]: Trace formula consists of 34 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:49:53,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:53,268 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:53,315 INFO L290 TraceCheckUtils]: 0: Hoare triple {675#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {675#true} is VALID [2022-02-20 23:49:53,315 INFO L290 TraceCheckUtils]: 1: Hoare triple {675#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:53,316 INFO L272 TraceCheckUtils]: 2: Hoare triple {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {687#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:53,316 INFO L290 TraceCheckUtils]: 3: Hoare triple {687#(= |old(#valid)| |#valid|)} ~size := #in~size; {687#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:53,317 INFO L290 TraceCheckUtils]: 4: Hoare triple {687#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {687#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:53,317 INFO L290 TraceCheckUtils]: 5: Hoare triple {687#(= |old(#valid)| |#valid|)} assume true; {687#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:53,318 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {687#(= |old(#valid)| |#valid|)} {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #118#return; {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:53,319 INFO L290 TraceCheckUtils]: 7: Hoare triple {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:53,319 INFO L290 TraceCheckUtils]: 8: Hoare triple {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32; {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:53,320 INFO L290 TraceCheckUtils]: 9: Hoare triple {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline_entry_point } true; {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:49:53,320 INFO L290 TraceCheckUtils]: 10: Hoare triple {683#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(#valid == main_old_#valid#1); {676#false} is VALID [2022-02-20 23:49:53,320 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:53,320 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:49:53,320 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:53,321 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1569273545] [2022-02-20 23:49:53,321 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1569273545] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:49:53,321 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:49:53,321 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:49:53,321 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [994181868] [2022-02-20 23:49:53,321 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:49:53,322 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:53,322 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:53,323 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:53,332 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:53,332 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:49:53,332 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:53,332 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:49:53,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:49:53,333 INFO L87 Difference]: Start difference. First operand 87 states and 99 transitions. Second operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:53,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:53,886 INFO L93 Difference]: Finished difference Result 153 states and 176 transitions. [2022-02-20 23:49:53,887 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:49:53,887 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:49:53,887 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:53,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:53,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 177 transitions. [2022-02-20 23:49:53,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:53,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 177 transitions. [2022-02-20 23:49:53,910 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 177 transitions. [2022-02-20 23:49:54,059 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 177 edges. 177 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:54,064 INFO L225 Difference]: With dead ends: 153 [2022-02-20 23:49:54,064 INFO L226 Difference]: Without dead ends: 151 [2022-02-20 23:49:54,065 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:49:54,069 INFO L933 BasicCegarLoop]: 146 mSDtfsCounter, 66 mSDsluCounter, 158 mSDsCounter, 0 mSdLazyCounter, 132 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 304 SdHoareTripleChecker+Invalid, 140 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 132 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:54,070 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [68 Valid, 304 Invalid, 140 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:49:54,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 151 states. [2022-02-20 23:49:54,083 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 151 to 83. [2022-02-20 23:49:54,084 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:54,084 INFO L82 GeneralOperation]: Start isEquivalent. First operand 151 states. Second operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:49:54,085 INFO L74 IsIncluded]: Start isIncluded. First operand 151 states. Second operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:49:54,085 INFO L87 Difference]: Start difference. First operand 151 states. Second operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:49:54,092 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:54,093 INFO L93 Difference]: Finished difference Result 151 states and 174 transitions. [2022-02-20 23:49:54,093 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 174 transitions. [2022-02-20 23:49:54,099 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:54,099 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:54,099 INFO L74 IsIncluded]: Start isIncluded. First operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Second operand 151 states. [2022-02-20 23:49:54,100 INFO L87 Difference]: Start difference. First operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Second operand 151 states. [2022-02-20 23:49:54,109 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:54,109 INFO L93 Difference]: Finished difference Result 151 states and 174 transitions. [2022-02-20 23:49:54,109 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 174 transitions. [2022-02-20 23:49:54,111 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:54,111 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:54,111 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:54,111 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:54,112 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 48 states have (on average 1.6458333333333333) internal successors, (79), 74 states have internal predecessors, (79), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:49:54,114 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 91 transitions. [2022-02-20 23:49:54,114 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 91 transitions. Word has length 11 [2022-02-20 23:49:54,114 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:54,115 INFO L470 AbstractCegarLoop]: Abstraction has 83 states and 91 transitions. [2022-02-20 23:49:54,115 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:49:54,115 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 91 transitions. [2022-02-20 23:49:54,115 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:49:54,115 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:54,116 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:54,123 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:54,322 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:54,322 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr21ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:49:54,323 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:54,326 INFO L85 PathProgramCache]: Analyzing trace with hash -470294884, now seen corresponding path program 1 times [2022-02-20 23:49:54,327 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:54,328 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1725378387] [2022-02-20 23:49:54,328 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:54,328 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:54,328 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:54,329 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:54,343 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 23:49:54,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:54,387 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:49:54,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:54,394 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:54,441 INFO L290 TraceCheckUtils]: 0: Hoare triple {1249#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1249#true} is VALID [2022-02-20 23:49:54,441 INFO L290 TraceCheckUtils]: 1: Hoare triple {1249#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {1249#true} is VALID [2022-02-20 23:49:54,441 INFO L272 TraceCheckUtils]: 2: Hoare triple {1249#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {1249#true} is VALID [2022-02-20 23:49:54,442 INFO L290 TraceCheckUtils]: 3: Hoare triple {1249#true} ~size := #in~size; {1249#true} is VALID [2022-02-20 23:49:54,442 INFO L290 TraceCheckUtils]: 4: Hoare triple {1249#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1249#true} is VALID [2022-02-20 23:49:54,442 INFO L290 TraceCheckUtils]: 5: Hoare triple {1249#true} assume true; {1249#true} is VALID [2022-02-20 23:49:54,442 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1249#true} {1249#true} #118#return; {1249#true} is VALID [2022-02-20 23:49:54,442 INFO L290 TraceCheckUtils]: 7: Hoare triple {1249#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {1249#true} is VALID [2022-02-20 23:49:54,443 INFO L290 TraceCheckUtils]: 8: Hoare triple {1249#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {1249#true} is VALID [2022-02-20 23:49:54,443 INFO L272 TraceCheckUtils]: 9: Hoare triple {1249#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1249#true} is VALID [2022-02-20 23:49:54,443 INFO L290 TraceCheckUtils]: 10: Hoare triple {1249#true} ~size := #in~size; {1249#true} is VALID [2022-02-20 23:49:54,445 INFO L290 TraceCheckUtils]: 11: Hoare triple {1249#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1287#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:54,445 INFO L290 TraceCheckUtils]: 12: Hoare triple {1287#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {1287#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:54,446 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1287#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {1249#true} #120#return; {1294#(not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:54,447 INFO L290 TraceCheckUtils]: 14: Hoare triple {1294#(not (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1298#(not (= |ULTIMATE.start_entry_point_~cfg~1#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:49:54,448 INFO L290 TraceCheckUtils]: 15: Hoare triple {1298#(not (= |ULTIMATE.start_entry_point_~cfg~1#1.base| (_ bv0 32)))} assume entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32; {1250#false} is VALID [2022-02-20 23:49:54,448 INFO L290 TraceCheckUtils]: 16: Hoare triple {1250#false} assume !(0bv32 == entry_point_~c11~0#1.offset); {1250#false} is VALID [2022-02-20 23:49:54,448 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:49:54,448 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:49:54,448 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:54,449 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1725378387] [2022-02-20 23:49:54,449 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1725378387] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:49:54,449 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:49:54,449 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:49:54,449 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1662121829] [2022-02-20 23:49:54,449 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:49:54,450 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 17 [2022-02-20 23:49:54,450 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:54,450 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:49:54,462 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:54,463 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:49:54,463 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:54,463 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:49:54,463 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:54,464 INFO L87 Difference]: Start difference. First operand 83 states and 91 transitions. Second operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:49:54,960 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:54,960 INFO L93 Difference]: Finished difference Result 150 states and 170 transitions. [2022-02-20 23:49:54,960 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:49:54,960 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 17 [2022-02-20 23:49:54,961 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:54,961 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:49:54,963 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 171 transitions. [2022-02-20 23:49:54,963 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:49:54,966 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 171 transitions. [2022-02-20 23:49:54,966 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 171 transitions. [2022-02-20 23:49:55,124 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 171 edges. 171 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:55,127 INFO L225 Difference]: With dead ends: 150 [2022-02-20 23:49:55,127 INFO L226 Difference]: Without dead ends: 150 [2022-02-20 23:49:55,127 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:49:55,135 INFO L933 BasicCegarLoop]: 93 mSDtfsCounter, 63 mSDsluCounter, 262 mSDsCounter, 0 mSdLazyCounter, 43 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 44 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 43 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:55,138 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [69 Valid, 355 Invalid, 44 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 43 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:49:55,140 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-02-20 23:49:55,144 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 87. [2022-02-20 23:49:55,147 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:55,147 INFO L82 GeneralOperation]: Start isEquivalent. First operand 150 states. Second operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:55,147 INFO L74 IsIncluded]: Start isIncluded. First operand 150 states. Second operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:55,148 INFO L87 Difference]: Start difference. First operand 150 states. Second operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:55,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:55,153 INFO L93 Difference]: Finished difference Result 150 states and 170 transitions. [2022-02-20 23:49:55,153 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 170 transitions. [2022-02-20 23:49:55,153 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:55,153 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:55,154 INFO L74 IsIncluded]: Start isIncluded. First operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) Second operand 150 states. [2022-02-20 23:49:55,154 INFO L87 Difference]: Start difference. First operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) Second operand 150 states. [2022-02-20 23:49:55,158 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:55,159 INFO L93 Difference]: Finished difference Result 150 states and 170 transitions. [2022-02-20 23:49:55,160 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 170 transitions. [2022-02-20 23:49:55,160 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:55,160 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:55,160 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:55,160 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:55,161 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 51 states have (on average 1.607843137254902) internal successors, (82), 77 states have internal predecessors, (82), 6 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (10), 7 states have call predecessors, (10), 6 states have call successors, (10) [2022-02-20 23:49:55,163 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 98 transitions. [2022-02-20 23:49:55,163 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 98 transitions. Word has length 17 [2022-02-20 23:49:55,163 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:55,163 INFO L470 AbstractCegarLoop]: Abstraction has 87 states and 98 transitions. [2022-02-20 23:49:55,164 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:49:55,164 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 98 transitions. [2022-02-20 23:49:55,164 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:49:55,164 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:55,164 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:55,171 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 23:49:55,372 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:55,372 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:49:55,373 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:55,373 INFO L85 PathProgramCache]: Analyzing trace with hash -470294895, now seen corresponding path program 1 times [2022-02-20 23:49:55,374 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:55,374 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1970117818] [2022-02-20 23:49:55,374 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:55,374 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:55,374 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:55,375 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:55,376 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 23:49:55,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:55,428 INFO L263 TraceCheckSpWp]: Trace formula consists of 59 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:49:55,435 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:55,435 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:55,469 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:55,603 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:49:55,603 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 18 treesize of output 25 [2022-02-20 23:49:55,625 INFO L290 TraceCheckUtils]: 0: Hoare triple {1841#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1841#true} is VALID [2022-02-20 23:49:55,625 INFO L290 TraceCheckUtils]: 1: Hoare triple {1841#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {1841#true} is VALID [2022-02-20 23:49:55,626 INFO L272 TraceCheckUtils]: 2: Hoare triple {1841#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {1841#true} is VALID [2022-02-20 23:49:55,626 INFO L290 TraceCheckUtils]: 3: Hoare triple {1841#true} ~size := #in~size; {1841#true} is VALID [2022-02-20 23:49:55,627 INFO L290 TraceCheckUtils]: 4: Hoare triple {1841#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:55,627 INFO L290 TraceCheckUtils]: 5: Hoare triple {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:55,628 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {1841#true} #118#return; {1865#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,628 INFO L290 TraceCheckUtils]: 7: Hoare triple {1865#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,629 INFO L290 TraceCheckUtils]: 8: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,629 INFO L272 TraceCheckUtils]: 9: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1876#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:55,630 INFO L290 TraceCheckUtils]: 10: Hoare triple {1876#(= |old(#valid)| |#valid|)} ~size := #in~size; {1876#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:49:55,633 INFO L290 TraceCheckUtils]: 11: Hoare triple {1876#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1883#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_12 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_12) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:49:55,634 INFO L290 TraceCheckUtils]: 12: Hoare triple {1883#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_12 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_12) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {1883#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_12 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_12) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:49:55,635 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1883#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_12 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_12) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} #120#return; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,635 INFO L290 TraceCheckUtils]: 14: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,635 INFO L290 TraceCheckUtils]: 15: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:55,636 INFO L290 TraceCheckUtils]: 16: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~c11~0#1.base]); {1842#false} is VALID [2022-02-20 23:49:55,636 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:55,636 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:49:57,897 INFO L290 TraceCheckUtils]: 16: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~c11~0#1.base]); {1842#false} is VALID [2022-02-20 23:49:57,898 INFO L290 TraceCheckUtils]: 15: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,899 INFO L290 TraceCheckUtils]: 14: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,900 