./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d2e5061cdab54d9faeb4b87debefa6d4cd511c313e4ad95bcaf137fbc78127a3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:50:45,358 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:50:45,360 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:50:45,389 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:50:45,389 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:50:45,390 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:50:45,391 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:50:45,395 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:50:45,396 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:50:45,396 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:50:45,397 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:50:45,398 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:50:45,398 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:50:45,399 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:50:45,401 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:50:45,402 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:50:45,403 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:50:45,404 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:50:45,407 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:50:45,408 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:50:45,415 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:50:45,416 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:50:45,417 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:50:45,417 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:50:45,419 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:50:45,419 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:50:45,419 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:50:45,420 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:50:45,420 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:50:45,425 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:50:45,425 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:50:45,425 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:50:45,426 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:50:45,426 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:50:45,427 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:50:45,427 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:50:45,428 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:50:45,428 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:50:45,429 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:50:45,429 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:50:45,430 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:50:45,443 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:50:45,459 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:50:45,460 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:50:45,460 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:50:45,460 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:50:45,461 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:50:45,461 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:50:45,461 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:50:45,462 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:50:45,462 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:50:45,462 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:50:45,463 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:50:45,463 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:50:45,463 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:50:45,463 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:50:45,463 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:50:45,464 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:50:45,465 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:50:45,465 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:50:45,465 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:50:45,465 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:50:45,465 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:50:45,465 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:50:45,466 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:50:45,466 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:50:45,466 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d2e5061cdab54d9faeb4b87debefa6d4cd511c313e4ad95bcaf137fbc78127a3 [2022-02-20 23:50:45,670 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:50:45,696 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:50:45,700 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:50:45,701 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:50:45,702 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:50:45,703 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i [2022-02-20 23:50:45,754 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f1b5db228/b3691112b51748c9a3e2462a2970af6b/FLAGf6e0296d7 [2022-02-20 23:50:46,211 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:50:46,212 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i [2022-02-20 23:50:46,221 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f1b5db228/b3691112b51748c9a3e2462a2970af6b/FLAGf6e0296d7 [2022-02-20 23:50:46,229 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f1b5db228/b3691112b51748c9a3e2462a2970af6b [2022-02-20 23:50:46,231 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:50:46,232 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:50:46,233 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:50:46,233 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:50:46,235 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:50:46,236 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:50:46" (1/1) ... [2022-02-20 23:50:46,237 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@65566b1e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:46, skipping insertion in model container [2022-02-20 23:50:46,237 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:50:46" (1/1) ... [2022-02-20 23:50:46,241 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:50:46,268 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:50:46,615 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:50:46,645 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-02-20 23:50:46,645 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@34e08a73 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:46, skipping insertion in model container [2022-02-20 23:50:46,646 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:50:46,646 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-02-20 23:50:46,648 INFO L158 Benchmark]: Toolchain (without parser) took 415.00ms. Allocated memory is still 117.4MB. Free memory was 85.5MB in the beginning and 86.1MB in the end (delta: -567.8kB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 23:50:46,649 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 117.4MB. Free memory is still 72.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 23:50:46,650 INFO L158 Benchmark]: CACSL2BoogieTranslator took 413.07ms. Allocated memory is still 117.4MB. Free memory was 85.2MB in the beginning and 86.1MB in the end (delta: -856.8kB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-02-20 23:50:46,651 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 117.4MB. Free memory is still 72.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 413.07ms. Allocated memory is still 117.4MB. Free memory was 85.2MB in the beginning and 86.1MB in the end (delta: -856.8kB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d2e5061cdab54d9faeb4b87debefa6d4cd511c313e4ad95bcaf137fbc78127a3 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:50:48,218 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:50:48,220 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:50:48,249 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:50:48,249 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:50:48,251 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:50:48,252 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:50:48,256 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:50:48,257 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:50:48,260 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:50:48,261 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:50:48,264 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:50:48,264 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:50:48,266 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:50:48,267 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:50:48,269 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:50:48,269 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:50:48,270 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:50:48,271 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:50:48,275 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:50:48,276 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:50:48,277 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:50:48,278 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:50:48,279 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:50:48,283 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:50:48,283 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:50:48,284 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:50:48,285 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:50:48,285 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:50:48,285 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:50:48,286 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:50:48,286 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:50:48,287 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:50:48,288 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:50:48,288 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:50:48,289 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:50:48,289 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:50:48,289 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:50:48,290 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:50:48,291 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:50:48,291 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:50:48,292 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-20 23:50:48,318 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:50:48,318 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:50:48,319 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:50:48,319 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:50:48,320 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:50:48,320 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:50:48,321 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:50:48,321 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:50:48,322 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:50:48,322 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:50:48,322 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:50:48,323 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:50:48,324 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:50:48,325 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:50:48,325 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:50:48,329 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:50:48,329 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:50:48,329 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:50:48,330 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:50:48,330 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 23:50:48,330 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 23:50:48,330 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 23:50:48,330 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d2e5061cdab54d9faeb4b87debefa6d4cd511c313e4ad95bcaf137fbc78127a3 [2022-02-20 23:50:48,695 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:50:48,722 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:50:48,724 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:50:48,725 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:50:48,725 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:50:48,726 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i [2022-02-20 23:50:48,771 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/68f838d3d/2ead8fe27cc048fda4cc2c419091389c/FLAG0e450b62b [2022-02-20 23:50:49,214 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:50:49,214 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test15-2.i [2022-02-20 23:50:49,226 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/68f838d3d/2ead8fe27cc048fda4cc2c419091389c/FLAG0e450b62b [2022-02-20 23:50:49,239 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/68f838d3d/2ead8fe27cc048fda4cc2c419091389c [2022-02-20 23:50:49,241 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:50:49,242 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:50:49,244 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:50:49,244 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:50:49,247 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:50:49,248 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:49,249 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@454ff9b2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49, skipping insertion in model container [2022-02-20 23:50:49,249 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:49,254 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:50:49,296 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:50:49,713 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:50:49,738 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 23:50:49,746 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:50:49,801 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:50:49,821 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:50:49,885 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:50:49,928 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:50:49,928 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49 WrapperNode [2022-02-20 23:50:49,929 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:50:49,929 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:50:49,930 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:50:49,930 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:50:49,934 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:49,969 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:49,996 INFO L137 Inliner]: procedures = 176, calls = 104, calls flagged for inlining = 31, calls inlined = 14, statements flattened = 171 [2022-02-20 23:50:49,997 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:50:49,997 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:50:49,997 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:50:49,998 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:50:50,003 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,003 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,006 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,007 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,027 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,031 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,032 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,035 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:50:50,036 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:50:50,036 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:50:50,037 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:50:50,037 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (1/1) ... [2022-02-20 23:50:50,048 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:50:50,057 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:50:50,069 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:50:50,072 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:50:50,092 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE1 [2022-02-20 23:50:50,093 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-02-20 23:50:50,093 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-02-20 23:50:50,093 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:50:50,093 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:50:50,093 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:50:50,093 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_hid_set_drvdata [2022-02-20 23:50:50,093 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_hid_set_drvdata [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE1 [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:50:50,094 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:50:50,094 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:50:50,198 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:50:50,199 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:50:50,576 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:50:50,581 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:50:50,581 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 23:50:50,582 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:50:50 BoogieIcfgContainer [2022-02-20 23:50:50,582 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:50:50,584 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:50:50,584 