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} #120#return; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,900 INFO L290 TraceCheckUtils]: 12: Hoare triple {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} assume true; {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:49:57,902 INFO L290 TraceCheckUtils]: 11: Hoare triple {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:49:57,902 INFO L290 TraceCheckUtils]: 10: Hoare triple {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} ~size := #in~size; {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:49:57,903 INFO L272 TraceCheckUtils]: 9: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {1911#(forall ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:49:57,903 INFO L290 TraceCheckUtils]: 8: Hoare triple {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,904 INFO L290 TraceCheckUtils]: 7: Hoare triple {1865#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {1869#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,905 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {1841#true} #118#return; {1865#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:49:57,905 INFO L290 TraceCheckUtils]: 5: Hoare triple {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:57,906 INFO L290 TraceCheckUtils]: 4: Hoare triple {1841#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1858#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:49:57,906 INFO L290 TraceCheckUtils]: 3: Hoare triple {1841#true} ~size := #in~size; {1841#true} is VALID [2022-02-20 23:49:57,906 INFO L272 TraceCheckUtils]: 2: Hoare triple {1841#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {1841#true} is VALID [2022-02-20 23:49:57,906 INFO L290 TraceCheckUtils]: 1: Hoare triple {1841#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {1841#true} is VALID [2022-02-20 23:49:57,907 INFO L290 TraceCheckUtils]: 0: Hoare triple {1841#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1841#true} is VALID [2022-02-20 23:49:57,907 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:57,907 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:57,907 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1970117818] [2022-02-20 23:49:57,907 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1970117818] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:49:57,907 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:49:57,907 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 5] total 7 [2022-02-20 23:49:57,908 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [689351953] [2022-02-20 23:49:57,908 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:49:57,908 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 17 [2022-02-20 23:49:57,908 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:49:57,909 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:57,929 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:57,929 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:49:57,930 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:49:57,930 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:49:57,930 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:49:57,930 INFO L87 Difference]: Start difference. First operand 87 states and 98 transitions. Second operand has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:58,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:58,433 INFO L93 Difference]: Finished difference Result 107 states and 120 transitions. [2022-02-20 23:49:58,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:49:58,433 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 17 [2022-02-20 23:49:58,433 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:49:58,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:58,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 118 transitions. [2022-02-20 23:49:58,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:58,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 118 transitions. [2022-02-20 23:49:58,436 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 118 transitions. [2022-02-20 23:49:58,531 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 118 edges. 118 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:49:58,532 INFO L225 Difference]: With dead ends: 107 [2022-02-20 23:49:58,532 INFO L226 Difference]: Without dead ends: 107 [2022-02-20 23:49:58,532 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 23 SyntacticMatches, 3 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 2.1s TimeCoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:49:58,533 INFO L933 BasicCegarLoop]: 88 mSDtfsCounter, 10 mSDsluCounter, 229 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 317 SdHoareTripleChecker+Invalid, 177 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 50 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:49:58,533 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [10 Valid, 317 Invalid, 177 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 125 Invalid, 0 Unknown, 50 Unchecked, 0.1s Time] [2022-02-20 23:49:58,533 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2022-02-20 23:49:58,536 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 104. [2022-02-20 23:49:58,536 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:49:58,536 INFO L82 GeneralOperation]: Start isEquivalent. First operand 107 states. Second operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:49:58,536 INFO L74 IsIncluded]: Start isIncluded. First operand 107 states. Second operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:49:58,537 INFO L87 Difference]: Start difference. First operand 107 states. Second operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:49:58,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:58,539 INFO L93 Difference]: Finished difference Result 107 states and 120 transitions. [2022-02-20 23:49:58,539 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 120 transitions. [2022-02-20 23:49:58,540 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:58,540 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:58,540 INFO L74 IsIncluded]: Start isIncluded. First operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) Second operand 107 states. [2022-02-20 23:49:58,540 INFO L87 Difference]: Start difference. First operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) Second operand 107 states. [2022-02-20 23:49:58,543 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:49:58,543 INFO L93 Difference]: Finished difference Result 107 states and 120 transitions. [2022-02-20 23:49:58,543 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 120 transitions. [2022-02-20 23:49:58,543 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:49:58,543 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:49:58,543 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:49:58,543 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:49:58,544 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 65 states have (on average 1.5538461538461539) internal successors, (101), 90 states have internal predecessors, (101), 7 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (12), 10 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:49:58,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 120 transitions. [2022-02-20 23:49:58,546 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 120 transitions. Word has length 17 [2022-02-20 23:49:58,546 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:49:58,546 INFO L470 AbstractCegarLoop]: Abstraction has 104 states and 120 transitions. [2022-02-20 23:49:58,546 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:49:58,547 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 120 transitions. [2022-02-20 23:49:58,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:49:58,547 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:49:58,547 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:49:58,571 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Ended with exit code 0 [2022-02-20 23:49:58,776 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:49:58,776 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:49:58,777 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:49:58,777 INFO L85 PathProgramCache]: Analyzing trace with hash -470294894, now seen corresponding path program 1 times [2022-02-20 23:49:58,777 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:49:58,777 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [929423369] [2022-02-20 23:49:58,777 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:58,778 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:49:58,778 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:49:58,779 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:49:58,780 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 23:49:58,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:58,832 INFO L263 TraceCheckSpWp]: Trace formula consists of 59 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:49:58,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:58,841 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:58,860 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:58,864 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:59,033 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:49:59,034 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:49:59,042 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:49:59,043 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:49:59,084 INFO L290 TraceCheckUtils]: 0: Hoare triple {2374#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2374#true} is VALID [2022-02-20 23:49:59,084 INFO L290 TraceCheckUtils]: 1: Hoare triple {2374#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {2374#true} is VALID [2022-02-20 23:49:59,084 INFO L272 TraceCheckUtils]: 2: Hoare triple {2374#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {2374#true} is VALID [2022-02-20 23:49:59,085 INFO L290 TraceCheckUtils]: 3: Hoare triple {2374#true} ~size := #in~size; {2388#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:49:59,086 INFO L290 TraceCheckUtils]: 4: Hoare triple {2388#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,086 INFO L290 TraceCheckUtils]: 5: Hoare triple {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,087 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {2374#true} #118#return; {2399#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:49:59,088 INFO L290 TraceCheckUtils]: 7: Hoare triple {2399#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,088 INFO L290 TraceCheckUtils]: 8: Hoare triple {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,089 INFO L272 TraceCheckUtils]: 9: Hoare triple {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:49:59,089 INFO L290 TraceCheckUtils]: 10: Hoare triple {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:49:59,091 INFO L290 TraceCheckUtils]: 11: Hoare triple {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:49:59,091 INFO L290 TraceCheckUtils]: 12: Hoare triple {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:49:59,093 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #120#return; {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,093 INFO L290 TraceCheckUtils]: 14: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,094 INFO L290 TraceCheckUtils]: 15: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:49:59,094 INFO L290 TraceCheckUtils]: 16: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~c11~0#1.offset), #length[entry_point_~c11~0#1.base]) && ~bvule32(entry_point_~c11~0#1.offset, ~bvadd32(4bv32, entry_point_~c11~0#1.offset))) && ~bvule32(0bv32, entry_point_~c11~0#1.offset)); {2375#false} is VALID [2022-02-20 23:49:59,095 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 1 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:49:59,095 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:49:59,310 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:49:59,310 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [929423369] [2022-02-20 23:49:59,310 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [929423369] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:49:59,310 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [711657480] [2022-02-20 23:49:59,310 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:49:59,310 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:49:59,310 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:49:59,312 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:49:59,313 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (7)] Waiting until timeout for monitored process [2022-02-20 23:49:59,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:59,399 INFO L263 TraceCheckSpWp]: Trace formula consists of 59 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:49:59,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:49:59,409 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:49:59,430 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:49:59,436 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:01,626 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:01,627 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:01,636 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:01,637 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:01,662 INFO L290 TraceCheckUtils]: 0: Hoare triple {2374#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2374#true} is VALID [2022-02-20 23:50:01,662 INFO L290 TraceCheckUtils]: 1: Hoare triple {2374#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {2374#true} is VALID [2022-02-20 23:50:01,662 INFO L272 TraceCheckUtils]: 2: Hoare triple {2374#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {2374#true} is VALID [2022-02-20 23:50:01,663 INFO L290 TraceCheckUtils]: 3: Hoare triple {2374#true} ~size := #in~size; {2388#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:01,664 INFO L290 TraceCheckUtils]: 4: Hoare triple {2388#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,664 INFO L290 TraceCheckUtils]: 5: Hoare triple {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,665 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2392#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {2374#true} #118#return; {2399#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:50:01,666 INFO L290 TraceCheckUtils]: 7: Hoare triple {2399#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,669 INFO L290 TraceCheckUtils]: 8: Hoare triple {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,670 INFO L272 TraceCheckUtils]: 9: Hoare triple {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:01,670 INFO L290 TraceCheckUtils]: 10: Hoare triple {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:01,671 INFO L290 TraceCheckUtils]: 11: Hoare triple {2410#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:01,672 INFO L290 TraceCheckUtils]: 12: Hoare triple {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:01,674 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2417#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {2403#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #120#return; {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,676 INFO L290 TraceCheckUtils]: 14: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,677 INFO L290 TraceCheckUtils]: 15: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:01,677 INFO L290 TraceCheckUtils]: 16: Hoare triple {2424#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~c11~0#1.offset), #length[entry_point_~c11~0#1.base]) && ~bvule32(entry_point_~c11~0#1.offset, ~bvadd32(4bv32, entry_point_~c11~0#1.offset))) && ~bvule32(0bv32, entry_point_~c11~0#1.offset)); {2375#false} is VALID [2022-02-20 23:50:01,677 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 1 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:01,678 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:01,979 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [711657480] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:01,979 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:01,979 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 8 [2022-02-20 23:50:01,979 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [371299930] [2022-02-20 23:50:01,979 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:01,979 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:01,979 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:01,980 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:02,000 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:02,000 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:50:02,000 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:02,000 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:50:02,000 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:50:02,001 INFO L87 Difference]: Start difference. First operand 104 states and 120 transitions. Second operand has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,005 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,005 INFO L93 Difference]: Finished difference Result 179 states and 200 transitions. [2022-02-20 23:50:08,005 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:50:08,006 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:08,006 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:08,006 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,008 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 197 transitions. [2022-02-20 23:50:08,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 197 transitions. [2022-02-20 23:50:08,010 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 197 transitions. [2022-02-20 23:50:08,181 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 197 edges. 197 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:08,183 INFO L225 Difference]: With dead ends: 179 [2022-02-20 23:50:08,183 INFO L226 Difference]: Without dead ends: 179 [2022-02-20 23:50:08,183 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 29 SyntacticMatches, 2 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 2.4s TimeCoverageRelationStatistics Valid=32, Invalid=124, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:50:08,184 INFO L933 BasicCegarLoop]: 110 mSDtfsCounter, 139 mSDsluCounter, 450 mSDsCounter, 0 mSdLazyCounter, 391 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 141 SdHoareTripleChecker+Valid, 560 SdHoareTripleChecker+Invalid, 492 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 391 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 77 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:08,184 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [141 Valid, 560 Invalid, 492 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 391 Invalid, 0 Unknown, 77 Unchecked, 0.6s Time] [2022-02-20 23:50:08,185 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2022-02-20 23:50:08,188 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 138. [2022-02-20 23:50:08,188 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:08,189 INFO L82 GeneralOperation]: Start isEquivalent. First operand 179 states. Second operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) [2022-02-20 23:50:08,189 INFO L74 IsIncluded]: Start isIncluded. First operand 179 states. Second operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) [2022-02-20 23:50:08,189 INFO L87 Difference]: Start difference. First operand 179 states. Second operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) [2022-02-20 23:50:08,193 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,193 INFO L93 Difference]: Finished difference Result 179 states and 200 transitions. [2022-02-20 23:50:08,193 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 200 transitions. [2022-02-20 23:50:08,193 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:08,193 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:08,203 INFO L74 IsIncluded]: Start isIncluded. First operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) Second operand 179 states. [2022-02-20 23:50:08,203 INFO L87 Difference]: Start difference. First operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) Second operand 179 states. [2022-02-20 23:50:08,207 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:08,207 INFO L93 Difference]: Finished difference Result 179 states and 200 transitions. [2022-02-20 23:50:08,207 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 200 transitions. [2022-02-20 23:50:08,207 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:08,207 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:08,208 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:08,208 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:08,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 95 states have (on average 1.5894736842105264) internal successors, (151), 120 states have internal predecessors, (151), 11 states have call successors, (11), 3 states have call predecessors, (11), 5 states have return successors, (18), 14 states have call predecessors, (18), 11 states have call successors, (18) [2022-02-20 23:50:08,211 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 180 transitions. [2022-02-20 23:50:08,211 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 180 transitions. Word has length 17 [2022-02-20 23:50:08,211 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:08,211 INFO L470 AbstractCegarLoop]: Abstraction has 138 states and 180 transitions. [2022-02-20 23:50:08,211 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 1.625) internal successors, (13), 8 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,211 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 180 transitions. [2022-02-20 23:50:08,212 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:50:08,212 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:08,212 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:08,221 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (7)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:08,420 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Ended with exit code 0 [2022-02-20 23:50:08,618 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:08,618 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:08,619 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:08,619 INFO L85 PathProgramCache]: Analyzing trace with hash -763697902, now seen corresponding path program 1 times [2022-02-20 23:50:08,619 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:08,619 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1533995251] [2022-02-20 23:50:08,619 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:08,620 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:08,620 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:08,621 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:08,621 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 23:50:08,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:08,673 INFO L263 TraceCheckSpWp]: Trace formula consists of 53 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:08,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:08,680 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:08,775 INFO L290 TraceCheckUtils]: 0: Hoare triple {3186#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3186#true} is VALID [2022-02-20 23:50:08,775 INFO L290 TraceCheckUtils]: 1: Hoare triple {3186#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {3186#true} is VALID [2022-02-20 23:50:08,776 INFO L272 TraceCheckUtils]: 2: Hoare triple {3186#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {3186#true} is VALID [2022-02-20 23:50:08,776 INFO L290 TraceCheckUtils]: 3: Hoare triple {3186#true} ~size := #in~size; {3186#true} is VALID [2022-02-20 23:50:08,776 INFO L290 TraceCheckUtils]: 4: Hoare triple {3186#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3203#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,777 INFO L290 TraceCheckUtils]: 5: Hoare triple {3203#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {3203#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,777 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3203#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {3186#true} #118#return; {3210#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,778 INFO L290 TraceCheckUtils]: 7: Hoare triple {3210#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {3214#(and (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:08,778 INFO L290 TraceCheckUtils]: 8: Hoare triple {3214#(and (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {3187#false} is VALID [2022-02-20 23:50:08,778 INFO L272 TraceCheckUtils]: 9: Hoare triple {3187#false} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3187#false} is VALID [2022-02-20 23:50:08,778 INFO L290 TraceCheckUtils]: 10: Hoare triple {3187#false} ~size := #in~size; {3187#false} is VALID [2022-02-20 23:50:08,778 INFO L290 TraceCheckUtils]: 11: Hoare triple {3187#false} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L290 TraceCheckUtils]: 12: Hoare triple {3187#false} assume true; {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3187#false} {3187#false} #120#return; {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L290 TraceCheckUtils]: 14: Hoare triple {3187#false} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L290 TraceCheckUtils]: 15: Hoare triple {3187#false} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L290 TraceCheckUtils]: 16: Hoare triple {3187#false} assume !(1bv1 == #valid[entry_point_~c11~0#1.base]); {3187#false} is VALID [2022-02-20 23:50:08,779 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:08,780 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:08,780 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:08,780 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1533995251] [2022-02-20 23:50:08,780 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1533995251] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:08,780 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:08,780 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:08,780 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [697608649] [2022-02-20 23:50:08,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:08,781 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:08,781 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:08,781 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:08,795 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:08,795 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:08,795 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:08,795 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:08,795 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:08,796 INFO L87 Difference]: Start difference. First operand 138 states and 180 transitions. Second operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:09,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,140 INFO L93 Difference]: Finished difference Result 129 states and 165 transitions. [2022-02-20 23:50:09,140 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:09,141 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:09,141 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:09,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:09,142 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 96 transitions. [2022-02-20 23:50:09,142 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:09,143 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 96 transitions. [2022-02-20 23:50:09,143 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 96 transitions. [2022-02-20 23:50:09,215 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 96 edges. 96 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:09,218 INFO L225 Difference]: With dead ends: 129 [2022-02-20 23:50:09,218 INFO L226 Difference]: Without dead ends: 127 [2022-02-20 23:50:09,218 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:09,219 INFO L933 BasicCegarLoop]: 94 mSDtfsCounter, 0 mSDsluCounter, 264 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:09,219 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 358 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:50:09,219 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2022-02-20 23:50:09,222 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 127. [2022-02-20 23:50:09,222 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:09,222 INFO L82 GeneralOperation]: Start isEquivalent. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:09,223 INFO L74 IsIncluded]: Start isIncluded. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:09,223 INFO L87 Difference]: Start difference. First operand 127 states. Second operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:09,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,226 INFO L93 Difference]: Finished difference Result 127 states and 163 transitions. [2022-02-20 23:50:09,226 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 163 transitions. [2022-02-20 23:50:09,226 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:09,226 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:09,227 INFO L74 IsIncluded]: Start isIncluded. First operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) Second operand 127 states. [2022-02-20 23:50:09,227 INFO L87 Difference]: Start difference. First operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) Second operand 127 states. [2022-02-20 23:50:09,244 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:09,244 INFO L93 Difference]: Finished difference Result 127 states and 163 transitions. [2022-02-20 23:50:09,244 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 163 transitions. [2022-02-20 23:50:09,244 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:09,244 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:09,244 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:09,244 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:09,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 88 states have (on average 1.6022727272727273) internal successors, (141), 112 states have internal predecessors, (141), 9 states have call successors, (9), 3 states have call predecessors, (9), 5 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:09,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 163 transitions. [2022-02-20 23:50:09,247 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 163 transitions. Word has length 17 [2022-02-20 23:50:09,248 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:09,248 INFO L470 AbstractCegarLoop]: Abstraction has 127 states and 163 transitions. [2022-02-20 23:50:09,248 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:09,248 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 163 transitions. [2022-02-20 23:50:09,249 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 23:50:09,249 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:09,249 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:09,257 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:09,457 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:09,458 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr22ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:09,458 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:09,458 INFO L85 PathProgramCache]: Analyzing trace with hash -806735705, now seen corresponding path program 1 times [2022-02-20 23:50:09,459 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:09,459 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [268993323] [2022-02-20 23:50:09,459 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:09,459 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:09,459 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:09,460 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:09,462 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 23:50:09,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:09,504 INFO L263 TraceCheckSpWp]: Trace formula consists of 55 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:50:09,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:09,515 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:09,803 INFO L290 TraceCheckUtils]: 0: Hoare triple {3751#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,803 INFO L290 TraceCheckUtils]: 1: Hoare triple {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,804 INFO L272 TraceCheckUtils]: 2: Hoare triple {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,805 INFO L290 TraceCheckUtils]: 3: Hoare triple {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,815 INFO L290 TraceCheckUtils]: 4: Hoare triple {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3769#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,815 INFO L290 TraceCheckUtils]: 5: Hoare triple {3769#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {3769#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,816 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3769#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {3756#(bvult (_ bv0 32) |#StackHeapBarrier|)} #118#return; {3776#(and (not (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_#t~ret43#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:09,817 INFO L290 TraceCheckUtils]: 7: Hoare triple {3776#(and (not (= |ULTIMATE.start_entry_point_#t~ret43#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_#t~ret43#1.base| |#StackHeapBarrier|))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,817 INFO L290 TraceCheckUtils]: 8: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,820 INFO L272 TraceCheckUtils]: 9: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,822 INFO L290 TraceCheckUtils]: 10: Hoare triple {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} ~size := #in~size; {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,824 INFO L290 TraceCheckUtils]: 11: Hoare triple {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,826 INFO L290 TraceCheckUtils]: 12: Hoare triple {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} assume true; {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} is VALID [2022-02-20 23:50:09,827 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3787#(exists ((|v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| |#StackHeapBarrier|) (not (= |v_ULTIMATE.start_entry_point_~c11~0#1.base_BEFORE_CALL_5| (_ bv0 32)))))} {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} #120#return; {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,828 INFO L290 TraceCheckUtils]: 14: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,828 INFO L290 TraceCheckUtils]: 15: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} assume entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32; {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,829 INFO L290 TraceCheckUtils]: 16: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} assume 0bv32 == entry_point_~c11~0#1.offset; {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:09,829 INFO L290 TraceCheckUtils]: 17: Hoare triple {3780#(and (bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 32))))} assume !~bvult32(entry_point_~c11~0#1.base, #StackHeapBarrier); {3752#false} is VALID [2022-02-20 23:50:09,829 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:09,829 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:09,935 INFO L290 TraceCheckUtils]: 17: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~c11~0#1.base, #StackHeapBarrier); {3752#false} is VALID [2022-02-20 23:50:09,935 INFO L290 TraceCheckUtils]: 16: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~c11~0#1.offset; {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,936 INFO L290 TraceCheckUtils]: 15: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} assume entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32; {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,936 INFO L290 TraceCheckUtils]: 14: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,937 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3751#true} {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} #120#return; {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,937 INFO L290 TraceCheckUtils]: 12: Hoare triple {3751#true} assume true; {3751#true} is VALID [2022-02-20 23:50:09,937 INFO L290 TraceCheckUtils]: 11: Hoare triple {3751#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3751#true} is VALID [2022-02-20 23:50:09,937 INFO L290 TraceCheckUtils]: 10: Hoare triple {3751#true} ~size := #in~size; {3751#true} is VALID [2022-02-20 23:50:09,937 INFO L272 TraceCheckUtils]: 9: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {3751#true} is VALID [2022-02-20 23:50:09,937 INFO L290 TraceCheckUtils]: 8: Hoare triple {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,938 INFO L290 TraceCheckUtils]: 7: Hoare triple {3843#(bvult |ULTIMATE.start_entry_point_#t~ret43#1.base| |#StackHeapBarrier|)} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {3812#(bvult |ULTIMATE.start_entry_point_~c11~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,938 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3850#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {3751#true} #118#return; {3843#(bvult |ULTIMATE.start_entry_point_#t~ret43#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,939 INFO L290 TraceCheckUtils]: 5: Hoare triple {3850#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {3850#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,939 INFO L290 TraceCheckUtils]: 4: Hoare triple {3751#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3850#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:09,939 INFO L290 TraceCheckUtils]: 3: Hoare triple {3751#true} ~size := #in~size; {3751#true} is VALID [2022-02-20 23:50:09,939 INFO L272 TraceCheckUtils]: 2: Hoare triple {3751#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {3751#true} is VALID [2022-02-20 23:50:09,939 INFO L290 TraceCheckUtils]: 1: Hoare triple {3751#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {3751#true} is VALID [2022-02-20 23:50:09,939 INFO L290 TraceCheckUtils]: 0: Hoare triple {3751#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3751#true} is VALID [2022-02-20 23:50:09,939 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:09,939 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:09,939 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [268993323] [2022-02-20 23:50:09,940 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [268993323] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:09,940 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:09,940 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:50:09,940 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [95571619] [2022-02-20 23:50:09,940 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:09,940 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 18 [2022-02-20 23:50:09,940 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:09,940 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:09,973 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:09,973 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:50:09,973 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:09,974 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:50:09,974 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:50:09,974 INFO L87 Difference]: Start difference. First operand 127 states and 163 transitions. Second operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,511 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,511 INFO L93 Difference]: Finished difference Result 136 states and 169 transitions. [2022-02-20 23:50:10,511 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:50:10,511 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 18 [2022-02-20 23:50:10,511 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:10,511 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 107 transitions. [2022-02-20 23:50:10,513 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,514 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 107 transitions. [2022-02-20 23:50:10,514 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 107 transitions. [2022-02-20 23:50:10,603 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 107 edges. 107 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:10,605 INFO L225 Difference]: With dead ends: 136 [2022-02-20 23:50:10,605 INFO L226 Difference]: Without dead ends: 134 [2022-02-20 23:50:10,605 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 25 SyntacticMatches, 1 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=74, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:50:10,605 INFO L933 BasicCegarLoop]: 83 mSDtfsCounter, 19 mSDsluCounter, 292 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 375 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 21 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:10,606 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [19 Valid, 375 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 36 Invalid, 0 Unknown, 21 Unchecked, 0.0s Time] [2022-02-20 23:50:10,606 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 134 states. [2022-02-20 23:50:10,609 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 134 to 131. [2022-02-20 23:50:10,609 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:10,610 INFO L82 GeneralOperation]: Start isEquivalent. First operand 134 states. Second operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:10,610 INFO L74 IsIncluded]: Start isIncluded. First operand 134 states. Second operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:10,610 INFO L87 Difference]: Start difference. First operand 134 states. Second operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:10,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,613 INFO L93 Difference]: Finished difference Result 134 states and 167 transitions. [2022-02-20 23:50:10,613 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 167 transitions. [2022-02-20 23:50:10,614 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:10,614 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:10,614 INFO L74 IsIncluded]: Start isIncluded. First operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) Second operand 134 states. [2022-02-20 23:50:10,615 INFO L87 Difference]: Start difference. First operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) Second operand 134 states. [2022-02-20 23:50:10,617 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:10,617 INFO L93 Difference]: Finished difference Result 134 states and 167 transitions. [2022-02-20 23:50:10,617 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 167 transitions. [2022-02-20 23:50:10,618 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:10,618 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:10,618 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:10,618 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:10,618 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 131 states, 91 states have (on average 1.5714285714285714) internal successors, (143), 115 states have internal predecessors, (143), 9 states have call successors, (9), 4 states have call predecessors, (9), 6 states have return successors, (13), 11 states have call predecessors, (13), 9 states have call successors, (13) [2022-02-20 23:50:10,620 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 165 transitions. [2022-02-20 23:50:10,620 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 165 transitions. Word has length 18 [2022-02-20 23:50:10,621 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:10,621 INFO L470 AbstractCegarLoop]: Abstraction has 131 states and 165 transitions. [2022-02-20 23:50:10,621 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:10,621 