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:50:50,586 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:50:50,586 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:50:49" (1/3) ... [2022-02-20 23:50:50,586 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7dc5fe0a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:50:50, skipping insertion in model container [2022-02-20 23:50:50,586 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:50:49" (2/3) ... [2022-02-20 23:50:50,587 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7dc5fe0a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:50:50, skipping insertion in model container [2022-02-20 23:50:50,587 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:50:50" (3/3) ... [2022-02-20 23:50:50,587 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test15-2.i [2022-02-20 23:50:50,590 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:50:50,591 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 50 error locations. [2022-02-20 23:50:50,621 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:50:50,626 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:50:50,626 INFO L340 AbstractCegarLoop]: Starting to check reachability of 50 error locations. [2022-02-20 23:50:50,640 INFO L276 IsEmpty]: Start isEmpty. Operand has 135 states, 77 states have (on average 1.7922077922077921) internal successors, (138), 127 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:50:50,644 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:50:50,645 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:50,645 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:50,646 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr47ASSERT_VIOLATIONMEMORY_LEAK === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:50,652 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:50,652 INFO L85 PathProgramCache]: Analyzing trace with hash -1983254393, now seen corresponding path program 1 times [2022-02-20 23:50:50,661 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:50,661 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [935600318] [2022-02-20 23:50:50,662 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:50,662 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:50,662 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:50,664 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:50,688 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 23:50:50,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:50,764 INFO L263 TraceCheckSpWp]: Trace formula consists of 40 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:50:50,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:50,778 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:50,859 INFO L290 TraceCheckUtils]: 0: Hoare triple {138#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {138#true} is VALID [2022-02-20 23:50:50,860 INFO L290 TraceCheckUtils]: 1: Hoare triple {138#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {138#true} is VALID [2022-02-20 23:50:50,860 INFO L272 TraceCheckUtils]: 2: Hoare triple {138#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {138#true} is VALID [2022-02-20 23:50:50,860 INFO L290 TraceCheckUtils]: 3: Hoare triple {138#true} ~size := #in~size; {138#true} is VALID [2022-02-20 23:50:50,861 INFO L290 TraceCheckUtils]: 4: Hoare triple {138#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {155#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:50,861 INFO L290 TraceCheckUtils]: 5: Hoare triple {155#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {155#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:50,863 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {155#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {138#true} #196#return; {162#(not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:50,863 INFO L290 TraceCheckUtils]: 7: Hoare triple {162#(not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32)))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {166#(not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:50,864 INFO L290 TraceCheckUtils]: 8: Hoare triple {166#(not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32)))} assume entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32; {139#false} is VALID [2022-02-20 23:50:50,864 INFO L290 TraceCheckUtils]: 9: Hoare triple {139#false} assume { :end_inline_entry_point } true; {139#false} is VALID [2022-02-20 23:50:50,864 INFO L290 TraceCheckUtils]: 10: Hoare triple {139#false} assume !(#valid == main_old_#valid#1); {139#false} is VALID [2022-02-20 23:50:50,865 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:50,865 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:50,865 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:50,866 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [935600318] [2022-02-20 23:50:50,866 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [935600318] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:50,867 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:50,867 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:50,868 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1910689106] [2022-02-20 23:50:50,869 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:50,872 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:50:50,873 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:50,876 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:50,887 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:50,887 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:50,888 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:50,905 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:50,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:50,911 INFO L87 Difference]: Start difference. First operand has 135 states, 77 states have (on average 1.7922077922077921) internal successors, (138), 127 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Second operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:51,677 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:51,678 INFO L93 Difference]: Finished difference Result 257 states and 287 transitions. [2022-02-20 23:50:51,678 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:51,678 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:50:51,679 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:51,679 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:51,694 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 288 transitions. [2022-02-20 23:50:51,695 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:51,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 288 transitions. [2022-02-20 23:50:51,701 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 288 transitions. [2022-02-20 23:50:52,022 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 288 edges. 288 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:52,038 INFO L225 Difference]: With dead ends: 257 [2022-02-20 23:50:52,039 INFO L226 Difference]: Without dead ends: 253 [2022-02-20 23:50:52,040 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:52,046 INFO L933 BasicCegarLoop]: 147 mSDtfsCounter, 124 mSDsluCounter, 426 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 573 SdHoareTripleChecker+Invalid, 48 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:52,046 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [130 Valid, 573 Invalid, 48 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:50:52,058 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 253 states. [2022-02-20 23:50:52,083 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 253 to 137. [2022-02-20 23:50:52,084 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:52,089 INFO L82 GeneralOperation]: Start isEquivalent. First operand 253 states. Second operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:52,090 INFO L74 IsIncluded]: Start isIncluded. First operand 253 states. Second operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:52,091 INFO L87 Difference]: Start difference. First operand 253 states. Second operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:52,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:52,105 INFO L93 Difference]: Finished difference Result 253 states and 283 transitions. [2022-02-20 23:50:52,105 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 283 transitions. [2022-02-20 23:50:52,111 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:52,111 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:52,112 INFO L74 IsIncluded]: Start isIncluded. First operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 253 states. [2022-02-20 23:50:52,112 INFO L87 Difference]: Start difference. First operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 253 states. [2022-02-20 23:50:52,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:52,123 INFO L93 Difference]: Finished difference Result 253 states and 283 transitions. [2022-02-20 23:50:52,124 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 283 transitions. [2022-02-20 23:50:52,125 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:52,127 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:52,127 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:52,128 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:52,128 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 79 states have (on average 1.759493670886076) internal successors, (139), 128 states have internal predecessors, (139), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:52,132 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 152 transitions. [2022-02-20 23:50:52,133 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 152 transitions. Word has length 11 [2022-02-20 23:50:52,134 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:52,134 INFO L470 AbstractCegarLoop]: Abstraction has 137 states and 152 transitions. [2022-02-20 23:50:52,134 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:52,138 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 152 transitions. [2022-02-20 23:50:52,138 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:50:52,139 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:52,139 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:52,162 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:52,346 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:52,346 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr47ASSERT_VIOLATIONMEMORY_LEAK === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:52,350 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:52,350 INFO L85 PathProgramCache]: Analyzing trace with hash -1095750712, now seen corresponding path program 1 times [2022-02-20 23:50:52,350 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:52,350 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1666975548] [2022-02-20 23:50:52,351 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:52,351 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:52,351 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:52,354 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:52,355 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 23:50:52,416 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:52,421 INFO L263 TraceCheckSpWp]: Trace formula consists of 34 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:50:52,428 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:52,430 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:52,468 INFO L290 TraceCheckUtils]: 0: Hoare triple {1075#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1075#true} is VALID [2022-02-20 23:50:52,468 INFO L290 TraceCheckUtils]: 1: Hoare triple {1075#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:52,469 INFO L272 TraceCheckUtils]: 2: Hoare triple {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {1087#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:52,469 INFO L290 TraceCheckUtils]: 3: Hoare triple {1087#(= |old(#valid)| |#valid|)} ~size := #in~size; {1087#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:52,470 INFO L290 TraceCheckUtils]: 4: Hoare triple {1087#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1087#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:52,470 INFO L290 TraceCheckUtils]: 5: Hoare triple {1087#(= |old(#valid)| |#valid|)} assume true; {1087#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:52,471 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1087#(= |old(#valid)| |#valid|)} {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #196#return; {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:52,471 INFO L290 TraceCheckUtils]: 7: Hoare triple {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:52,471 INFO L290 TraceCheckUtils]: 8: Hoare triple {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32; {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:52,472 INFO L290 TraceCheckUtils]: 9: Hoare triple {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline_entry_point } true; {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:50:52,473 INFO L290 TraceCheckUtils]: 10: Hoare triple {1083#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(#valid == main_old_#valid#1); {1076#false} is VALID [2022-02-20 23:50:52,473 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:52,473 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:52,473 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:52,473 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1666975548] [2022-02-20 23:50:52,474 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1666975548] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:52,474 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:52,474 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:50:52,474 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [89745005] [2022-02-20 23:50:52,474 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:52,475 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:50:52,475 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:52,475 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:52,482 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:52,483 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:50:52,483 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:52,483 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:50:52,483 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:50:52,484 INFO L87 Difference]: Start difference. First operand 137 states and 152 transitions. Second operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:53,247 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:53,247 INFO L93 Difference]: Finished difference Result 226 states and 251 transitions. [2022-02-20 23:50:53,248 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:50:53,248 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-02-20 23:50:53,248 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:53,248 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:53,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 252 transitions. [2022-02-20 23:50:53,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:53,254 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 252 transitions. [2022-02-20 23:50:53,254 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 252 transitions. [2022-02-20 23:50:53,472 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 252 edges. 