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 165 transitions. [2022-02-20 23:50:10,621 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-02-20 23:50:10,621 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:10,622 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:10,641 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:10,828 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:10,829 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr24ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:10,829 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:10,829 INFO L85 PathProgramCache]: Analyzing trace with hash 1173731936, now seen corresponding path program 1 times [2022-02-20 23:50:10,829 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:10,830 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1644111095] [2022-02-20 23:50:10,830 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:10,830 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:10,830 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:10,831 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:10,832 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 23:50:10,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:10,880 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:50:10,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:10,889 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:11,107 INFO L290 TraceCheckUtils]: 0: Hoare triple {4402#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4402#true} is VALID [2022-02-20 23:50:11,108 INFO L290 TraceCheckUtils]: 1: Hoare triple {4402#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {4410#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:11,108 INFO L272 TraceCheckUtils]: 2: Hoare triple {4410#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,109 INFO L290 TraceCheckUtils]: 3: Hoare triple {4414#(= |old(#valid)| |#valid|)} ~size := #in~size; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,110 INFO L290 TraceCheckUtils]: 4: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,110 INFO L290 TraceCheckUtils]: 5: Hoare triple {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} assume true; {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,111 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} {4410#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #118#return; {4428#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base|))) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,112 INFO L290 TraceCheckUtils]: 7: Hoare triple {4428#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base|))) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base| v_ArrVal_44) |#valid|)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,113 INFO L290 TraceCheckUtils]: 8: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,114 INFO L272 TraceCheckUtils]: 9: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,114 INFO L290 TraceCheckUtils]: 10: Hoare triple {4414#(= |old(#valid)| |#valid|)} ~size := #in~size; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,114 INFO L290 TraceCheckUtils]: 11: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,115 INFO L290 TraceCheckUtils]: 12: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume true; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:11,116 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4414#(= |old(#valid)| |#valid|)} {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} #120#return; {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,116 INFO L290 TraceCheckUtils]: 14: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,117 INFO L290 TraceCheckUtils]: 15: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} assume entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32; {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,117 INFO L290 TraceCheckUtils]: 16: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} assume 0bv32 == entry_point_~c11~0#1.offset; {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,117 INFO L290 TraceCheckUtils]: 17: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} assume ~bvult32(entry_point_~c11~0#1.base, #StackHeapBarrier); {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:11,118 INFO L290 TraceCheckUtils]: 18: Hoare triple {4432#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)))} assume 0bv32 == entry_point_~c11~0#1.base || 1bv1 == #valid[entry_point_~c11~0#1.base];call ULTIMATE.dealloc(entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset); {4466#(exists ((|ULTIMATE.start_entry_point_~c11~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 1)) |#valid|) (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:11,119 INFO L290 TraceCheckUtils]: 19: Hoare triple {4466#(exists ((|ULTIMATE.start_entry_point_~c11~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 1)) |#valid|) (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1))))} assume { :end_inline_entry_point } true; {4466#(exists ((|ULTIMATE.start_entry_point_~c11~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 1)) |#valid|) (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:11,119 INFO L290 TraceCheckUtils]: 20: Hoare triple {4466#(exists ((|ULTIMATE.start_entry_point_~c11~0#1.base| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| (_ bv0 1)) |#valid|) (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1))))} assume !(#valid == main_old_#valid#1); {4403#false} is VALID [2022-02-20 23:50:11,120 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:11,120 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:15,299 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:15,300 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1644111095] [2022-02-20 23:50:15,300 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1644111095] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:15,300 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1975087365] [2022-02-20 23:50:15,300 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:15,300 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:15,300 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:15,302 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:15,303 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Waiting until timeout for monitored process [2022-02-20 23:50:15,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:15,376 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:50:15,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:15,385 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:15,641 INFO L290 TraceCheckUtils]: 0: Hoare triple {4402#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4521#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} is VALID [2022-02-20 23:50:15,642 INFO L290 TraceCheckUtils]: 1: Hoare triple {4521#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,642 INFO L272 TraceCheckUtils]: 2: Hoare triple {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,643 INFO L290 TraceCheckUtils]: 3: Hoare triple {4414#(= |old(#valid)| |#valid|)} ~size := #in~size; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,644 INFO L290 TraceCheckUtils]: 4: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:15,644 INFO L290 TraceCheckUtils]: 5: Hoare triple {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} assume true; {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} is VALID [2022-02-20 23:50:15,645 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4421#(and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_44) |#valid|)))} {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} #118#return; {4541#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base|))) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,649 INFO L290 TraceCheckUtils]: 7: Hoare triple {4541#(and (= (_ bv0 1) (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base|))) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret43#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,649 INFO L290 TraceCheckUtils]: 8: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,650 INFO L272 TraceCheckUtils]: 9: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,650 INFO L290 TraceCheckUtils]: 10: Hoare triple {4414#(= |old(#valid)| |#valid|)} ~size := #in~size; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,650 INFO L290 TraceCheckUtils]: 11: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,651 INFO L290 TraceCheckUtils]: 12: Hoare triple {4414#(= |old(#valid)| |#valid|)} assume true; {4414#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:15,652 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4414#(= |old(#valid)| |#valid|)} {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} #120#return; {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,652 INFO L290 TraceCheckUtils]: 14: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,653 INFO L290 TraceCheckUtils]: 15: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32; {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,653 INFO L290 TraceCheckUtils]: 16: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~c11~0#1.offset; {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,653 INFO L290 TraceCheckUtils]: 17: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume ~bvult32(entry_point_~c11~0#1.base, #StackHeapBarrier); {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,654 INFO L290 TraceCheckUtils]: 18: Hoare triple {4545#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_44 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~c11~0#1.base| v_ArrVal_44) |#valid|)) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~c11~0#1.base || 1bv1 == #valid[entry_point_~c11~0#1.base];call ULTIMATE.dealloc(entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset); {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,658 INFO L290 TraceCheckUtils]: 19: Hoare triple {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume { :end_inline_entry_point } true; {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:50:15,658 INFO L290 TraceCheckUtils]: 20: Hoare triple {4525#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume !(#valid == main_old_#valid#1); {4403#false} is VALID [2022-02-20 23:50:15,659 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:15,659 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:19,804 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1975087365] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:19,804 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:19,804 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6] total 11 [2022-02-20 23:50:19,805 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1940705543] [2022-02-20 23:50:19,805 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:19,805 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 21 [2022-02-20 23:50:19,805 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:19,806 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:19,837 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:19,837 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:50:19,837 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:19,837 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:50:19,838 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=166, Unknown=2, NotChecked=0, Total=210 [2022-02-20 23:50:19,838 INFO L87 Difference]: Start difference. First operand 131 states and 165 transitions. Second operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,657 INFO L93 Difference]: Finished difference Result 134 states and 167 transitions. [2022-02-20 23:50:20,657 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:50:20,658 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 21 [2022-02-20 23:50:20,658 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:20,658 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,659 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 104 transitions. [2022-02-20 23:50:20,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,660 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 104 transitions. [2022-02-20 23:50:20,660 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 104 transitions. [2022-02-20 23:50:20,747 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 104 edges. 104 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:20,748 INFO L225 Difference]: With dead ends: 134 [2022-02-20 23:50:20,748 INFO L226 Difference]: Without dead ends: 129 [2022-02-20 23:50:20,749 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 72 GetRequests, 52 SyntacticMatches, 5 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 2 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 8.3s TimeCoverageRelationStatistics Valid=50, Invalid=220, Unknown=2, NotChecked=0, Total=272 [2022-02-20 23:50:20,749 INFO L933 BasicCegarLoop]: 84 mSDtfsCounter, 13 mSDsluCounter, 397 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 13 SdHoareTripleChecker+Valid, 481 SdHoareTripleChecker+Invalid, 301 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 203 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:20,749 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [13 Valid, 481 Invalid, 301 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 92 Invalid, 0 Unknown, 203 Unchecked, 0.1s Time] [2022-02-20 23:50:20,750 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2022-02-20 23:50:20,752 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 124. [2022-02-20 23:50:20,752 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:20,752 INFO L82 GeneralOperation]: Start isEquivalent. First operand 129 states. Second operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:50:20,752 INFO L74 IsIncluded]: Start isIncluded. First operand 129 states. Second operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:50:20,752 INFO L87 Difference]: Start difference. First operand 129 states. Second operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:50:20,755 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,755 INFO L93 Difference]: Finished difference Result 129 states and 162 transitions. [2022-02-20 23:50:20,755 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 162 transitions. [2022-02-20 23:50:20,756 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:20,756 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:20,756 INFO L74 IsIncluded]: Start isIncluded. First operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) Second operand 129 states. [2022-02-20 23:50:20,756 INFO L87 Difference]: Start difference. First operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) Second operand 129 states. [2022-02-20 23:50:20,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:20,759 INFO L93 Difference]: Finished difference Result 129 states and 162 transitions. [2022-02-20 23:50:20,760 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 162 transitions. [2022-02-20 23:50:20,760 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:20,760 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:20,760 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:20,760 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:20,761 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 85 states have (on average 1.6) internal successors, (136), 109 states have internal predecessors, (136), 9 states have call successors, (9), 4 states have call predecessors, (9), 5 states have return successors, (12), 10 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:50:20,763 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 157 transitions. [2022-02-20 23:50:20,764 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 157 transitions. Word has length 21 [2022-02-20 23:50:20,764 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:20,764 INFO L470 AbstractCegarLoop]: Abstraction has 124 states and 157 transitions. [2022-02-20 23:50:20,764 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:20,764 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 157 transitions. [2022-02-20 23:50:20,764 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:20,764 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:20,765 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:20,767 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Ended with exit code 0 [2022-02-20 23:50:20,975 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:21,171 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:21,171 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:21,171 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:21,171 INFO L85 PathProgramCache]: Analyzing trace with hash -624729604, now seen corresponding path program 1 times [2022-02-20 23:50:21,172 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:21,172 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1837518256] [2022-02-20 23:50:21,172 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:21,172 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:21,172 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:21,173 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:21,175 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-20 23:50:21,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:21,246 INFO L263 TraceCheckSpWp]: Trace formula consists of 93 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:50:21,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:21,255 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:21,280 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:21,371 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:50:21,372 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:50:21,392 INFO L290 TraceCheckUtils]: 0: Hoare triple {5149#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 1: Hoare triple {5149#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L272 TraceCheckUtils]: 2: Hoare triple {5149#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 3: Hoare triple {5149#true} ~size := #in~size; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 4: Hoare triple {5149#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 5: Hoare triple {5149#true} assume true; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5149#true} {5149#true} #118#return; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 7: Hoare triple {5149#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 8: Hoare triple {5149#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L272 TraceCheckUtils]: 9: Hoare triple {5149#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5149#true} is VALID [2022-02-20 23:50:21,393 INFO L290 TraceCheckUtils]: 10: Hoare triple {5149#true} ~size := #in~size; {5149#true} is VALID [2022-02-20 23:50:21,394 INFO L290 TraceCheckUtils]: 11: Hoare triple {5149#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,395 INFO L290 TraceCheckUtils]: 12: Hoare triple {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,395 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {5149#true} #120#return; {5194#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,396 INFO L290 TraceCheckUtils]: 14: Hoare triple {5194#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,396 INFO L290 TraceCheckUtils]: 15: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,397 INFO L290 TraceCheckUtils]: 16: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,397 INFO L272 TraceCheckUtils]: 17: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {5208#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:21,397 INFO L290 TraceCheckUtils]: 18: Hoare triple {5208#(= |old(#valid)| |#valid|)} ~size := #in~size; {5208#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:21,398 INFO L290 TraceCheckUtils]: 19: Hoare triple {5208#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5215#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:21,399 INFO L290 TraceCheckUtils]: 20: Hoare triple {5215#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {5215#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:21,400 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5215#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} #122#return; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,400 INFO L290 TraceCheckUtils]: 22: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,400 INFO L290 TraceCheckUtils]: 23: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,401 INFO L290 TraceCheckUtils]: 24: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~cfg~1#1.base]); {5150#false} is VALID [2022-02-20 23:50:21,401 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:21,401 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:21,599 INFO L290 TraceCheckUtils]: 24: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~cfg~1#1.base]); {5150#false} is VALID [2022-02-20 23:50:21,600 INFO L290 TraceCheckUtils]: 23: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,600 INFO L290 TraceCheckUtils]: 22: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,601 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} #122#return; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,602 INFO L290 TraceCheckUtils]: 20: Hoare triple {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} assume true; {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:50:21,603 INFO L290 TraceCheckUtils]: 19: Hoare triple {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:50:21,604 INFO L290 TraceCheckUtils]: 18: Hoare triple {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} ~size := #in~size; {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:50:21,604 INFO L272 TraceCheckUtils]: 17: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {5243#(forall ((|v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)) (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~cfg~1#1.base_BEFORE_CALL_2|) (_ bv1 1)))))} is VALID [2022-02-20 23:50:21,605 INFO L290 TraceCheckUtils]: 16: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,605 