252 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:53,476 INFO L225 Difference]: With dead ends: 226 [2022-02-20 23:50:53,476 INFO L226 Difference]: Without dead ends: 224 [2022-02-20 23:50:53,477 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:50:53,477 INFO L933 BasicCegarLoop]: 208 mSDtfsCounter, 92 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 200 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 440 SdHoareTripleChecker+Invalid, 206 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 200 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:53,478 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [93 Valid, 440 Invalid, 206 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 200 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:50:53,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2022-02-20 23:50:53,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 133. [2022-02-20 23:50:53,482 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:53,482 INFO L82 GeneralOperation]: Start isEquivalent. First operand 224 states. Second operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:50:53,483 INFO L74 IsIncluded]: Start isIncluded. First operand 224 states. Second operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:50:53,483 INFO L87 Difference]: Start difference. First operand 224 states. Second operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:50:53,488 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:53,488 INFO L93 Difference]: Finished difference Result 224 states and 249 transitions. [2022-02-20 23:50:53,488 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 249 transitions. [2022-02-20 23:50:53,488 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:53,488 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:53,489 INFO L74 IsIncluded]: Start isIncluded. First operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Second operand 224 states. [2022-02-20 23:50:53,489 INFO L87 Difference]: Start difference. First operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Second operand 224 states. [2022-02-20 23:50:53,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:53,494 INFO L93 Difference]: Finished difference Result 224 states and 249 transitions. [2022-02-20 23:50:53,494 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 249 transitions. [2022-02-20 23:50:53,494 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:53,494 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:53,494 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:53,495 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:53,495 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 133 states, 76 states have (on average 1.7763157894736843) internal successors, (135), 125 states have internal predecessors, (135), 5 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:50:53,497 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 133 states to 133 states and 145 transitions. [2022-02-20 23:50:53,497 INFO L78 Accepts]: Start accepts. Automaton has 133 states and 145 transitions. Word has length 11 [2022-02-20 23:50:53,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:53,498 INFO L470 AbstractCegarLoop]: Abstraction has 133 states and 145 transitions. [2022-02-20 23:50:53,498 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:50:53,498 INFO L276 IsEmpty]: Start isEmpty. Operand 133 states and 145 transitions. [2022-02-20 23:50:53,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:50:53,498 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:53,498 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:53,508 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 23:50:53,704 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:53,704 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr44ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:53,708 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:53,708 INFO L85 PathProgramCache]: Analyzing trace with hash 1690514833, now seen corresponding path program 1 times [2022-02-20 23:50:53,708 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:53,708 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [481694044] [2022-02-20 23:50:53,709 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:53,709 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:53,709 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:53,712 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:53,720 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 23:50:53,764 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:53,765 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:50:53,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:53,780 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:53,824 INFO L290 TraceCheckUtils]: 0: Hoare triple {1918#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1918#true} is VALID [2022-02-20 23:50:53,825 INFO L290 TraceCheckUtils]: 1: Hoare triple {1918#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {1918#true} is VALID [2022-02-20 23:50:53,825 INFO L272 TraceCheckUtils]: 2: Hoare triple {1918#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {1918#true} is VALID [2022-02-20 23:50:53,825 INFO L290 TraceCheckUtils]: 3: Hoare triple {1918#true} ~size := #in~size; {1918#true} is VALID [2022-02-20 23:50:53,825 INFO L290 TraceCheckUtils]: 4: Hoare triple {1918#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1918#true} is VALID [2022-02-20 23:50:53,825 INFO L290 TraceCheckUtils]: 5: Hoare triple {1918#true} assume true; {1918#true} is VALID [2022-02-20 23:50:53,826 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1918#true} {1918#true} #196#return; {1918#true} is VALID [2022-02-20 23:50:53,826 INFO L290 TraceCheckUtils]: 7: Hoare triple {1918#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {1918#true} is VALID [2022-02-20 23:50:53,826 INFO L290 TraceCheckUtils]: 8: Hoare triple {1918#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {1918#true} is VALID [2022-02-20 23:50:53,826 INFO L272 TraceCheckUtils]: 9: Hoare triple {1918#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {1918#true} is VALID [2022-02-20 23:50:53,826 INFO L290 TraceCheckUtils]: 10: Hoare triple {1918#true} ~size := #in~size; {1918#true} is VALID [2022-02-20 23:50:53,827 INFO L290 TraceCheckUtils]: 11: Hoare triple {1918#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1956#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,827 INFO L290 TraceCheckUtils]: 12: Hoare triple {1956#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {1956#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,828 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {1956#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {1918#true} #198#return; {1963#(not (= |ULTIMATE.start_entry_point_#t~ret54#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,828 INFO L290 TraceCheckUtils]: 14: Hoare triple {1963#(not (= |ULTIMATE.start_entry_point_#t~ret54#1.base| (_ bv0 32)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {1967#(not (= |ULTIMATE.start_entry_point_~intf~2#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:53,829 INFO L290 TraceCheckUtils]: 15: Hoare triple {1967#(not (= |ULTIMATE.start_entry_point_~intf~2#1.base| (_ bv0 32)))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {1919#false} is VALID [2022-02-20 23:50:53,829 INFO L290 TraceCheckUtils]: 16: Hoare triple {1919#false} assume !(0bv32 == entry_point_~hdev~0#1.offset); {1919#false} is VALID [2022-02-20 23:50:53,829 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:53,829 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:53,829 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:53,830 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [481694044] [2022-02-20 23:50:53,830 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [481694044] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:53,830 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:53,830 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:53,830 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1954967794] [2022-02-20 23:50:53,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:53,831 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 17 [2022-02-20 23:50:53,831 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:53,831 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:53,842 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:53,842 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:53,843 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:53,843 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:53,843 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:53,843 INFO L87 Difference]: Start difference. First operand 133 states and 145 transitions. Second operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:54,525 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:54,526 INFO L93 Difference]: Finished difference Result 250 states and 276 transitions. [2022-02-20 23:50:54,526 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:54,526 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 17 [2022-02-20 23:50:54,526 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:54,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:54,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 277 transitions. [2022-02-20 23:50:54,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:54,532 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 277 transitions. [2022-02-20 23:50:54,532 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 277 transitions. [2022-02-20 23:50:54,793 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 277 edges. 277 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:54,796 INFO L225 Difference]: With dead ends: 250 [2022-02-20 23:50:54,796 INFO L226 Difference]: Without dead ends: 250 [2022-02-20 23:50:54,799 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:54,804 INFO L933 BasicCegarLoop]: 139 mSDtfsCounter, 119 mSDsluCounter, 399 mSDsCounter, 0 mSdLazyCounter, 79 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 123 SdHoareTripleChecker+Valid, 538 SdHoareTripleChecker+Invalid, 80 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 79 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:54,808 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [123 Valid, 538 Invalid, 80 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 79 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:50:54,809 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2022-02-20 23:50:54,813 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 137. [2022-02-20 23:50:54,814 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:54,814 INFO L82 GeneralOperation]: Start isEquivalent. First operand 250 states. Second operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:54,814 INFO L74 IsIncluded]: Start isIncluded. First operand 250 states. Second operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:54,815 INFO L87 Difference]: Start difference. First operand 250 states. Second operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:54,820 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:54,820 INFO L93 Difference]: Finished difference Result 250 states and 276 transitions. [2022-02-20 23:50:54,820 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 276 transitions. [2022-02-20 23:50:54,820 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:54,820 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:54,821 INFO L74 IsIncluded]: Start isIncluded. First operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 250 states. [2022-02-20 23:50:54,821 INFO L87 Difference]: Start difference. First operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 250 states. [2022-02-20 23:50:54,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:54,826 INFO L93 Difference]: Finished difference Result 250 states and 276 transitions. [2022-02-20 23:50:54,826 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 276 transitions. [2022-02-20 23:50:54,827 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:54,827 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:54,827 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:54,827 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:54,828 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 79 states have (on average 1.7468354430379747) internal successors, (138), 128 states have internal predecessors, (138), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:54,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 151 transitions. [2022-02-20 23:50:54,830 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 151 transitions. Word has length 17 [2022-02-20 23:50:54,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:54,831 INFO L470 AbstractCegarLoop]: Abstraction has 137 states and 151 transitions. [2022-02-20 23:50:54,831 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.4) internal successors, (12), 4 states have internal predecessors, (12), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:50:54,831 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 151 transitions. [2022-02-20 23:50:54,831 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:50:54,831 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:54,831 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:54,838 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:55,038 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:55,039 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr44ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:55,039 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:55,039 INFO L85 PathProgramCache]: Analyzing trace with hash 1719143984, now seen corresponding path program 1 times [2022-02-20 23:50:55,040 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:55,040 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [47723754] [2022-02-20 23:50:55,040 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:55,040 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:55,040 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:55,041 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:55,042 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 23:50:55,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:55,097 INFO L263 TraceCheckSpWp]: Trace formula consists of 54 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:50:55,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:55,103 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:55,143 INFO L290 TraceCheckUtils]: 0: Hoare triple {2860#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2860#true} is VALID [2022-02-20 23:50:55,143 INFO L290 TraceCheckUtils]: 1: Hoare triple {2860#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {2860#true} is VALID [2022-02-20 23:50:55,143 INFO L272 TraceCheckUtils]: 2: Hoare triple {2860#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {2860#true} is VALID [2022-02-20 23:50:55,143 INFO L290 TraceCheckUtils]: 3: Hoare triple {2860#true} ~size := #in~size; {2860#true} is VALID [2022-02-20 23:50:55,144 INFO L290 TraceCheckUtils]: 4: Hoare triple {2860#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,144 INFO L290 TraceCheckUtils]: 5: Hoare triple {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,145 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} {2860#true} #196#return; {2884#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,145 INFO L290 TraceCheckUtils]: 7: Hoare triple {2884#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,145 INFO L290 TraceCheckUtils]: 8: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,146 INFO L272 TraceCheckUtils]: 9: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {2860#true} is VALID [2022-02-20 23:50:55,146 INFO L290 TraceCheckUtils]: 10: Hoare triple {2860#true} ~size := #in~size; {2860#true} is VALID [2022-02-20 23:50:55,146 INFO L290 TraceCheckUtils]: 11: Hoare triple {2860#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2860#true} is VALID [2022-02-20 23:50:55,146 INFO L290 TraceCheckUtils]: 12: Hoare triple {2860#true} assume true; {2860#true} is VALID [2022-02-20 23:50:55,147 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2860#true} {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} #198#return; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,147 INFO L290 TraceCheckUtils]: 14: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,147 INFO L290 TraceCheckUtils]: 15: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,148 INFO L290 TraceCheckUtils]: 16: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(0bv32 == entry_point_~hdev~0#1.offset); {2861#false} is VALID [2022-02-20 23:50:55,148 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:55,148 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:55,201 INFO L290 TraceCheckUtils]: 16: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(0bv32 == entry_point_~hdev~0#1.offset); {2861#false} is VALID [2022-02-20 23:50:55,201 INFO L290 TraceCheckUtils]: 15: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,202 INFO L290 TraceCheckUtils]: 14: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,202 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {2860#true} {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} #198#return; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,203 INFO L290 TraceCheckUtils]: 12: Hoare triple {2860#true} assume true; {2860#true} is VALID [2022-02-20 23:50:55,203 INFO L290 TraceCheckUtils]: 11: Hoare triple {2860#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2860#true} is VALID [2022-02-20 23:50:55,203 INFO L290 TraceCheckUtils]: 10: Hoare triple {2860#true} ~size := #in~size; {2860#true} is VALID [2022-02-20 23:50:55,203 INFO L272 TraceCheckUtils]: 9: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {2860#true} is VALID [2022-02-20 23:50:55,203 INFO L290 TraceCheckUtils]: 8: Hoare triple {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,204 INFO L290 TraceCheckUtils]: 7: Hoare triple {2884#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {2888#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,204 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} {2860#true} #196#return; {2884#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,205 INFO L290 TraceCheckUtils]: 5: Hoare triple {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,205 INFO L290 TraceCheckUtils]: 4: Hoare triple {2860#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2877#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:50:55,205 INFO L290 TraceCheckUtils]: 3: Hoare triple {2860#true} ~size := #in~size; {2860#true} is VALID [2022-02-20 23:50:55,205 INFO L272 TraceCheckUtils]: 2: Hoare triple {2860#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {2860#true} is VALID [2022-02-20 23:50:55,205 INFO L290 TraceCheckUtils]: 1: Hoare triple {2860#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {2860#true} is VALID [2022-02-20 23:50:55,206 INFO L290 TraceCheckUtils]: 0: Hoare triple {2860#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2860#true} is VALID [2022-02-20 23:50:55,206 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:55,206 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:55,206 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [47723754] [2022-02-20 23:50:55,206 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [47723754] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:55,206 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:55,206 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4] total 4 [2022-02-20 23:50:55,207 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1717596031] [2022-02-20 23:50:55,207 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:55,207 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:55,207 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:55,207 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:55,218 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:55,218 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:55,218 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:55,219 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:55,219 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:55,219 INFO L87 Difference]: Start difference. First operand 137 states and 151 transitions. Second operand has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:55,644 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:55,644 INFO L93 Difference]: Finished difference Result 136 states and 150 transitions. [2022-02-20 23:50:55,644 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:50:55,645 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:50:55,645 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:55,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:55,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 145 transitions. [2022-02-20 23:50:55,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:55,647 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 145 transitions. [2022-02-20 23:50:55,647 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 145 transitions. [2022-02-20 23:50:55,767 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 145 edges. 