INFO L290 TraceCheckUtils]: 15: Hoare triple {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,606 INFO L290 TraceCheckUtils]: 14: Hoare triple {5194#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {5198#(= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,606 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {5149#true} #120#return; {5194#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:21,607 INFO L290 TraceCheckUtils]: 12: Hoare triple {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,607 INFO L290 TraceCheckUtils]: 11: Hoare triple {5149#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5187#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:21,607 INFO L290 TraceCheckUtils]: 10: Hoare triple {5149#true} ~size := #in~size; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L272 TraceCheckUtils]: 9: Hoare triple {5149#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 8: Hoare triple {5149#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 7: Hoare triple {5149#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5149#true} {5149#true} #118#return; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 5: Hoare triple {5149#true} assume true; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 4: Hoare triple {5149#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 3: Hoare triple {5149#true} ~size := #in~size; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L272 TraceCheckUtils]: 2: Hoare triple {5149#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 1: Hoare triple {5149#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L290 TraceCheckUtils]: 0: Hoare triple {5149#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5149#true} is VALID [2022-02-20 23:50:21,608 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:21,608 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:21,608 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1837518256] [2022-02-20 23:50:21,608 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1837518256] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:21,608 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:21,609 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 5] total 7 [2022-02-20 23:50:21,609 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [120904077] [2022-02-20 23:50:21,609 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:21,609 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 25 [2022-02-20 23:50:21,609 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:21,610 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:21,639 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:21,639 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:50:21,639 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:21,639 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:50:21,639 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:50:21,640 INFO L87 Difference]: Start difference. First operand 124 states and 157 transitions. Second operand has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,753 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,754 INFO L93 Difference]: Finished difference Result 179 states and 226 transitions. [2022-02-20 23:50:22,754 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:50:22,754 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 25 [2022-02-20 23:50:22,754 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:22,754 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 144 transitions. [2022-02-20 23:50:22,759 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 144 transitions. [2022-02-20 23:50:22,761 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 144 transitions. [2022-02-20 23:50:22,888 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 144 edges. 144 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:22,890 INFO L225 Difference]: With dead ends: 179 [2022-02-20 23:50:22,890 INFO L226 Difference]: Without dead ends: 179 [2022-02-20 23:50:22,891 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 39 SyntacticMatches, 3 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:50:22,891 INFO L933 BasicCegarLoop]: 99 mSDtfsCounter, 52 mSDsluCounter, 375 mSDsCounter, 0 mSdLazyCounter, 218 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 353 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 218 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 126 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:22,891 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [54 Valid, 474 Invalid, 353 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 218 Invalid, 0 Unknown, 126 Unchecked, 0.3s Time] [2022-02-20 23:50:22,892 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2022-02-20 23:50:22,895 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 142. [2022-02-20 23:50:22,895 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:22,896 INFO L82 GeneralOperation]: Start isEquivalent. First operand 179 states. Second operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) [2022-02-20 23:50:22,896 INFO L74 IsIncluded]: Start isIncluded. First operand 179 states. Second operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) [2022-02-20 23:50:22,896 INFO L87 Difference]: Start difference. First operand 179 states. Second operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) [2022-02-20 23:50:22,899 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,899 INFO L93 Difference]: Finished difference Result 179 states and 226 transitions. [2022-02-20 23:50:22,899 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 226 transitions. [2022-02-20 23:50:22,899 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:22,899 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:22,899 INFO L74 IsIncluded]: Start isIncluded. First operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) Second operand 179 states. [2022-02-20 23:50:22,900 INFO L87 Difference]: Start difference. First operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) Second operand 179 states. [2022-02-20 23:50:22,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:22,902 INFO L93 Difference]: Finished difference Result 179 states and 226 transitions. [2022-02-20 23:50:22,902 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 226 transitions. [2022-02-20 23:50:22,902 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:22,902 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:22,902 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:22,902 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:22,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 142 states, 101 states have (on average 1.5841584158415842) internal successors, (160), 124 states have internal predecessors, (160), 10 states have call successors, (10), 4 states have call predecessors, (10), 6 states have return successors, (15), 13 states have call predecessors, (15), 10 states have call successors, (15) [2022-02-20 23:50:22,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 142 states to 142 states and 185 transitions. [2022-02-20 23:50:22,905 INFO L78 Accepts]: Start accepts. Automaton has 142 states and 185 transitions. Word has length 25 [2022-02-20 23:50:22,905 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:22,905 INFO L470 AbstractCegarLoop]: Abstraction has 142 states and 185 transitions. [2022-02-20 23:50:22,905 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.0) internal successors, (21), 7 states have internal predecessors, (21), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:22,905 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 185 transitions. [2022-02-20 23:50:22,905 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:22,905 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:22,905 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:22,925 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:23,121 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:23,121 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:23,121 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:23,122 INFO L85 PathProgramCache]: Analyzing trace with hash -624729603, now seen corresponding path program 1 times [2022-02-20 23:50:23,122 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:23,123 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1711717380] [2022-02-20 23:50:23,123 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:23,123 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:23,123 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:23,124 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:23,125 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-20 23:50:23,178 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:23,180 INFO L263 TraceCheckSpWp]: Trace formula consists of 93 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:50:23,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:23,196 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:23,228 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:27,419 INFO L356 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2022-02-20 23:50:27,419 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 0: Hoare triple {5984#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 1: Hoare triple {5984#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L272 TraceCheckUtils]: 2: Hoare triple {5984#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 3: Hoare triple {5984#true} ~size := #in~size; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 4: Hoare triple {5984#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 5: Hoare triple {5984#true} assume true; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5984#true} {5984#true} #118#return; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 7: Hoare triple {5984#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {5984#true} is VALID [2022-02-20 23:50:27,447 INFO L290 TraceCheckUtils]: 8: Hoare triple {5984#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {5984#true} is VALID [2022-02-20 23:50:27,448 INFO L272 TraceCheckUtils]: 9: Hoare triple {5984#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5984#true} is VALID [2022-02-20 23:50:27,448 INFO L290 TraceCheckUtils]: 10: Hoare triple {5984#true} ~size := #in~size; {6019#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:27,449 INFO L290 TraceCheckUtils]: 11: Hoare triple {6019#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6023#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,450 INFO L290 TraceCheckUtils]: 12: Hoare triple {6023#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6023#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,450 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6023#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {5984#true} #120#return; {6030#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,451 INFO L290 TraceCheckUtils]: 14: Hoare triple {6030#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,451 INFO L290 TraceCheckUtils]: 15: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,452 INFO L290 TraceCheckUtils]: 16: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,452 INFO L272 TraceCheckUtils]: 17: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {6044#(= |#length| |old(#length)|)} is VALID [2022-02-20 23:50:27,453 INFO L290 TraceCheckUtils]: 18: Hoare triple {6044#(= |#length| |old(#length)|)} ~size := #in~size; {6048#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:27,454 INFO L290 TraceCheckUtils]: 19: Hoare triple {6048#(and (= ldv_malloc_~size |ldv_malloc_#in~size|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6052#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:50:27,454 INFO L290 TraceCheckUtils]: 20: Hoare triple {6052#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} assume true; {6052#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} is VALID [2022-02-20 23:50:27,455 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {6052#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| |ldv_malloc_#in~size|) |#length|))} {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} #122#return; {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,456 INFO L290 TraceCheckUtils]: 22: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,456 INFO L290 TraceCheckUtils]: 23: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:27,457 INFO L290 TraceCheckUtils]: 24: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~cfg~1#1.offset), #length[entry_point_~cfg~1#1.base]) && ~bvule32(entry_point_~cfg~1#1.offset, ~bvadd32(4bv32, entry_point_~cfg~1#1.offset))) && ~bvule32(0bv32, entry_point_~cfg~1#1.offset)); {5985#false} is VALID [2022-02-20 23:50:27,457 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 9 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:50:27,457 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:27,692 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:27,693 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1711717380] [2022-02-20 23:50:27,693 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1711717380] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:27,693 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1694776799] [2022-02-20 23:50:27,693 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:27,693 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:27,693 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:27,694 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:27,695 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Waiting until timeout for monitored process [2022-02-20 23:50:27,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:27,790 INFO L263 TraceCheckSpWp]: Trace formula consists of 93 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:50:27,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:27,802 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:27,836 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:27,841 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:34,157 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:34,157 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:34,167 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:34,167 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:34,188 INFO L290 TraceCheckUtils]: 0: Hoare triple {5984#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5984#true} is VALID [2022-02-20 23:50:34,188 INFO L290 TraceCheckUtils]: 1: Hoare triple {5984#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {5984#true} is VALID [2022-02-20 23:50:34,188 INFO L272 TraceCheckUtils]: 2: Hoare triple {5984#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {5984#true} is VALID [2022-02-20 23:50:34,188 INFO L290 TraceCheckUtils]: 3: Hoare triple {5984#true} ~size := #in~size; {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L290 TraceCheckUtils]: 4: Hoare triple {5984#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L290 TraceCheckUtils]: 5: Hoare triple {5984#true} assume true; {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5984#true} {5984#true} #118#return; {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L290 TraceCheckUtils]: 7: Hoare triple {5984#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L290 TraceCheckUtils]: 8: Hoare triple {5984#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L272 TraceCheckUtils]: 9: Hoare triple {5984#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {5984#true} is VALID [2022-02-20 23:50:34,189 INFO L290 TraceCheckUtils]: 10: Hoare triple {5984#true} ~size := #in~size; {6019#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:34,190 INFO L290 TraceCheckUtils]: 11: Hoare triple {6019#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6115#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,191 INFO L290 TraceCheckUtils]: 12: Hoare triple {6115#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6115#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,192 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6115#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {5984#true} #120#return; {6122#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,192 INFO L290 TraceCheckUtils]: 14: Hoare triple {6122#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret44#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,193 INFO L290 TraceCheckUtils]: 15: Hoare triple {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,193 INFO L290 TraceCheckUtils]: 16: Hoare triple {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,194 INFO L272 TraceCheckUtils]: 17: Hoare triple {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {6136#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:34,194 INFO L290 TraceCheckUtils]: 18: Hoare triple {6136#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6136#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:34,195 INFO L290 TraceCheckUtils]: 19: Hoare triple {6136#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6143#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_102 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_102))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:34,196 INFO L290 TraceCheckUtils]: 20: Hoare triple {6143#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_102 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_102))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6143#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_102 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_102))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:34,197 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {6143#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_102 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_102))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6126#(and (= (select |#valid| |ULTIMATE.start_entry_point_~cfg~1#1.base|) (_ bv1 1)) (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} #122#return; {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,198 INFO L290 TraceCheckUtils]: 22: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,198 INFO L290 TraceCheckUtils]: 23: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:34,199 INFO L290 TraceCheckUtils]: 24: Hoare triple {6034#(and (= (_ bv4 32) (select |#length| |ULTIMATE.start_entry_point_~cfg~1#1.base|)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, entry_point_~cfg~1#1.offset), #length[entry_point_~cfg~1#1.base]) && ~bvule32(entry_point_~cfg~1#1.offset, ~bvadd32(4bv32, entry_point_~cfg~1#1.offset))) && ~bvule32(0bv32, entry_point_~cfg~1#1.offset)); {5985#false} is VALID [2022-02-20 23:50:34,199 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:50:34,199 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:36,486 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1694776799] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:36,486 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:36,486 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 13 [2022-02-20 23:50:36,487 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [780756523] [2022-02-20 23:50:36,487 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:36,487 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 25 [2022-02-20 23:50:36,487 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:36,487 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:36,519 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:36,519 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-02-20 23:50:36,520 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:36,520 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-02-20 23:50:36,520 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=43, Invalid=223, Unknown=6, NotChecked=0, Total=272 [2022-02-20 23:50:36,520 INFO L87 Difference]: Start difference. First operand 142 states and 185 transitions. Second operand has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:45,556 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:45,557 INFO L93 Difference]: Finished difference Result 238 states and 306 transitions. [2022-02-20 23:50:45,557 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:50:45,557 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 25 [2022-02-20 23:50:45,557 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:45,557 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:45,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 180 transitions. [2022-02-20 23:50:45,568 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:45,570 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 180 transitions. [2022-02-20 23:50:45,572 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 180 transitions. [2022-02-20 23:50:45,696 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 180 edges. 180 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:45,701 INFO L225 Difference]: With dead ends: 238 [2022-02-20 23:50:45,701 INFO L226 Difference]: Without dead ends: 238 [2022-02-20 23:50:45,702 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 59 GetRequests, 41 SyntacticMatches, 1 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 52 ImplicationChecksByTransitivity, 14.7s TimeCoverageRelationStatistics Valid=56, Invalid=279, Unknown=7, NotChecked=0, Total=342 [2022-02-20 23:50:45,702 INFO L933 BasicCegarLoop]: 91 mSDtfsCounter, 114 mSDsluCounter, 696 mSDsCounter, 0 mSdLazyCounter, 488 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 787 SdHoareTripleChecker+Invalid, 636 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 488 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 130 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:45,703 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [116 Valid, 787 Invalid, 636 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 488 Invalid, 0 Unknown, 130 Unchecked, 0.9s Time] [2022-02-20 23:50:45,704 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 238 states. [2022-02-20 23:50:45,709 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 238 to 196. [2022-02-20 23:50:45,709 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:45,710 INFO L82 GeneralOperation]: Start isEquivalent. First operand 238 states. Second operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) [2022-02-20 23:50:45,710 INFO L74 IsIncluded]: Start isIncluded. First operand 238 states. Second operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) [2022-02-20 23:50:45,711 INFO L87 Difference]: Start difference. First operand 238 states. Second operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) [2022-02-20 23:50:45,715 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:45,715 INFO L93 Difference]: Finished difference Result 238 states and 306 transitions. [2022-02-20 23:50:45,715 INFO L276 IsEmpty]: Start isEmpty. Operand 238 states and 306 transitions. [2022-02-20 23:50:45,716 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:45,717 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:45,717 INFO L74 IsIncluded]: Start isIncluded. First operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) Second operand 238 states. [2022-02-20 23:50:45,717 INFO L87 Difference]: Start difference. First operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) Second operand 238 states. [2022-02-20 23:50:45,722 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:45,722 INFO L93 Difference]: Finished difference Result 238 states and 306 transitions. [2022-02-20 23:50:45,722 INFO L276 IsEmpty]: Start isEmpty. Operand 238 states and 306 transitions. [2022-02-20 23:50:45,727 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:45,728 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:45,728 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:45,728 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:45,728 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 149 states have (on average 1.5838926174496644) internal successors, (236), 172 states have internal predecessors, (236), 16 states have call successors, (16), 4 states have call predecessors, (16), 6 states have return successors, (23), 19 states have call predecessors, (23), 16 states have call successors, (23) [2022-02-20 23:50:45,732 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 275 transitions. [2022-02-20 23:50:45,733 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 275 transitions. Word has length 25 [2022-02-20 23:50:45,733 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:45,733 INFO L470 AbstractCegarLoop]: Abstraction has 196 states and 275 transitions. [2022-02-20 23:50:45,733 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 2.076923076923077) internal successors, (27), 11 states have internal predecessors, (27), 3 states have call successors, (4), 3 states have call predecessors, (4), 5 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-02-20 23:50:45,733 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 275 transitions. [2022-02-20 23:50:45,734 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:50:45,734 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:45,734 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:45,738 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Ended with exit code 0 [2022-02-20 23:50:45,946 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:46,147 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:46,147 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:46,149 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:46,149 INFO L85 PathProgramCache]: Analyzing trace with hash -1130288229, now seen corresponding path program 1 times [2022-02-20 23:50:46,149 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:46,149 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1173298554] [2022-02-20 23:50:46,149 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:46,149 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:46,150 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:46,150 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:46,152 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-20 23:50:46,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:46,205 INFO L263 TraceCheckSpWp]: Trace formula consists of 87 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:46,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:46,212 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:46,320 INFO L290 TraceCheckUtils]: 0: Hoare triple {7086#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L290 TraceCheckUtils]: 1: Hoare triple {7086#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L272 TraceCheckUtils]: 2: Hoare triple {7086#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L290 TraceCheckUtils]: 3: Hoare triple {7086#true} ~size := #in~size; {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L290 TraceCheckUtils]: 4: Hoare triple {7086#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L290 TraceCheckUtils]: 5: Hoare triple {7086#true} assume true; {7086#true} is VALID [2022-02-20 23:50:46,320 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7086#true} {7086#true} #118#return; {7086#true} is VALID [2022-02-20 23:50:46,321 INFO L290 TraceCheckUtils]: 7: Hoare triple {7086#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {7086#true} is VALID [2022-02-20 23:50:46,321 INFO L290 TraceCheckUtils]: 8: Hoare triple {7086#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {7086#true} is VALID [2022-02-20 23:50:46,321 INFO L272 TraceCheckUtils]: 9: Hoare triple {7086#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {7086#true} is VALID [2022-02-20 23:50:46,321 INFO L290 TraceCheckUtils]: 10: Hoare triple {7086#true} ~size := #in~size; {7086#true} is VALID [2022-02-20 23:50:46,322 INFO L290 TraceCheckUtils]: 11: Hoare triple {7086#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {7124#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:46,323 INFO L290 TraceCheckUtils]: 12: Hoare triple {7124#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {7124#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:46,323 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {7124#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {7086#true} #120#return; {7131#(and (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 14: Hoare triple {7131#(and (= |ULTIMATE.start_entry_point_#t~ret44#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret44#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {7135#(and (= |ULTIMATE.start_entry_point_~cfg~1#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 15: Hoare triple {7135#(and (= |ULTIMATE.start_entry_point_~cfg~1#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~cfg~1#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 16: Hoare triple {7087#false} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L272 TraceCheckUtils]: 17: Hoare triple {7087#false} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 18: Hoare triple {7087#false} ~size := #in~size; {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 19: Hoare triple {7087#false} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 20: Hoare triple {7087#false} assume true; {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {7087#false} {7087#false} #122#return; {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 22: Hoare triple {7087#false} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {7087#false} is VALID [2022-02-20 23:50:46,324 INFO L290 TraceCheckUtils]: 23: Hoare triple {7087#false} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {7087#false} is VALID [2022-02-20 23:50:46,325 INFO L290 TraceCheckUtils]: 24: Hoare triple {7087#false} assume !(1bv1 == #valid[entry_point_~cfg~1#1.base]); {7087#false} is VALID [2022-02-20 23:50:46,325 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:46,325 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:46,325 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:46,325 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1173298554] [2022-02-20 23:50:46,325 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1173298554] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:46,325 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:46,325 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:46,325 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1911650408] [2022-02-20 23:50:46,325 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:46,325 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 25 [2022-02-20 23:50:46,327 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:46,327 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:46,346 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:46,346 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:46,346 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:46,347 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:46,347 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:46,347 INFO L87 Difference]: Start difference. First operand 196 states and 275 transitions. Second operand has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:46,734 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:46,734 INFO L93 Difference]: Finished difference Result 153 states and 198 transitions. [2022-02-20 23:50:46,735 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:46,735 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 25 [2022-02-20 23:50:46,735 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:46,735 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:46,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 92 transitions. [2022-02-20 23:50:46,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:46,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 92 transitions. [2022-02-20 23:50:46,736 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 92 transitions. [2022-02-20 23:50:46,804 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 92 edges. 92 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:46,806 INFO L225 Difference]: With dead ends: 153 [2022-02-20 23:50:46,806 INFO L226 Difference]: Without dead ends: 149 [2022-02-20 23:50:46,806 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:46,807 INFO L933 BasicCegarLoop]: 90 mSDtfsCounter, 0 mSDsluCounter, 253 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 343 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:46,807 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 343 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:50:46,807 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2022-02-20 23:50:46,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 149. [2022-02-20 23:50:46,810 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:46,810 INFO L82 GeneralOperation]: Start isEquivalent. First operand 149 states. Second operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:46,810 INFO L74 IsIncluded]: Start isIncluded. First operand 149 states. Second operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:46,810 INFO L87 Difference]: Start difference. First operand 149 states. Second operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:46,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:46,813 INFO L93 Difference]: Finished difference Result 149 states and 194 transitions. [2022-02-20 23:50:46,813 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 194 transitions. [2022-02-20 23:50:46,813 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:46,813 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:46,813 INFO L74 IsIncluded]: Start isIncluded. First operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 149 states. [2022-02-20 23:50:46,813 INFO L87 Difference]: Start difference. First operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 149 states. [2022-02-20 23:50:46,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:46,815 INFO L93 Difference]: Finished difference Result 149 states and 194 transitions. [2022-02-20 23:50:46,815 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 194 transitions. [2022-02-20 23:50:46,816 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:46,816 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:46,816 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:46,816 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:46,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 110 states have (on average 1.5363636363636364) internal successors, (169), 131 states have internal predecessors, (169), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:46,818 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 194 transitions. [2022-02-20 23:50:46,818 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 194 transitions. Word has length 25 [2022-02-20 23:50:46,818 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:46,818 INFO L470 AbstractCegarLoop]: Abstraction has 149 states and 194 transitions. [2022-02-20 23:50:46,820 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:46,820 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 194 transitions. [2022-02-20 23:50:46,822 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 23:50:46,822 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:46,823 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:46,832 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:47,030 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:47,030 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr19ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:47,031 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:47,031 INFO L85 PathProgramCache]: Analyzing trace with hash 2108218693, now seen corresponding path program 1 times [2022-02-20 23:50:47,031 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:47,031 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1393030567] [2022-02-20 23:50:47,031 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:47,031 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:47,032 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:47,034 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:47,035 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-02-20 23:50:47,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:47,105 INFO L263 TraceCheckSpWp]: Trace formula consists of 95 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:50:47,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:47,113 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:47,164 INFO L290 TraceCheckUtils]: 0: Hoare triple {7765#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7765#true} is VALID [2022-02-20 23:50:47,164 INFO L290 TraceCheckUtils]: 1: Hoare triple {7765#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L272 TraceCheckUtils]: 2: Hoare triple {7765#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L290 TraceCheckUtils]: 3: Hoare triple {7765#true} ~size := #in~size; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L290 TraceCheckUtils]: 4: Hoare triple {7765#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L290 TraceCheckUtils]: 5: Hoare triple {7765#true} assume true; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7765#true} {7765#true} #118#return; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L290 TraceCheckUtils]: 7: Hoare triple {7765#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L290 TraceCheckUtils]: 8: Hoare triple {7765#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {7765#true} is VALID [2022-02-20 23:50:47,165 INFO L272 TraceCheckUtils]: 9: Hoare triple {7765#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 10: Hoare triple {7765#true} ~size := #in~size; {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 11: Hoare triple {7765#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 12: Hoare triple {7765#true} assume true; {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {7765#true} {7765#true} #120#return; {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 14: Hoare triple {7765#true} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 15: Hoare triple {7765#true} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 16: Hoare triple {7765#true} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L272 TraceCheckUtils]: 17: Hoare triple {7765#true} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {7765#true} is VALID [2022-02-20 23:50:47,166 INFO L290 TraceCheckUtils]: 18: Hoare triple {7765#true} ~size := #in~size; {7765#true} is VALID [2022-02-20 23:50:47,167 INFO L290 TraceCheckUtils]: 19: Hoare triple {7765#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7827#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:47,167 INFO L290 TraceCheckUtils]: 20: Hoare triple {7827#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {7827#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:47,168 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {7827#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {7765#true} #122#return; {7834#(not (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:47,168 INFO L290 TraceCheckUtils]: 22: Hoare triple {7834#(not (= |ULTIMATE.start_entry_point_#t~ret45#1.base| (_ bv0 32)))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {7838#(not (= |ULTIMATE.start_entry_point_~fe~1#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:47,169 INFO L290 TraceCheckUtils]: 23: Hoare triple {7838#(not (= |ULTIMATE.start_entry_point_~fe~1#1.base| (_ bv0 32)))} assume entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32; {7766#false} is VALID [2022-02-20 23:50:47,169 INFO L290 TraceCheckUtils]: 24: Hoare triple {7766#false} assume 0bv32 == entry_point_~cfg~1#1.offset; {7766#false} is VALID [2022-02-20 23:50:47,169 INFO L290 TraceCheckUtils]: 25: Hoare triple {7766#false} assume !~bvult32(entry_point_~cfg~1#1.base, #StackHeapBarrier); {7766#false} is VALID [2022-02-20 23:50:47,169 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:50:47,169 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:47,169 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:47,169 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1393030567] [2022-02-20 23:50:47,170 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1393030567] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:47,170 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:47,170 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:47,170 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1566908856] [2022-02-20 23:50:47,170 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:47,170 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 26 [2022-02-20 23:50:47,171 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:47,171 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:50:47,188 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:47,189 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:47,189 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:47,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:47,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:47,190 INFO L87 Difference]: Start difference. First operand 149 states and 194 transitions. Second operand has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:50:47,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:47,613 INFO L93 Difference]: Finished difference Result 194 states and 237 transitions. [2022-02-20 23:50:47,613 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:47,614 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 26 [2022-02-20 23:50:47,614 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:47,614 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:50:47,615 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 153 transitions. [2022-02-20 23:50:47,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:50:47,616 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 153 transitions. [2022-02-20 23:50:47,616 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 153 transitions. [2022-02-20 23:50:47,729 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 153 edges. 