145 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:55,769 INFO L225 Difference]: With dead ends: 136 [2022-02-20 23:50:55,769 INFO L226 Difference]: Without dead ends: 136 [2022-02-20 23:50:55,769 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:55,769 INFO L933 BasicCegarLoop]: 137 mSDtfsCounter, 118 mSDsluCounter, 286 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 121 SdHoareTripleChecker+Valid, 423 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:55,769 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [121 Valid, 423 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:50:55,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2022-02-20 23:50:55,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2022-02-20 23:50:55,773 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:55,773 INFO L82 GeneralOperation]: Start isEquivalent. First operand 136 states. Second operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:55,773 INFO L74 IsIncluded]: Start isIncluded. First operand 136 states. Second operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:55,774 INFO L87 Difference]: Start difference. First operand 136 states. Second operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:55,776 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:55,776 INFO L93 Difference]: Finished difference Result 136 states and 150 transitions. [2022-02-20 23:50:55,776 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 150 transitions. [2022-02-20 23:50:55,777 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:55,777 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:55,777 INFO L74 IsIncluded]: Start isIncluded. First operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 136 states. [2022-02-20 23:50:55,777 INFO L87 Difference]: Start difference. First operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) Second operand 136 states. [2022-02-20 23:50:55,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:55,780 INFO L93 Difference]: Finished difference Result 136 states and 150 transitions. [2022-02-20 23:50:55,780 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 150 transitions. [2022-02-20 23:50:55,780 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:55,780 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:55,781 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:55,781 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:55,781 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 79 states have (on average 1.7341772151898733) internal successors, (137), 127 states have internal predecessors, (137), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (8), 6 states have call predecessors, (8), 5 states have call successors, (8) [2022-02-20 23:50:55,783 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 150 transitions. [2022-02-20 23:50:55,783 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 150 transitions. Word has length 17 [2022-02-20 23:50:55,783 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:55,784 INFO L470 AbstractCegarLoop]: Abstraction has 136 states and 150 transitions. [2022-02-20 23:50:55,784 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 3.0) internal successors, (12), 4 states have internal predecessors, (12), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:55,784 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 150 transitions. [2022-02-20 23:50:55,784 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-02-20 23:50:55,784 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:55,784 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:55,790 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Ended with exit code 0 [2022-02-20 23:50:55,990 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:55,991 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr45ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:55,991 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:55,991 INFO L85 PathProgramCache]: Analyzing trace with hash 1753856167, now seen corresponding path program 1 times [2022-02-20 23:50:55,992 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:55,992 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [150910498] [2022-02-20 23:50:55,992 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:55,992 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:55,992 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:55,993 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:55,994 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 23:50:56,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:56,038 INFO L263 TraceCheckSpWp]: Trace formula consists of 55 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:50:56,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:56,044 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:56,294 INFO L290 TraceCheckUtils]: 0: Hoare triple {3507#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,295 INFO L290 TraceCheckUtils]: 1: Hoare triple {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,295 INFO L272 TraceCheckUtils]: 2: Hoare triple {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,296 INFO L290 TraceCheckUtils]: 3: Hoare triple {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,296 INFO L290 TraceCheckUtils]: 4: Hoare triple {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3525#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:56,297 INFO L290 TraceCheckUtils]: 5: Hoare triple {3525#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {3525#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:56,297 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3525#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {3512#(bvult (_ bv0 32) |#StackHeapBarrier|)} #196#return; {3532#(and (bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:50:56,298 INFO L290 TraceCheckUtils]: 7: Hoare triple {3532#(and (bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32))))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,298 INFO L290 TraceCheckUtils]: 8: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,300 INFO L272 TraceCheckUtils]: 9: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} is VALID [2022-02-20 23:50:56,300 INFO L290 TraceCheckUtils]: 10: Hoare triple {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} ~size := #in~size; {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} is VALID [2022-02-20 23:50:56,301 INFO L290 TraceCheckUtils]: 11: Hoare triple {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} is VALID [2022-02-20 23:50:56,301 INFO L290 TraceCheckUtils]: 12: Hoare triple {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} assume true; {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} is VALID [2022-02-20 23:50:56,302 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3543#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ BitVec 32))) (and (not (= |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| (_ bv0 32))) (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_1| |#StackHeapBarrier|)))} {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} #198#return; {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,302 INFO L290 TraceCheckUtils]: 14: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,303 INFO L290 TraceCheckUtils]: 15: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,303 INFO L290 TraceCheckUtils]: 16: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume 0bv32 == entry_point_~hdev~0#1.offset; {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:50:56,304 INFO L290 TraceCheckUtils]: 17: Hoare triple {3536#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume !~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {3508#false} is VALID [2022-02-20 23:50:56,304 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:56,304 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:56,411 INFO L290 TraceCheckUtils]: 17: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {3508#false} is VALID [2022-02-20 23:50:56,411 INFO L290 TraceCheckUtils]: 16: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~hdev~0#1.offset; {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,411 INFO L290 TraceCheckUtils]: 15: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,412 INFO L290 TraceCheckUtils]: 14: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,412 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {3507#true} {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} #198#return; {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,413 INFO L290 TraceCheckUtils]: 12: Hoare triple {3507#true} assume true; {3507#true} is VALID [2022-02-20 23:50:56,413 INFO L290 TraceCheckUtils]: 11: Hoare triple {3507#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3507#true} is VALID [2022-02-20 23:50:56,413 INFO L290 TraceCheckUtils]: 10: Hoare triple {3507#true} ~size := #in~size; {3507#true} is VALID [2022-02-20 23:50:56,413 INFO L272 TraceCheckUtils]: 9: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {3507#true} is VALID [2022-02-20 23:50:56,413 INFO L290 TraceCheckUtils]: 8: Hoare triple {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,414 INFO L290 TraceCheckUtils]: 7: Hoare triple {3599#(bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|)} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {3568#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,414 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3606#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {3507#true} #196#return; {3599#(bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,415 INFO L290 TraceCheckUtils]: 5: Hoare triple {3606#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {3606#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,415 INFO L290 TraceCheckUtils]: 4: Hoare triple {3507#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3606#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:50:56,415 INFO L290 TraceCheckUtils]: 3: Hoare triple {3507#true} ~size := #in~size; {3507#true} is VALID [2022-02-20 23:50:56,415 INFO L272 TraceCheckUtils]: 2: Hoare triple {3507#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {3507#true} is VALID [2022-02-20 23:50:56,415 INFO L290 TraceCheckUtils]: 1: Hoare triple {3507#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {3507#true} is VALID [2022-02-20 23:50:56,415 INFO L290 TraceCheckUtils]: 0: Hoare triple {3507#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3507#true} is VALID [2022-02-20 23:50:56,415 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:50:56,415 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:56,416 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [150910498] [2022-02-20 23:50:56,416 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [150910498] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:56,416 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:56,416 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:50:56,416 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [401316199] [2022-02-20 23:50:56,416 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:56,416 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 18 [2022-02-20 23:50:56,416 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:56,416 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:56,448 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:56,448 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:50:56,448 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:56,449 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:50:56,449 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:50:56,449 INFO L87 Difference]: Start difference. First operand 136 states and 150 transitions. Second operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:56,997 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:56,997 INFO L93 Difference]: Finished difference Result 162 states and 180 transitions. [2022-02-20 23:50:56,997 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:50:56,998 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 18 [2022-02-20 23:50:56,998 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:56,998 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:57,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 177 transitions. [2022-02-20 23:50:57,000 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:57,001 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 177 transitions. [2022-02-20 23:50:57,001 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 177 transitions. [2022-02-20 23:50:57,142 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 177 edges. 177 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:57,144 INFO L225 Difference]: With dead ends: 162 [2022-02-20 23:50:57,144 INFO L226 Difference]: Without dead ends: 162 [2022-02-20 23:50:57,144 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 25 SyntacticMatches, 1 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=74, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:50:57,145 INFO L933 BasicCegarLoop]: 138 mSDtfsCounter, 41 mSDsluCounter, 279 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 84 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 37 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:57,145 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [41 Valid, 417 Invalid, 84 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 41 Invalid, 0 Unknown, 37 Unchecked, 0.0s Time] [2022-02-20 23:50:57,145 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-02-20 23:50:57,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 149. [2022-02-20 23:50:57,148 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:57,148 INFO L82 GeneralOperation]: Start isEquivalent. First operand 162 states. Second operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:50:57,148 INFO L74 IsIncluded]: Start isIncluded. First operand 162 states. Second operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:50:57,149 INFO L87 Difference]: Start difference. First operand 162 states. Second operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:50:57,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:57,152 INFO L93 Difference]: Finished difference Result 162 states and 180 transitions. [2022-02-20 23:50:57,152 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 180 transitions. [2022-02-20 23:50:57,153 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:57,153 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:57,153 INFO L74 IsIncluded]: Start isIncluded. First operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) Second operand 162 states. [2022-02-20 23:50:57,153 INFO L87 Difference]: Start difference. First operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) Second operand 162 states. [2022-02-20 23:50:57,156 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:57,156 INFO L93 Difference]: Finished difference Result 162 states and 180 transitions. [2022-02-20 23:50:57,156 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 180 transitions. [2022-02-20 23:50:57,156 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:57,157 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:57,157 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:57,157 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:57,157 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 89 states have (on average 1.6741573033707866) internal successors, (149), 