153 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:47,732 INFO L225 Difference]: With dead ends: 194 [2022-02-20 23:50:47,732 INFO L226 Difference]: Without dead ends: 194 [2022-02-20 23:50:47,732 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:47,732 INFO L933 BasicCegarLoop]: 119 mSDtfsCounter, 54 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 431 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:47,732 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [58 Valid, 431 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:50:47,733 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2022-02-20 23:50:47,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 146. [2022-02-20 23:50:47,735 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:47,735 INFO L82 GeneralOperation]: Start isEquivalent. First operand 194 states. Second operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:47,735 INFO L74 IsIncluded]: Start isIncluded. First operand 194 states. Second operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:47,735 INFO L87 Difference]: Start difference. First operand 194 states. Second operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:47,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:47,738 INFO L93 Difference]: Finished difference Result 194 states and 237 transitions. [2022-02-20 23:50:47,738 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 237 transitions. [2022-02-20 23:50:47,739 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:47,739 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:47,739 INFO L74 IsIncluded]: Start isIncluded. First operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 194 states. [2022-02-20 23:50:47,739 INFO L87 Difference]: Start difference. First operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 194 states. [2022-02-20 23:50:47,743 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:47,743 INFO L93 Difference]: Finished difference Result 194 states and 237 transitions. [2022-02-20 23:50:47,744 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 237 transitions. [2022-02-20 23:50:47,744 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:47,744 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:47,744 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:47,744 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:47,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 128 states have internal predecessors, (164), 11 states have call successors, (11), 4 states have call predecessors, (11), 5 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:47,747 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 189 transitions. [2022-02-20 23:50:47,749 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 189 transitions. Word has length 26 [2022-02-20 23:50:47,749 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:47,749 INFO L470 AbstractCegarLoop]: Abstraction has 146 states and 189 transitions. [2022-02-20 23:50:47,749 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:50:47,749 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 189 transitions. [2022-02-20 23:50:47,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 23:50:47,749 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:47,750 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:47,758 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Ended with exit code 0 [2022-02-20 23:50:47,956 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:47,956 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr19ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:47,957 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:47,957 INFO L85 PathProgramCache]: Analyzing trace with hash -1299244922, now seen corresponding path program 1 times [2022-02-20 23:50:47,957 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:47,957 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1708224803] [2022-02-20 23:50:47,957 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:47,957 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:47,957 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:47,959 INFO L229 MonitoredProcess]: Starting monitored process 17 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:47,960 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-02-20 23:50:48,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:48,027 INFO L263 TraceCheckSpWp]: Trace formula consists of 89 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:48,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:48,036 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:48,611 INFO L290 TraceCheckUtils]: 0: Hoare triple {8575#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,611 INFO L290 TraceCheckUtils]: 1: Hoare triple {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,612 INFO L272 TraceCheckUtils]: 2: Hoare triple {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,612 INFO L290 TraceCheckUtils]: 3: Hoare triple {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,615 INFO L290 TraceCheckUtils]: 4: Hoare triple {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,618 INFO L290 TraceCheckUtils]: 5: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,619 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {8580#(bvult (_ bv0 32) |#StackHeapBarrier|)} #118#return; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,623 INFO L290 TraceCheckUtils]: 7: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,626 INFO L290 TraceCheckUtils]: 8: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,627 INFO L272 TraceCheckUtils]: 9: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,630 INFO L290 TraceCheckUtils]: 10: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size := #in~size; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,634 INFO L290 TraceCheckUtils]: 11: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8615#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,637 INFO L290 TraceCheckUtils]: 12: Hoare triple {8615#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume true; {8615#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,638 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {8615#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} #120#return; {8622#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:48,642 INFO L290 TraceCheckUtils]: 14: Hoare triple {8622#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,646 INFO L290 TraceCheckUtils]: 15: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,652 INFO L290 TraceCheckUtils]: 16: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,653 INFO L272 TraceCheckUtils]: 17: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,656 INFO L290 TraceCheckUtils]: 18: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size := #in~size; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,659 INFO L290 TraceCheckUtils]: 19: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,662 INFO L290 TraceCheckUtils]: 20: Hoare triple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:50:48,662 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {8593#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} #122#return; {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,666 INFO L290 TraceCheckUtils]: 22: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,688 INFO L290 TraceCheckUtils]: 23: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32; {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,691 INFO L290 TraceCheckUtils]: 24: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume 0bv32 == entry_point_~cfg~1#1.offset; {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:50:48,692 INFO L290 TraceCheckUtils]: 25: Hoare triple {8626#(and (bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !~bvult32(entry_point_~cfg~1#1.base, #StackHeapBarrier); {8576#false} is VALID [2022-02-20 23:50:48,692 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:50:48,692 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:48,868 INFO L290 TraceCheckUtils]: 25: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~cfg~1#1.base, #StackHeapBarrier); {8576#false} is VALID [2022-02-20 23:50:48,869 INFO L290 TraceCheckUtils]: 24: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~cfg~1#1.offset; {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,869 INFO L290 TraceCheckUtils]: 23: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} assume entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32; {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,870 INFO L290 TraceCheckUtils]: 22: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,870 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {8575#true} {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} #122#return; {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,870 INFO L290 TraceCheckUtils]: 20: Hoare triple {8575#true} assume true; {8575#true} is VALID [2022-02-20 23:50:48,870 INFO L290 TraceCheckUtils]: 19: Hoare triple {8575#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {8575#true} is VALID [2022-02-20 23:50:48,871 INFO L290 TraceCheckUtils]: 18: Hoare triple {8575#true} ~size := #in~size; {8575#true} is VALID [2022-02-20 23:50:48,871 INFO L272 TraceCheckUtils]: 17: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {8575#true} is VALID [2022-02-20 23:50:48,871 INFO L290 TraceCheckUtils]: 16: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,871 INFO L290 TraceCheckUtils]: 15: Hoare triple {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,872 INFO L290 TraceCheckUtils]: 14: Hoare triple {8694#(bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|)} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {8660#(bvult |ULTIMATE.start_entry_point_~cfg~1#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,872 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {8701#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {8575#true} #120#return; {8694#(bvult |ULTIMATE.start_entry_point_#t~ret44#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 12: Hoare triple {8701#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {8701#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 11: Hoare triple {8575#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8701#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 10: Hoare triple {8575#true} ~size := #in~size; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L272 TraceCheckUtils]: 9: Hoare triple {8575#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 8: Hoare triple {8575#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 7: Hoare triple {8575#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8575#true} {8575#true} #118#return; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 5: Hoare triple {8575#true} assume true; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 4: Hoare triple {8575#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 3: Hoare triple {8575#true} ~size := #in~size; {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L272 TraceCheckUtils]: 2: Hoare triple {8575#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {8575#true} is VALID [2022-02-20 23:50:48,873 INFO L290 TraceCheckUtils]: 1: Hoare triple {8575#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {8575#true} is VALID [2022-02-20 23:50:48,874 INFO L290 TraceCheckUtils]: 0: Hoare triple {8575#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8575#true} is VALID [2022-02-20 23:50:48,874 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:50:48,874 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:48,874 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1708224803] [2022-02-20 23:50:48,874 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1708224803] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:48,874 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:48,874 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:50:48,874 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [115220667] [2022-02-20 23:50:48,874 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:48,875 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Word has length 26 [2022-02-20 23:50:48,875 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:48,875 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:48,959 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 47 edges. 47 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:48,959 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:50:48,960 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:48,960 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:50:48,960 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:50:48,960 INFO L87 Difference]: Start difference. First operand 146 states and 189 transitions. Second operand has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:49,793 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:49,793 INFO L93 Difference]: Finished difference Result 173 states and 209 transitions. [2022-02-20 23:50:49,793 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:50:49,793 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Word has length 26 [2022-02-20 23:50:49,793 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:49,793 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:49,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 135 transitions. [2022-02-20 23:50:49,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:49,796 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 135 transitions. [2022-02-20 23:50:49,796 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 135 transitions. [2022-02-20 23:50:49,972 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 135 edges. 135 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:49,974 INFO L225 Difference]: With dead ends: 173 [2022-02-20 23:50:49,974 INFO L226 Difference]: Without dead ends: 173 [2022-02-20 23:50:49,974 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 51 GetRequests, 42 SyntacticMatches, 1 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:50:49,974 INFO L933 BasicCegarLoop]: 78 mSDtfsCounter, 58 mSDsluCounter, 341 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 151 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 91 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:49,975 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [60 Valid, 419 Invalid, 151 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 55 Invalid, 0 Unknown, 91 Unchecked, 0.1s Time] [2022-02-20 23:50:49,975 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 173 states. [2022-02-20 23:50:49,977 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 173 to 157. [2022-02-20 23:50:49,977 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:49,978 INFO L82 GeneralOperation]: Start isEquivalent. First operand 173 states. Second operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:49,978 INFO L74 IsIncluded]: Start isIncluded. First operand 173 states. Second operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:49,978 INFO L87 Difference]: Start difference. First operand 173 states. Second operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:49,980 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:49,980 INFO L93 Difference]: Finished difference Result 173 states and 209 transitions. [2022-02-20 23:50:49,980 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 209 transitions. [2022-02-20 23:50:49,981 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:49,981 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:49,981 INFO L74 IsIncluded]: Start isIncluded. First operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 173 states. [2022-02-20 23:50:49,983 INFO L87 Difference]: Start difference. First operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 173 states. [2022-02-20 23:50:49,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:49,986 INFO L93 Difference]: Finished difference Result 173 states and 209 transitions. [2022-02-20 23:50:49,986 INFO L276 IsEmpty]: Start isEmpty. Operand 173 states and 209 transitions. [2022-02-20 23:50:49,986 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:49,986 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:49,986 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:49,986 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:49,987 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 115 states have (on average 1.5130434782608695) internal successors, (174), 137 states have internal predecessors, (174), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:49,990 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 199 transitions. [2022-02-20 23:50:49,990 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 199 transitions. Word has length 26 [2022-02-20 23:50:49,991 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:49,991 INFO L470 AbstractCegarLoop]: Abstraction has 157 states and 199 transitions. [2022-02-20 23:50:49,991 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 3.888888888888889) internal successors, (35), 8 states have internal predecessors, (35), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:50:49,991 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 199 transitions. [2022-02-20 23:50:49,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:50:49,991 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:49,991 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:50,006 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:50,200 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:50,200 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr4REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:50,201 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:50,201 INFO L85 PathProgramCache]: Analyzing trace with hash 930272189, now seen corresponding path program 1 times [2022-02-20 23:50:50,201 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:50,201 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [878721057] [2022-02-20 23:50:50,201 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:50,201 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:50,201 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:50,202 INFO L229 MonitoredProcess]: Starting monitored process 18 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:50,204 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Waiting until timeout for monitored process [2022-02-20 23:50:50,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:50,278 INFO L263 TraceCheckSpWp]: Trace formula consists of 110 conjuncts, 10 conjunts are in the unsatisfiable core [2022-02-20 23:50:50,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:50,286 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:50,368 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:50:50,368 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:50:50,394 INFO L290 TraceCheckUtils]: 0: Hoare triple {9414#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 1: Hoare triple {9414#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L272 TraceCheckUtils]: 2: Hoare triple {9414#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 3: Hoare triple {9414#true} ~size := #in~size; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 4: Hoare triple {9414#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 5: Hoare triple {9414#true} assume true; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {9414#true} {9414#true} #118#return; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 7: Hoare triple {9414#true} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {9414#true} is VALID [2022-02-20 23:50:50,395 INFO L290 TraceCheckUtils]: 8: Hoare triple {9414#true} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L272 TraceCheckUtils]: 9: Hoare triple {9414#true} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L290 TraceCheckUtils]: 10: Hoare triple {9414#true} ~size := #in~size; {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L290 TraceCheckUtils]: 11: Hoare triple {9414#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L290 TraceCheckUtils]: 12: Hoare triple {9414#true} assume true; {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {9414#true} {9414#true} #120#return; {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L290 TraceCheckUtils]: 14: Hoare triple {9414#true} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {9414#true} is VALID [2022-02-20 23:50:50,396 INFO L290 TraceCheckUtils]: 15: Hoare triple {9414#true} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {9414#true} is VALID [2022-02-20 23:50:50,397 INFO L290 TraceCheckUtils]: 16: Hoare triple {9414#true} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,397 INFO L272 TraceCheckUtils]: 17: Hoare triple {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {9471#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:50,397 INFO L290 TraceCheckUtils]: 18: Hoare triple {9471#(= |old(#valid)| |#valid|)} ~size := #in~size; {9471#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:50,398 INFO L290 TraceCheckUtils]: 19: Hoare triple {9471#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9478#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:50,399 INFO L290 TraceCheckUtils]: 20: Hoare triple {9478#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {9478#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:50:50,399 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {9478#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} #122#return; {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,400 INFO L290 TraceCheckUtils]: 22: Hoare triple {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,400 INFO L290 TraceCheckUtils]: 23: Hoare triple {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,400 INFO L290 TraceCheckUtils]: 24: Hoare triple {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, 4bv32); srcloc: L811 {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,401 INFO L290 TraceCheckUtils]: 25: Hoare triple {9467#(= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1))} assume { :begin_inline_alloc_11 } true;alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset := entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset;havoc alloc_11_#res#1;havoc alloc_11_#t~mem39#1.base, alloc_11_#t~mem39#1.offset, alloc_11_#t~mem40#1.base, alloc_11_#t~mem40#1.offset, alloc_11_#t~ret41#1.base, alloc_11_#t~ret41#1.offset, alloc_11_~client#1.base, alloc_11_~client#1.offset, alloc_11_~cfg~0#1.base, alloc_11_~cfg~0#1.offset, alloc_11_~fe~0#1.base, alloc_11_~fe~0#1.offset, alloc_11_~priv~0#1.base, alloc_11_~priv~0#1.offset;alloc_11_~client#1.base, alloc_11_~client#1.offset := alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset; {9497#(= (select |#valid| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:50,401 INFO L290 TraceCheckUtils]: 26: Hoare triple {9497#(= (select |#valid| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[alloc_11_~client#1.base]); {9415#false} is VALID [2022-02-20 23:50:50,401 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:50:50,401 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:50,401 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:50,401 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [878721057] [2022-02-20 23:50:50,402 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [878721057] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:50,402 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:50,402 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:50,402 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1457826255] [2022-02-20 23:50:50,402 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:50,402 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 27 [2022-02-20 23:50:50,402 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:50,403 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:50,417 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:50,417 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:50:50,417 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:50,418 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:50:50,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:50:50,418 INFO L87 Difference]: Start difference. First operand 157 states and 199 transitions. Second operand has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:51,108 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:51,108 INFO L93 Difference]: Finished difference Result 174 states and 211 transitions. [2022-02-20 23:50:51,108 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:50:51,109 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 27 [2022-02-20 23:50:51,109 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:51,109 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:51,110 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 126 transitions. [2022-02-20 23:50:51,110 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:51,112 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 126 transitions. [2022-02-20 23:50:51,112 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 126 transitions. [2022-02-20 23:50:51,224 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 126 edges. 