137 states have internal predecessors, (149), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:50:57,159 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 164 transitions. [2022-02-20 23:50:57,160 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 164 transitions. Word has length 18 [2022-02-20 23:50:57,160 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:57,160 INFO L470 AbstractCegarLoop]: Abstraction has 149 states and 164 transitions. [2022-02-20 23:50:57,160 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 3.0) internal successors, (27), 8 states have internal predecessors, (27), 4 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:50:57,160 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 164 transitions. [2022-02-20 23:50:57,160 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 23:50:57,160 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:57,161 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:57,169 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 23:50:57,369 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:57,369 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr46ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:57,370 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:57,370 INFO L85 PathProgramCache]: Analyzing trace with hash -1465033454, now seen corresponding path program 1 times [2022-02-20 23:50:57,371 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:57,371 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [871078971] [2022-02-20 23:50:57,371 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:57,371 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:57,371 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:57,372 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:57,373 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 23:50:57,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:57,409 INFO L263 TraceCheckSpWp]: Trace formula consists of 57 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:57,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:57,416 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:57,438 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:50:57,500 INFO L290 TraceCheckUtils]: 0: Hoare triple {4258#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4258#true} is VALID [2022-02-20 23:50:57,500 INFO L290 TraceCheckUtils]: 1: Hoare triple {4258#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {4258#true} is VALID [2022-02-20 23:50:57,501 INFO L272 TraceCheckUtils]: 2: Hoare triple {4258#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {4258#true} is VALID [2022-02-20 23:50:57,501 INFO L290 TraceCheckUtils]: 3: Hoare triple {4258#true} ~size := #in~size; {4258#true} is VALID [2022-02-20 23:50:57,502 INFO L290 TraceCheckUtils]: 4: Hoare triple {4258#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:57,502 INFO L290 TraceCheckUtils]: 5: Hoare triple {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:57,503 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {4258#true} #196#return; {4282#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,503 INFO L290 TraceCheckUtils]: 7: Hoare triple {4282#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,504 INFO L290 TraceCheckUtils]: 8: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,504 INFO L272 TraceCheckUtils]: 9: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {4293#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:57,505 INFO L290 TraceCheckUtils]: 10: Hoare triple {4293#(= |old(#valid)| |#valid|)} ~size := #in~size; {4293#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:57,505 INFO L290 TraceCheckUtils]: 11: Hoare triple {4293#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4293#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:57,505 INFO L290 TraceCheckUtils]: 12: Hoare triple {4293#(= |old(#valid)| |#valid|)} assume true; {4293#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:50:57,506 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4293#(= |old(#valid)| |#valid|)} {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #198#return; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,506 INFO L290 TraceCheckUtils]: 14: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,507 INFO L290 TraceCheckUtils]: 15: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,507 INFO L290 TraceCheckUtils]: 16: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume 0bv32 == entry_point_~hdev~0#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,508 INFO L290 TraceCheckUtils]: 17: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume ~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,508 INFO L290 TraceCheckUtils]: 18: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(0bv32 == entry_point_~hdev~0#1.base || 1bv1 == #valid[entry_point_~hdev~0#1.base]); {4259#false} is VALID [2022-02-20 23:50:57,508 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:57,508 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:50:57,626 INFO L290 TraceCheckUtils]: 18: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(0bv32 == entry_point_~hdev~0#1.base || 1bv1 == #valid[entry_point_~hdev~0#1.base]); {4259#false} is VALID [2022-02-20 23:50:57,627 INFO L290 TraceCheckUtils]: 17: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume ~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,627 INFO L290 TraceCheckUtils]: 16: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume 0bv32 == entry_point_~hdev~0#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,628 INFO L290 TraceCheckUtils]: 15: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,628 INFO L290 TraceCheckUtils]: 14: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,629 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #198#return; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,630 INFO L290 TraceCheckUtils]: 12: Hoare triple {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} assume true; {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} is VALID [2022-02-20 23:50:57,630 INFO L290 TraceCheckUtils]: 11: Hoare triple {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} is VALID [2022-02-20 23:50:57,631 INFO L290 TraceCheckUtils]: 10: Hoare triple {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} ~size := #in~size; {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} is VALID [2022-02-20 23:50:57,632 INFO L272 TraceCheckUtils]: 9: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {4339#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4| (_ BitVec 32))) (or (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|) (_ bv1 1)) (not (= (_ bv1 1) (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_4|)))))} is VALID [2022-02-20 23:50:57,632 INFO L290 TraceCheckUtils]: 8: Hoare triple {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,632 INFO L290 TraceCheckUtils]: 7: Hoare triple {4282#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {4286#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,633 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {4258#true} #196#return; {4282#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:50:57,633 INFO L290 TraceCheckUtils]: 5: Hoare triple {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:57,634 INFO L290 TraceCheckUtils]: 4: Hoare triple {4258#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4275#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:50:57,634 INFO L290 TraceCheckUtils]: 3: Hoare triple {4258#true} ~size := #in~size; {4258#true} is VALID [2022-02-20 23:50:57,634 INFO L272 TraceCheckUtils]: 2: Hoare triple {4258#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {4258#true} is VALID [2022-02-20 23:50:57,635 INFO L290 TraceCheckUtils]: 1: Hoare triple {4258#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {4258#true} is VALID [2022-02-20 23:50:57,635 INFO L290 TraceCheckUtils]: 0: Hoare triple {4258#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4258#true} is VALID [2022-02-20 23:50:57,635 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:57,635 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:57,635 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [871078971] [2022-02-20 23:50:57,635 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [871078971] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:50:57,635 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:50:57,635 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 5] total 6 [2022-02-20 23:50:57,636 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2011878215] [2022-02-20 23:50:57,636 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:50:57,636 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 19 [2022-02-20 23:50:57,636 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:57,636 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:57,656 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:57,656 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:50:57,656 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:57,656 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:50:57,657 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:50:57,657 INFO L87 Difference]: Start difference. First operand 149 states and 164 transitions. Second operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:58,968 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:58,969 INFO L93 Difference]: Finished difference Result 219 states and 241 transitions. [2022-02-20 23:50:58,969 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:50:58,969 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 19 [2022-02-20 23:50:58,969 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:50:58,969 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:58,971 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 230 transitions. [2022-02-20 23:50:58,971 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:58,973 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 230 transitions. [2022-02-20 23:50:58,973 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 230 transitions. [2022-02-20 23:50:59,158 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 230 edges. 230 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:59,161 INFO L225 Difference]: With dead ends: 219 [2022-02-20 23:50:59,161 INFO L226 Difference]: Without dead ends: 219 [2022-02-20 23:50:59,161 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 31 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:50:59,161 INFO L933 BasicCegarLoop]: 122 mSDtfsCounter, 110 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 358 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 112 SdHoareTripleChecker+Valid, 525 SdHoareTripleChecker+Invalid, 448 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 358 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 80 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:50:59,161 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [112 Valid, 525 Invalid, 448 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 358 Invalid, 0 Unknown, 80 Unchecked, 0.4s Time] [2022-02-20 23:50:59,162 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219 states. [2022-02-20 23:50:59,165 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219 to 165. [2022-02-20 23:50:59,165 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:50:59,165 INFO L82 GeneralOperation]: Start isEquivalent. First operand 219 states. Second operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:59,166 INFO L74 IsIncluded]: Start isIncluded. First operand 219 states. Second operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:59,166 INFO L87 Difference]: Start difference. First operand 219 states. Second operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:59,169 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:59,169 INFO L93 Difference]: Finished difference Result 219 states and 241 transitions. [2022-02-20 23:50:59,170 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 241 transitions. [2022-02-20 23:50:59,170 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:59,170 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:59,170 INFO L74 IsIncluded]: Start isIncluded. First operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) Second operand 219 states. [2022-02-20 23:50:59,171 INFO L87 Difference]: Start difference. First operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) Second operand 219 states. [2022-02-20 23:50:59,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:50:59,175 INFO L93 Difference]: Finished difference Result 219 states and 241 transitions. [2022-02-20 23:50:59,175 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 241 transitions. [2022-02-20 23:50:59,175 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:50:59,175 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:50:59,176 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:50:59,176 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:50:59,176 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 103 states have (on average 1.6893203883495145) internal successors, (174), 151 states have internal predecessors, (174), 7 states have call successors, (7), 4 states have call predecessors, (7), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-02-20 23:50:59,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 193 transitions. [2022-02-20 23:50:59,180 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 193 transitions. Word has length 19 [2022-02-20 23:50:59,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:50:59,180 INFO L470 AbstractCegarLoop]: Abstraction has 165 states and 193 transitions. [2022-02-20 23:50:59,180 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:50:59,180 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 193 transitions. [2022-02-20 23:50:59,180 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 23:50:59,180 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:50:59,181 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:50:59,187 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Ended with exit code 0 [2022-02-20 23:50:59,387 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:50:59,387 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr46ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:50:59,387 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:50:59,388 INFO L85 PathProgramCache]: Analyzing trace with hash 42518355, now seen corresponding path program 1 times [2022-02-20 23:50:59,388 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:50:59,388 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1450859455] [2022-02-20 23:50:59,388 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:50:59,388 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:50:59,388 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:50:59,389 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:50:59,390 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 23:50:59,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:59,450 INFO L263 TraceCheckSpWp]: Trace formula consists of 51 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:50:59,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:50:59,457 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:50:59,515 INFO L290 TraceCheckUtils]: 0: Hoare triple {5197#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5197#true} is VALID [2022-02-20 23:50:59,515 INFO L290 TraceCheckUtils]: 1: Hoare triple {5197#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {5197#true} is VALID [2022-02-20 23:50:59,515 INFO L272 TraceCheckUtils]: 2: Hoare triple {5197#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {5197#true} is VALID [2022-02-20 23:50:59,515 INFO L290 TraceCheckUtils]: 3: Hoare triple {5197#true} ~size := #in~size; {5197#true} is VALID [2022-02-20 23:50:59,516 INFO L290 TraceCheckUtils]: 4: Hoare triple {5197#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {5214#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,516 INFO L290 TraceCheckUtils]: 5: Hoare triple {5214#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {5214#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,517 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5214#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {5197#true} #196#return; {5221#(and (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,517 INFO L290 TraceCheckUtils]: 7: Hoare triple {5221#(and (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32)))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {5225#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:50:59,518 INFO L290 TraceCheckUtils]: 8: Hoare triple {5225#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L272 TraceCheckUtils]: 9: Hoare triple {5198#false} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L290 TraceCheckUtils]: 10: Hoare triple {5198#false} ~size := #in~size; {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L290 TraceCheckUtils]: 11: Hoare triple {5198#false} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L290 TraceCheckUtils]: 12: Hoare triple {5198#false} assume true; {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5198#false} {5198#false} #198#return; {5198#false} is VALID [2022-02-20 23:50:59,518 INFO L290 TraceCheckUtils]: 14: Hoare triple {5198#false} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {5198#false} is VALID [2022-02-20 23:50:59,519 INFO L290 TraceCheckUtils]: 15: Hoare triple {5198#false} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {5198#false} is VALID [2022-02-20 23:50:59,519 INFO L290 TraceCheckUtils]: 16: Hoare triple {5198#false} assume 0bv32 == entry_point_~hdev~0#1.offset; {5198#false} is VALID [2022-02-20 23:50:59,519 INFO L290 TraceCheckUtils]: 17: Hoare triple {5198#false} assume ~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {5198#false} is VALID [2022-02-20 23:50:59,519 INFO L290 TraceCheckUtils]: 18: Hoare triple {5198#false} assume !(0bv32 == entry_point_~hdev~0#1.base || 1bv1 == #valid[entry_point_~hdev~0#1.base]); {5198#false} is VALID [2022-02-20 23:50:59,519 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:50:59,519 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:50:59,519 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:50:59,520 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1450859455] [2022-02-20 23:50:59,520 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1450859455] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:50:59,520 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:50:59,520 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:50:59,520 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [821735937] [2022-02-20 23:50:59,520 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:50:59,520 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 19 [2022-02-20 23:50:59,521 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:50:59,521 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:50:59,534 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:50:59,534 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:50:59,534 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:50:59,535 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:50:59,535 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:50:59,535 INFO L87 Difference]: Start difference. First operand 165 states and 193 transitions. Second operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:00,048 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:00,048 INFO L93 Difference]: Finished difference Result 160 states and 184 transitions. [2022-02-20 23:51:00,048 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:00,048 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 19 [2022-02-20 23:51:00,048 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:00,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:00,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 150 transitions. [2022-02-20 23:51:00,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:00,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 150 transitions. [2022-02-20 23:51:00,052 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 150 transitions. [2022-02-20 23:51:00,178 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 150 edges. 150 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:00,180 INFO L225 Difference]: With dead ends: 160 [2022-02-20 23:51:00,180 INFO L226 Difference]: Without dead ends: 156 [2022-02-20 23:51:00,180 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:00,181 INFO L933 BasicCegarLoop]: 147 mSDtfsCounter, 0 mSDsluCounter, 422 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 569 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:00,181 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 569 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:51:00,181 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2022-02-20 23:51:00,183 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 156. [2022-02-20 23:51:00,183 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:00,184 INFO L82 GeneralOperation]: Start isEquivalent. First operand 156 states. Second operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:51:00,184 INFO L74 IsIncluded]: Start isIncluded. First operand 156 states. Second operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:51:00,184 INFO L87 Difference]: Start difference. First operand 156 states. Second operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:51:00,187 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:00,187 INFO L93 Difference]: Finished difference Result 156 states and 180 transitions. [2022-02-20 23:51:00,187 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 180 transitions. [2022-02-20 23:51:00,188 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:00,188 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:00,188 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) Second operand 156 states. [2022-02-20 23:51:00,189 INFO L87 Difference]: Start difference. First operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) Second operand 156 states. [2022-02-20 23:51:00,191 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:00,191 INFO L93 Difference]: Finished difference Result 156 states and 180 transitions. [2022-02-20 23:51:00,191 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 180 transitions. [2022-02-20 23:51:00,191 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:00,191 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:00,191 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:00,192 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:00,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 96 states have (on average 1.71875) internal successors, (165), 144 states have internal predecessors, (165), 6 states have call successors, (6), 4 states have call predecessors, (6), 5 states have return successors, (9), 7 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:51:00,194 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 180 transitions. [2022-02-20 23:51:00,194 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 180 transitions. Word has length 19 [2022-02-20 23:51:00,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:00,194 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 180 transitions. [2022-02-20 23:51:00,195 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:00,195 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 180 transitions. [2022-02-20 23:51:00,195 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-02-20 23:51:00,195 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:00,195 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:00,208 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:00,401 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:00,402 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:00,402 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:00,402 INFO L85 PathProgramCache]: Analyzing trace with hash 204799578, now seen corresponding path program 1 times [2022-02-20 23:51:00,402 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:00,403 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1936003327] [2022-02-20 23:51:00,403 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:00,403 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:00,403 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:00,413 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:00,414 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 23:51:00,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:00,478 INFO L263 TraceCheckSpWp]: Trace formula consists of 77 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:51:00,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:00,489 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:00,517 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:00,596 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:51:00,597 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:51:00,607 INFO L290 TraceCheckUtils]: 0: Hoare triple {5886#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L290 TraceCheckUtils]: 1: Hoare triple {5886#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L272 TraceCheckUtils]: 2: Hoare triple {5886#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L290 TraceCheckUtils]: 3: Hoare triple {5886#true} ~size := #in~size; {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L290 TraceCheckUtils]: 4: Hoare triple {5886#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L290 TraceCheckUtils]: 5: Hoare triple {5886#true} assume true; {5886#true} is VALID [2022-02-20 23:51:00,608 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5886#true} {5886#true} #196#return; {5886#true} is VALID [2022-02-20 23:51:00,609 INFO L290 TraceCheckUtils]: 7: Hoare triple {5886#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {5886#true} is VALID [2022-02-20 23:51:00,609 INFO L290 TraceCheckUtils]: 8: Hoare triple {5886#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {5886#true} is VALID [2022-02-20 23:51:00,609 INFO L272 TraceCheckUtils]: 9: Hoare triple {5886#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {5886#true} is VALID [2022-02-20 23:51:00,609 INFO L290 TraceCheckUtils]: 10: Hoare triple {5886#true} ~size := #in~size; {5886#true} is VALID [2022-02-20 23:51:00,610 INFO L290 TraceCheckUtils]: 11: Hoare triple {5886#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:00,610 INFO L290 TraceCheckUtils]: 12: Hoare triple {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:00,611 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {5886#true} #198#return; {5931#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|))} is VALID [2022-02-20 23:51:00,611 INFO L290 TraceCheckUtils]: 14: Hoare triple {5931#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,612 INFO L290 TraceCheckUtils]: 15: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,613 INFO L272 TraceCheckUtils]: 16: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {5942#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:00,613 INFO L290 TraceCheckUtils]: 17: Hoare triple {5942#(= |old(#valid)| |#valid|)} ~size := #in~size; {5942#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:00,614 INFO L290 TraceCheckUtils]: 18: Hoare triple {5942#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5949#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:00,615 INFO L290 TraceCheckUtils]: 19: Hoare triple {5949#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {5949#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:00,616 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {5949#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} #200#return; {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,616 INFO L290 TraceCheckUtils]: 21: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} assume !(1bv1 == #valid[entry_point_~intf~2#1.base]); {5887#false} is VALID [2022-02-20 23:51:00,616 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:00,616 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:00,834 INFO L290 TraceCheckUtils]: 21: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} assume !(1bv1 == #valid[entry_point_~intf~2#1.base]); {5887#false} is VALID [2022-02-20 23:51:00,835 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} #200#return; {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,836 INFO L290 TraceCheckUtils]: 19: Hoare triple {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} assume true; {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:51:00,837 INFO L290 TraceCheckUtils]: 18: Hoare triple {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:51:00,838 INFO L290 TraceCheckUtils]: 17: Hoare triple {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} ~size := #in~size; {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:51:00,838 INFO L272 TraceCheckUtils]: 16: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {5965#(forall ((|v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~intf~2#1.base_BEFORE_CALL_2|) (_ bv1 1))))} is VALID [2022-02-20 23:51:00,838 INFO L290 TraceCheckUtils]: 15: Hoare triple {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,839 INFO L290 TraceCheckUtils]: 14: Hoare triple {5931#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {5935#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|))} is VALID [2022-02-20 23:51:00,840 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {5886#true} #198#return; {5931#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|))} is VALID [2022-02-20 23:51:00,840 INFO L290 TraceCheckUtils]: 12: Hoare triple {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 11: Hoare triple {5886#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5924#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 10: Hoare triple {5886#true} ~size := #in~size; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L272 TraceCheckUtils]: 9: Hoare triple {5886#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 8: Hoare triple {5886#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 7: Hoare triple {5886#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5886#true} {5886#true} #196#return; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 5: Hoare triple {5886#true} assume true; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 4: Hoare triple {5886#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 3: Hoare triple {5886#true} ~size := #in~size; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L272 TraceCheckUtils]: 2: Hoare triple {5886#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 1: Hoare triple {5886#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {5886#true} is VALID [2022-02-20 23:51:00,841 INFO L290 TraceCheckUtils]: 0: Hoare triple {5886#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5886#true} is VALID [2022-02-20 23:51:00,842 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:00,842 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:00,842 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1936003327] [2022-02-20 23:51:00,842 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1936003327] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:51:00,842 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:00,842 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 5] total 7 [2022-02-20 23:51:00,842 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [343041019] [2022-02-20 23:51:00,842 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:00,843 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 22 [2022-02-20 23:51:00,843 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:00,843 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:51:00,864 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:00,864 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:51:00,864 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:00,864 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:51:00,865 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:00,865 INFO L87 Difference]: Start difference. First operand 156 states and 180 transitions. Second operand has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:51:01,934 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:01,934 INFO L93 Difference]: Finished difference Result 199 states and 223 transitions. [2022-02-20 23:51:01,934 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:01,935 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 22 [2022-02-20 23:51:01,935 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:01,935 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:51:01,936 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 202 transitions. [2022-02-20 23:51:01,936 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:51:01,938 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 202 transitions. [2022-02-20 23:51:01,938 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 202 transitions. [2022-02-20 23:51:02,104 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 202 edges. 