126 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:51,226 INFO L225 Difference]: With dead ends: 174 [2022-02-20 23:50:51,226 INFO L226 Difference]: Without dead ends: 174 [2022-02-20 23:50:51,226 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 21 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:50:51,226 INFO L933 BasicCegarLoop]: 96 mSDtfsCounter, 82 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 202 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 61 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:51,226 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [82 Valid, 306 Invalid, 202 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 129 Invalid, 0 Unknown, 61 Unchecked, 0.1s Time] [2022-02-20 23:50:51,227 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2022-02-20 23:50:51,229 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 156. [2022-02-20 23:50:51,229 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:51,229 INFO L82 GeneralOperation]: Start isEquivalent. First operand 174 states. Second operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:51,229 INFO L74 IsIncluded]: Start isIncluded. First operand 174 states. Second operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:51,230 INFO L87 Difference]: Start difference. First operand 174 states. Second operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:51,232 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:51,233 INFO L93 Difference]: Finished difference Result 174 states and 211 transitions. [2022-02-20 23:50:51,233 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 211 transitions. [2022-02-20 23:50:51,233 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:51,234 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:51,234 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 174 states. [2022-02-20 23:50:51,234 INFO L87 Difference]: Start difference. First operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) Second operand 174 states. [2022-02-20 23:50:51,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:51,238 INFO L93 Difference]: Finished difference Result 174 states and 211 transitions. [2022-02-20 23:50:51,238 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 211 transitions. [2022-02-20 23:50:51,239 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:51,240 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:51,240 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:51,240 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:51,240 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 115 states have (on average 1.4956521739130435) internal successors, (172), 136 states have internal predecessors, (172), 11 states have call successors, (11), 6 states have call predecessors, (11), 8 states have return successors, (14), 13 states have call predecessors, (14), 11 states have call successors, (14) [2022-02-20 23:50:51,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 197 transitions. [2022-02-20 23:50:51,242 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 197 transitions. Word has length 27 [2022-02-20 23:50:51,242 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:51,242 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 197 transitions. [2022-02-20 23:50:51,243 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.6) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:51,243 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 197 transitions. [2022-02-20 23:50:51,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:50:51,243 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:51,243 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:51,263 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:51,451 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 18 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:51,452 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr5REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 23 more)] === [2022-02-20 23:50:51,452 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:51,452 INFO L85 PathProgramCache]: Analyzing trace with hash 930272190, now seen corresponding path program 1 times [2022-02-20 23:50:51,452 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:51,452 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1543154696] [2022-02-20 23:50:51,452 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:51,453 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:51,453 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:51,454 INFO L229 MonitoredProcess]: Starting monitored process 19 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:51,455 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-02-20 23:50:51,522 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:51,525 INFO L263 TraceCheckSpWp]: Trace formula consists of 110 conjuncts, 29 conjunts are in the unsatisfiable core [2022-02-20 23:50:51,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:51,533 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:51,547 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:51,550 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:53,751 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:53,752 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:53,762 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:53,762 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:55,925 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:55,927 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:55,943 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:55,943 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:56,033 INFO L290 TraceCheckUtils]: 0: Hoare triple {10180#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10180#true} is VALID [2022-02-20 23:50:56,033 INFO L290 TraceCheckUtils]: 1: Hoare triple {10180#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {10180#true} is VALID [2022-02-20 23:50:56,033 INFO L272 TraceCheckUtils]: 2: Hoare triple {10180#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {10180#true} is VALID [2022-02-20 23:50:56,033 INFO L290 TraceCheckUtils]: 3: Hoare triple {10180#true} ~size := #in~size; {10194#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:56,034 INFO L290 TraceCheckUtils]: 4: Hoare triple {10194#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,035 INFO L290 TraceCheckUtils]: 5: Hoare triple {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,036 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {10180#true} #118#return; {10205#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:50:56,036 INFO L290 TraceCheckUtils]: 7: Hoare triple {10205#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,036 INFO L290 TraceCheckUtils]: 8: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,037 INFO L272 TraceCheckUtils]: 9: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:56,038 INFO L290 TraceCheckUtils]: 10: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:56,039 INFO L290 TraceCheckUtils]: 11: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:56,039 INFO L290 TraceCheckUtils]: 12: Hoare triple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:56,041 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #120#return; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,041 INFO L290 TraceCheckUtils]: 14: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,042 INFO L290 TraceCheckUtils]: 15: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,042 INFO L290 TraceCheckUtils]: 16: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,043 INFO L272 TraceCheckUtils]: 17: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:56,043 INFO L290 TraceCheckUtils]: 18: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:56,044 INFO L290 TraceCheckUtils]: 19: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:56,045 INFO L290 TraceCheckUtils]: 20: Hoare triple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:56,046 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #122#return; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,047 INFO L290 TraceCheckUtils]: 22: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,047 INFO L290 TraceCheckUtils]: 23: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,047 INFO L290 TraceCheckUtils]: 24: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, 4bv32); srcloc: L811 {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,048 INFO L290 TraceCheckUtils]: 25: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume { :begin_inline_alloc_11 } true;alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset := entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset;havoc alloc_11_#res#1;havoc alloc_11_#t~mem39#1.base, alloc_11_#t~mem39#1.offset, alloc_11_#t~mem40#1.base, alloc_11_#t~mem40#1.offset, alloc_11_#t~ret41#1.base, alloc_11_#t~ret41#1.offset, alloc_11_~client#1.base, alloc_11_~client#1.offset, alloc_11_~cfg~0#1.base, alloc_11_~cfg~0#1.offset, alloc_11_~fe~0#1.base, alloc_11_~fe~0#1.offset, alloc_11_~priv~0#1.base, alloc_11_~priv~0#1.offset;alloc_11_~client#1.base, alloc_11_~client#1.offset := alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset; {10267#(and (= (select |#length| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv20 32)) (= |ULTIMATE.start_alloc_11_~client#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:56,048 INFO L290 TraceCheckUtils]: 26: Hoare triple {10267#(and (= (select |#length| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv20 32)) (= |ULTIMATE.start_alloc_11_~client#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, alloc_11_~client#1.offset), #length[alloc_11_~client#1.base]) && ~bvule32(alloc_11_~client#1.offset, ~bvadd32(4bv32, alloc_11_~client#1.offset))) && ~bvule32(0bv32, alloc_11_~client#1.offset)); {10181#false} is VALID [2022-02-20 23:50:56,048 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 6 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:50:56,049 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:56,463 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:56,463 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1543154696] [2022-02-20 23:50:56,464 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1543154696] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:56,464 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1622663668] [2022-02-20 23:50:56,464 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:56,464 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:56,464 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:50:56,465 INFO L229 MonitoredProcess]: Starting monitored process 20 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:50:56,475 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (20)] Waiting until timeout for monitored process [2022-02-20 23:50:56,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:56,588 INFO L263 TraceCheckSpWp]: Trace formula consists of 110 conjuncts, 31 conjunts are in the unsatisfiable core [2022-02-20 23:50:56,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:56,599 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:56,620 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:56,627 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:56,810 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:56,810 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:56,818 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:58,972 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:50:58,973 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:50:58,981 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:50:58,981 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:50:59,028 INFO L290 TraceCheckUtils]: 0: Hoare triple {10180#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10180#true} is VALID [2022-02-20 23:50:59,028 INFO L290 TraceCheckUtils]: 1: Hoare triple {10180#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset, entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset, entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset, entry_point_#t~ret46#1, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset; {10180#true} is VALID [2022-02-20 23:50:59,028 INFO L272 TraceCheckUtils]: 2: Hoare triple {10180#true} call entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset := ldv_malloc(20bv32); {10180#true} is VALID [2022-02-20 23:50:59,029 INFO L290 TraceCheckUtils]: 3: Hoare triple {10180#true} ~size := #in~size; {10194#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:50:59,030 INFO L290 TraceCheckUtils]: 4: Hoare triple {10194#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,030 INFO L290 TraceCheckUtils]: 5: Hoare triple {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,031 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10198#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {10180#true} #118#return; {10205#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:50:59,032 INFO L290 TraceCheckUtils]: 7: Hoare triple {10205#(and (= (_ bv0 32) |ULTIMATE.start_entry_point_#t~ret43#1.offset|) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv20 32)) (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret43#1.base|) (_ bv1 1)))} entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset := entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset;havoc entry_point_#t~ret43#1.base, entry_point_#t~ret43#1.offset; {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,032 INFO L290 TraceCheckUtils]: 8: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~c11~0#1.base == 0bv32 && entry_point_~c11~0#1.offset == 0bv32); {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,033 INFO L272 TraceCheckUtils]: 9: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset := ldv_malloc(4bv32); {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:59,033 INFO L290 TraceCheckUtils]: 10: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:59,034 INFO L290 TraceCheckUtils]: 11: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10325#(and (exists ((v_ArrVal_202 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_202))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:59,035 INFO L290 TraceCheckUtils]: 12: Hoare triple {10325#(and (exists ((v_ArrVal_202 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_202))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {10325#(and (exists ((v_ArrVal_202 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_202))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:50:59,036 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {10325#(and (exists ((v_ArrVal_202 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_202))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #120#return; {10332#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,037 INFO L290 TraceCheckUtils]: 14: Hoare triple {10332#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (not (= |ULTIMATE.start_entry_point_~c11~0#1.base| |ULTIMATE.start_entry_point_#t~ret44#1.base|)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset := entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset;havoc entry_point_#t~ret44#1.base, entry_point_#t~ret44#1.offset; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,037 INFO L290 TraceCheckUtils]: 15: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~cfg~1#1.base == 0bv32 && entry_point_~cfg~1#1.offset == 0bv32); {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,038 INFO L290 TraceCheckUtils]: 16: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset, 4bv32); srcloc: L807 {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,038 INFO L272 TraceCheckUtils]: 17: Hoare triple {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} call entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset := ldv_malloc(4bv32); {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:59,039 INFO L290 TraceCheckUtils]: 18: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:50:59,040 INFO L290 TraceCheckUtils]: 19: Hoare triple {10216#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:59,041 INFO L290 TraceCheckUtils]: 20: Hoare triple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:50:59,042 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {10223#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_177 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_177) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {10209#(and (= (select |#valid| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} #122#return; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,043 INFO L290 TraceCheckUtils]: 22: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset := entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset;havoc entry_point_#t~ret45#1.base, entry_point_#t~ret45#1.offset; {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,043 INFO L290 TraceCheckUtils]: 23: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume !(entry_point_~fe~1#1.base == 0bv32 && entry_point_~fe~1#1.offset == 0bv32); {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,044 INFO L290 TraceCheckUtils]: 24: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_~fe~1#1.base, entry_point_~fe~1#1.offset, entry_point_~cfg~1#1.base, entry_point_~cfg~1#1.offset, 4bv32); srcloc: L811 {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,044 INFO L290 TraceCheckUtils]: 25: Hoare triple {10230#(and (= (select |#length| |ULTIMATE.start_entry_point_~c11~0#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_~c11~0#1.offset| (_ bv0 32)))} assume { :begin_inline_alloc_11 } true;alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset := entry_point_~c11~0#1.base, entry_point_~c11~0#1.offset;havoc alloc_11_#res#1;havoc alloc_11_#t~mem39#1.base, alloc_11_#t~mem39#1.offset, alloc_11_#t~mem40#1.base, alloc_11_#t~mem40#1.offset, alloc_11_#t~ret41#1.base, alloc_11_#t~ret41#1.offset, alloc_11_~client#1.base, alloc_11_~client#1.offset, alloc_11_~cfg~0#1.base, alloc_11_~cfg~0#1.offset, alloc_11_~fe~0#1.base, alloc_11_~fe~0#1.offset, alloc_11_~priv~0#1.base, alloc_11_~priv~0#1.offset;alloc_11_~client#1.base, alloc_11_~client#1.offset := alloc_11_#in~client#1.base, alloc_11_#in~client#1.offset; {10267#(and (= (select |#length| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv20 32)) (= |ULTIMATE.start_alloc_11_~client#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,045 INFO L290 TraceCheckUtils]: 26: Hoare triple {10267#(and (= (select |#length| |ULTIMATE.start_alloc_11_~client#1.base|) (_ bv20 32)) (= |ULTIMATE.start_alloc_11_~client#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, alloc_11_~client#1.offset), #length[alloc_11_~client#1.base]) && ~bvule32(alloc_11_~client#1.offset, ~bvadd32(4bv32, alloc_11_~client#1.offset))) && ~bvule32(0bv32, alloc_11_~client#1.offset)); {10181#false} is VALID [2022-02-20 23:50:59,045 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:59,045 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:59,311 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1622663668] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:50:59,311 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:59,311 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 11] total 11 [2022-02-20 23:50:59,311 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1619869276] [2022-02-20 23:50:59,311 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:59,312 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 1.9090909090909092) internal successors, (21), 10 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 27 [2022-02-20 23:50:59,312 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:59,312 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 11 states have (on average 1.9090909090909092) internal successors, (21), 10 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:50:59,339 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:59,339 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:50:59,339 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:59,340 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:50:59,340 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=174, Unknown=1, NotChecked=0, Total=210 [2022-02-20 23:50:59,340 INFO L87 Difference]: Start difference. First operand 156 states and 197 transitions. Second operand has 12 states, 11 states have (on average 1.9090909090909092) internal successors, (21), 10 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4)