202 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:02,106 INFO L225 Difference]: With dead ends: 199 [2022-02-20 23:51:02,106 INFO L226 Difference]: Without dead ends: 199 [2022-02-20 23:51:02,106 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 33 SyntacticMatches, 3 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:51:02,107 INFO L933 BasicCegarLoop]: 108 mSDtfsCounter, 102 mSDsluCounter, 299 mSDsCounter, 0 mSdLazyCounter, 219 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 407 SdHoareTripleChecker+Invalid, 301 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 219 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 75 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:02,107 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [104 Valid, 407 Invalid, 301 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 219 Invalid, 0 Unknown, 75 Unchecked, 0.3s Time] [2022-02-20 23:51:02,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 199 states. [2022-02-20 23:51:02,109 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 199 to 175. [2022-02-20 23:51:02,109 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:02,110 INFO L82 GeneralOperation]: Start isEquivalent. First operand 199 states. Second operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2022-02-20 23:51:02,110 INFO L74 IsIncluded]: Start isIncluded. First operand 199 states. Second operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2022-02-20 23:51:02,110 INFO L87 Difference]: Start difference. First operand 199 states. Second operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2022-02-20 23:51:02,115 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:02,116 INFO L93 Difference]: Finished difference Result 199 states and 223 transitions. [2022-02-20 23:51:02,117 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 223 transitions. [2022-02-20 23:51:02,117 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:02,117 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:02,118 INFO L74 IsIncluded]: Start isIncluded. First operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) Second operand 199 states. [2022-02-20 23:51:02,119 INFO L87 Difference]: Start difference. First operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) Second operand 199 states. [2022-02-20 23:51:02,122 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:02,122 INFO L93 Difference]: Finished difference Result 199 states and 223 transitions. [2022-02-20 23:51:02,122 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 223 transitions. [2022-02-20 23:51:02,122 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:02,122 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:02,122 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:02,122 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:02,129 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 175 states, 116 states have (on average 1.6810344827586208) internal successors, (195), 161 states have internal predecessors, (195), 6 states have call successors, (6), 5 states have call predecessors, (6), 6 states have return successors, (8), 8 states have call predecessors, (8), 6 states have call successors, (8) [2022-02-20 23:51:02,132 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 175 states to 175 states and 209 transitions. [2022-02-20 23:51:02,133 INFO L78 Accepts]: Start accepts. Automaton has 175 states and 209 transitions. Word has length 22 [2022-02-20 23:51:02,134 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:02,134 INFO L470 AbstractCegarLoop]: Abstraction has 175 states and 209 transitions. [2022-02-20 23:51:02,135 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 7 states have internal predecessors, (18), 2 states have call successors, (4), 3 states have call predecessors, (4), 4 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-02-20 23:51:02,135 INFO L276 IsEmpty]: Start isEmpty. Operand 175 states and 209 transitions. [2022-02-20 23:51:02,136 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-02-20 23:51:02,136 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:02,136 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:02,148 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:02,343 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:02,343 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:02,344 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:02,344 INFO L85 PathProgramCache]: Analyzing trace with hash 204799579, now seen corresponding path program 1 times [2022-02-20 23:51:02,344 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:02,344 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1732027192] [2022-02-20 23:51:02,344 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:02,344 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:02,344 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:02,345 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:02,346 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 23:51:02,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:02,413 INFO L263 TraceCheckSpWp]: Trace formula consists of 77 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:51:02,428 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:02,429 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:02,458 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:02,463 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:02,616 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:02,617 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:02,625 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:02,625 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:02,645 INFO L290 TraceCheckUtils]: 0: Hoare triple {6796#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6796#true} is VALID [2022-02-20 23:51:02,645 INFO L290 TraceCheckUtils]: 1: Hoare triple {6796#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {6796#true} is VALID [2022-02-20 23:51:02,645 INFO L272 TraceCheckUtils]: 2: Hoare triple {6796#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 3: Hoare triple {6796#true} ~size := #in~size; {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 4: Hoare triple {6796#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 5: Hoare triple {6796#true} assume true; {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6796#true} {6796#true} #196#return; {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 7: Hoare triple {6796#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 8: Hoare triple {6796#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L272 TraceCheckUtils]: 9: Hoare triple {6796#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {6796#true} is VALID [2022-02-20 23:51:02,646 INFO L290 TraceCheckUtils]: 10: Hoare triple {6796#true} ~size := #in~size; {6831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:51:02,647 INFO L290 TraceCheckUtils]: 11: Hoare triple {6831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:02,648 INFO L290 TraceCheckUtils]: 12: Hoare triple {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:02,648 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {6796#true} #198#return; {6842#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret54#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|)))} is VALID [2022-02-20 23:51:02,649 INFO L290 TraceCheckUtils]: 14: Hoare triple {6842#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret54#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:02,649 INFO L290 TraceCheckUtils]: 15: Hoare triple {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:02,650 INFO L272 TraceCheckUtils]: 16: Hoare triple {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:02,650 INFO L290 TraceCheckUtils]: 17: Hoare triple {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:02,651 INFO L290 TraceCheckUtils]: 18: Hoare triple {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:02,651 INFO L290 TraceCheckUtils]: 19: Hoare triple {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:02,653 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} #200#return; {6867#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:02,653 INFO L290 TraceCheckUtils]: 21: Hoare triple {6867#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset)), #length[entry_point_~intf~2#1.base]) && ~bvule32(~bvadd32(4bv32, entry_point_~intf~2#1.offset), ~bvadd32(4bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset)))) && ~bvule32(0bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset))); {6797#false} is VALID [2022-02-20 23:51:02,653 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:51:02,653 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:02,848 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:02,848 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1732027192] [2022-02-20 23:51:02,848 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1732027192] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:02,848 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1378838787] [2022-02-20 23:51:02,848 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:02,848 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:02,848 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:51:02,850 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:51:02,855 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Waiting until timeout for monitored process [2022-02-20 23:51:02,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:02,948 INFO L263 TraceCheckSpWp]: Trace formula consists of 77 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:51:02,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:02,959 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:02,988 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:02,992 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:03,112 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:03,113 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:03,121 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:03,121 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:03,129 INFO L290 TraceCheckUtils]: 0: Hoare triple {6796#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6796#true} is VALID [2022-02-20 23:51:03,129 INFO L290 TraceCheckUtils]: 1: Hoare triple {6796#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L272 TraceCheckUtils]: 2: Hoare triple {6796#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L290 TraceCheckUtils]: 3: Hoare triple {6796#true} ~size := #in~size; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L290 TraceCheckUtils]: 4: Hoare triple {6796#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L290 TraceCheckUtils]: 5: Hoare triple {6796#true} assume true; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6796#true} {6796#true} #196#return; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L290 TraceCheckUtils]: 7: Hoare triple {6796#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L290 TraceCheckUtils]: 8: Hoare triple {6796#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {6796#true} is VALID [2022-02-20 23:51:03,130 INFO L272 TraceCheckUtils]: 9: Hoare triple {6796#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {6796#true} is VALID [2022-02-20 23:51:03,135 INFO L290 TraceCheckUtils]: 10: Hoare triple {6796#true} ~size := #in~size; {6831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:51:03,137 INFO L290 TraceCheckUtils]: 11: Hoare triple {6831#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:03,137 INFO L290 TraceCheckUtils]: 12: Hoare triple {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:03,138 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {6835#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {6796#true} #198#return; {6842#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret54#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|)))} is VALID [2022-02-20 23:51:03,138 INFO L290 TraceCheckUtils]: 14: Hoare triple {6842#(and (= (select |#length| |ULTIMATE.start_entry_point_#t~ret54#1.base|) (_ bv20 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret54#1.base|)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:03,139 INFO L290 TraceCheckUtils]: 15: Hoare triple {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:03,140 INFO L272 TraceCheckUtils]: 16: Hoare triple {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:03,140 INFO L290 TraceCheckUtils]: 17: Hoare triple {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:03,141 INFO L290 TraceCheckUtils]: 18: Hoare triple {6853#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:03,142 INFO L290 TraceCheckUtils]: 19: Hoare triple {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:03,143 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {6860#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_33 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_33) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {6846#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_~intf~2#1.base|)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} #200#return; {6867#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} is VALID [2022-02-20 23:51:03,143 INFO L290 TraceCheckUtils]: 21: Hoare triple {6867#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= (_ bv20 32) (select |#length| |ULTIMATE.start_entry_point_~intf~2#1.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset)), #length[entry_point_~intf~2#1.base]) && ~bvule32(~bvadd32(4bv32, entry_point_~intf~2#1.offset), ~bvadd32(4bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset)))) && ~bvule32(0bv32, ~bvadd32(4bv32, entry_point_~intf~2#1.offset))); {6797#false} is VALID [2022-02-20 23:51:03,144 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-02-20 23:51:03,144 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:03,311 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1378838787] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:03,311 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:03,311 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 8 [2022-02-20 23:51:03,312 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [732602937] [2022-02-20 23:51:03,312 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:03,312 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2022-02-20 23:51:03,312 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:03,312 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:03,331 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:03,331 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:51:03,332 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:03,332 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:51:03,332 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=87, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:51:03,332 INFO L87 Difference]: Start difference. First operand 175 states and 209 transitions. Second operand has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:09,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:09,103 INFO L93 Difference]: Finished difference Result 316 states and 361 transitions. [2022-02-20 23:51:09,103 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:51:09,103 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2022-02-20 23:51:09,103 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:09,104 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:09,106 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 310 transitions. [2022-02-20 23:51:09,106 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:09,109 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 310 transitions. [2022-02-20 23:51:09,109 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 310 transitions. [2022-02-20 23:51:09,443 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 310 edges. 310 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:09,447 INFO L225 Difference]: With dead ends: 316 [2022-02-20 23:51:09,447 INFO L226 Difference]: Without dead ends: 316 [2022-02-20 23:51:09,447 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 36 SyntacticMatches, 2 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=32, Invalid=124, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:51:09,448 INFO L933 BasicCegarLoop]: 195 mSDtfsCounter, 152 mSDsluCounter, 864 mSDsCounter, 0 mSdLazyCounter, 708 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 154 SdHoareTripleChecker+Valid, 1059 SdHoareTripleChecker+Invalid, 825 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 708 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 96 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:09,448 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [154 Valid, 1059 Invalid, 825 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 708 Invalid, 0 Unknown, 96 Unchecked, 1.1s Time] [2022-02-20 23:51:09,449 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 316 states. [2022-02-20 23:51:09,452 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 316 to 246. [2022-02-20 23:51:09,453 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:09,453 INFO L82 GeneralOperation]: Start isEquivalent. First operand 316 states. Second operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:09,453 INFO L74 IsIncluded]: Start isIncluded. First operand 316 states. Second operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:09,454 INFO L87 Difference]: Start difference. First operand 316 states. Second operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:09,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:09,459 INFO L93 Difference]: Finished difference Result 316 states and 361 transitions. [2022-02-20 23:51:09,459 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 361 transitions. [2022-02-20 23:51:09,464 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:09,465 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:09,465 INFO L74 IsIncluded]: Start isIncluded. First operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) Second operand 316 states. [2022-02-20 23:51:09,467 INFO L87 Difference]: Start difference. First operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) Second operand 316 states. [2022-02-20 23:51:09,471 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:09,471 INFO L93 Difference]: Finished difference Result 316 states and 361 transitions. [2022-02-20 23:51:09,471 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 361 transitions. [2022-02-20 23:51:09,472 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:09,472 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:09,472 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:09,472 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:09,473 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 246 states, 185 states have (on average 1.6972972972972973) internal successors, (314), 230 states have internal predecessors, (314), 8 states have call successors, (8), 5 states have call predecessors, (8), 6 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:09,476 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 246 states to 246 states and 332 transitions. [2022-02-20 23:51:09,476 INFO L78 Accepts]: Start accepts. Automaton has 246 states and 332 transitions. Word has length 22 [2022-02-20 23:51:09,476 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:09,476 INFO L470 AbstractCegarLoop]: Abstraction has 246 states and 332 transitions. [2022-02-20 23:51:09,476 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 2.0) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:09,476 INFO L276 IsEmpty]: Start isEmpty. Operand 246 states and 332 transitions. [2022-02-20 23:51:09,476 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-02-20 23:51:09,477 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:09,477 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:09,482 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (11)] Ended with exit code 0 [2022-02-20 23:51:09,686 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:09,886 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:09,886 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr47ASSERT_VIOLATIONMEMORY_LEAK === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:09,886 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:09,886 INFO L85 PathProgramCache]: Analyzing trace with hash 852130837, now seen corresponding path program 1 times [2022-02-20 23:51:09,886 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:09,887 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [169622466] [2022-02-20 23:51:09,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:09,887 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:09,887 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:09,888 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:09,889 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-20 23:51:09,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:09,961 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:51:09,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:09,997 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:10,196 INFO L290 TraceCheckUtils]: 0: Hoare triple {8146#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8146#true} is VALID [2022-02-20 23:51:10,197 INFO L290 TraceCheckUtils]: 1: Hoare triple {8146#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {8154#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:51:10,197 INFO L272 TraceCheckUtils]: 2: Hoare triple {8154#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,198 INFO L290 TraceCheckUtils]: 3: Hoare triple {8158#(= |old(#valid)| |#valid|)} ~size := #in~size; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,199 INFO L290 TraceCheckUtils]: 4: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:51:10,199 INFO L290 TraceCheckUtils]: 5: Hoare triple {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:51:10,201 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {8154#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #196#return; {8172#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,201 INFO L290 TraceCheckUtils]: 7: Hoare triple {8172#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base| v_ArrVal_52))))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,202 INFO L290 TraceCheckUtils]: 8: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,203 INFO L272 TraceCheckUtils]: 9: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,203 INFO L290 TraceCheckUtils]: 10: Hoare triple {8158#(= |old(#valid)| |#valid|)} ~size := #in~size; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,203 INFO L290 TraceCheckUtils]: 11: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,204 INFO L290 TraceCheckUtils]: 12: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume true; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:10,205 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {8158#(= |old(#valid)| |#valid|)} {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} #198#return; {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,206 INFO L290 TraceCheckUtils]: 14: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,206 INFO L290 TraceCheckUtils]: 15: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,207 INFO L290 TraceCheckUtils]: 16: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} assume 0bv32 == entry_point_~hdev~0#1.offset; {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,208 INFO L290 TraceCheckUtils]: 17: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} assume ~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} is VALID [2022-02-20 23:51:10,208 INFO L290 TraceCheckUtils]: 18: Hoare triple {8176#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))))} assume 0bv32 == entry_point_~hdev~0#1.base || 1bv1 == #valid[entry_point_~hdev~0#1.base];call ULTIMATE.dealloc(entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset); {8210#(exists ((|ULTIMATE.start_entry_point_~hdev~0#1.base| (_ BitVec 32))) (and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 1)) |#valid|)))} is VALID [2022-02-20 23:51:10,209 INFO L290 TraceCheckUtils]: 19: Hoare triple {8210#(exists ((|ULTIMATE.start_entry_point_~hdev~0#1.base| (_ BitVec 32))) (and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 1)) |#valid|)))} assume { :end_inline_entry_point } true; {8210#(exists ((|ULTIMATE.start_entry_point_~hdev~0#1.base| (_ BitVec 32))) (and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 1)) |#valid|)))} is VALID [2022-02-20 23:51:10,210 INFO L290 TraceCheckUtils]: 20: Hoare triple {8210#(exists ((|ULTIMATE.start_entry_point_~hdev~0#1.base| (_ BitVec 32))) (and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 1)) |#valid|)))} assume !(#valid == main_old_#valid#1); {8147#false} is VALID [2022-02-20 23:51:10,210 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:10,210 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:14,397 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:14,397 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [169622466] [2022-02-20 23:51:14,397 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [169622466] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:14,397 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [105786868] [2022-02-20 23:51:14,397 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:14,397 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:14,397 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:51:14,398 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:51:14,399 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (13)] Waiting until timeout for monitored process [2022-02-20 23:51:14,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:14,481 INFO L263 TraceCheckSpWp]: Trace formula consists of 60 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:51:14,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:14,493 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:14,840 INFO L290 TraceCheckUtils]: 0: Hoare triple {8146#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8265#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} is VALID [2022-02-20 23:51:14,841 INFO L290 TraceCheckUtils]: 1: Hoare triple {8265#(= (_ bv0 1) (select |#valid| (_ bv0 32)))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,842 INFO L272 TraceCheckUtils]: 2: Hoare triple {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,843 INFO L290 TraceCheckUtils]: 3: Hoare triple {8158#(= |old(#valid)| |#valid|)} ~size := #in~size; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,844 INFO L290 TraceCheckUtils]: 4: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:51:14,845 INFO L290 TraceCheckUtils]: 5: Hoare triple {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} assume true; {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} is VALID [2022-02-20 23:51:14,847 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8165#(and (exists ((v_ArrVal_52 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_52) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)))} {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} #196#return; {8285#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,848 INFO L290 TraceCheckUtils]: 7: Hoare triple {8285#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_#t~ret53#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,849 INFO L290 TraceCheckUtils]: 8: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,849 INFO L272 TraceCheckUtils]: 9: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,850 INFO L290 TraceCheckUtils]: 10: Hoare triple {8158#(= |old(#valid)| |#valid|)} ~size := #in~size; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,850 INFO L290 TraceCheckUtils]: 11: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,850 INFO L290 TraceCheckUtils]: 12: Hoare triple {8158#(= |old(#valid)| |#valid|)} assume true; {8158#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:14,851 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {8158#(= |old(#valid)| |#valid|)} {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} #198#return; {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,852 INFO L290 TraceCheckUtils]: 14: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,852 INFO L290 TraceCheckUtils]: 15: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32; {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,853 INFO L290 TraceCheckUtils]: 16: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~hdev~0#1.offset; {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,854 INFO L290 TraceCheckUtils]: 17: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume ~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,854 INFO L290 TraceCheckUtils]: 18: Hoare triple {8289#(and (= (bvneg (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv0 1)) (exists ((v_ArrVal_52 (_ BitVec 1))) (= |#valid| (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~hdev~0#1.base| v_ArrVal_52))) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| (_ bv0 32))))} assume 0bv32 == entry_point_~hdev~0#1.base || 1bv1 == #valid[entry_point_~hdev~0#1.base];call ULTIMATE.dealloc(entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset); {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,855 INFO L290 TraceCheckUtils]: 19: Hoare triple {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume { :end_inline_entry_point } true; {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} is VALID [2022-02-20 23:51:14,855 INFO L290 TraceCheckUtils]: 20: Hoare triple {8269#(and (= |#valid| |ULTIMATE.start_main_old_#valid#1|) (= (_ bv0 1) (select |#valid| (_ bv0 32))))} assume !(#valid == main_old_#valid#1); {8147#false} is VALID [2022-02-20 23:51:14,856 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:14,856 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:19,025 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [105786868] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:19,025 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:19,025 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6] total 11 [2022-02-20 23:51:19,025 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [225172624] [2022-02-20 23:51:19,025 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:19,026 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 21 [2022-02-20 23:51:19,026 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:19,026 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:19,058 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:19,058 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:51:19,058 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:19,059 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:51:19,059 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=166, Unknown=2, NotChecked=0, Total=210 [2022-02-20 23:51:19,059 INFO L87 Difference]: Start difference. First operand 246 states and 332 transitions. Second operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:20,501 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:20,501 INFO L93 Difference]: Finished difference Result 252 states and 336 transitions. [2022-02-20 23:51:20,501 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:51:20,501 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 21 [2022-02-20 23:51:20,501 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:20,501 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:20,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 158 transitions. [2022-02-20 23:51:20,502 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:20,503 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 158 transitions. [2022-02-20 23:51:20,503 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 158 transitions. [2022-02-20 23:51:20,634 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 158 edges. 158 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:20,637 INFO L225 Difference]: With dead ends: 252 [2022-02-20 23:51:20,637 INFO L226 Difference]: Without dead ends: 247 [2022-02-20 23:51:20,637 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 72 GetRequests, 52 SyntacticMatches, 5 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 2 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 8.3s TimeCoverageRelationStatistics Valid=50, Invalid=220, Unknown=2, NotChecked=0, Total=272 [2022-02-20 23:51:20,637 INFO L933 BasicCegarLoop]: 137 mSDtfsCounter, 12 mSDsluCounter, 731 mSDsCounter, 0 mSdLazyCounter, 208 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 12 SdHoareTripleChecker+Valid, 868 SdHoareTripleChecker+Invalid, 528 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 208 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 315 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:20,638 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [12 Valid, 868 Invalid, 528 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 208 Invalid, 0 Unknown, 315 Unchecked, 0.3s Time] [2022-02-20 23:51:20,638 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2022-02-20 23:51:20,641 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 245. [2022-02-20 23:51:20,641 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:20,641 INFO L82 GeneralOperation]: Start isEquivalent. First operand 247 states. Second operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:20,641 INFO L74 IsIncluded]: Start isIncluded. First operand 247 states. Second operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:20,642 INFO L87 Difference]: Start difference. First operand 247 states. Second operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:20,645 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:20,645 INFO L93 Difference]: Finished difference Result 247 states and 331 transitions. [2022-02-20 23:51:20,645 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 331 transitions. [2022-02-20 23:51:20,646 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:20,646 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:20,646 INFO L74 IsIncluded]: Start isIncluded. First operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) Second operand 247 states. [2022-02-20 23:51:20,646 INFO L87 Difference]: Start difference. First operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) Second operand 247 states. [2022-02-20 23:51:20,650 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:20,650 INFO L93 Difference]: Finished difference Result 247 states and 331 transitions. [2022-02-20 23:51:20,650 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 331 transitions. [2022-02-20 23:51:20,650 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:20,650 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:20,651 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:20,651 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:20,651 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 183 states have (on average 1.6994535519125684) internal successors, (311), 229 states have internal predecessors, (311), 8 states have call successors, (8), 5 states have call predecessors, (8), 7 states have return successors, (10), 10 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:51:20,658 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 329 transitions. [2022-02-20 23:51:20,659 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 329 transitions. Word has length 21 [2022-02-20 23:51:20,659 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:20,659 INFO L470 AbstractCegarLoop]: Abstraction has 245 states and 329 transitions. [2022-02-20 23:51:20,659 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 2.7) internal successors, (27), 10 states have internal predecessors, (27), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:20,659 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 329 transitions. [2022-02-20 23:51:20,660 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-02-20 23:51:20,660 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:20,660 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:20,662 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (13)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:20,868 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Ended with exit code 0 [2022-02-20 23:51:21,068 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:21,068 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:21,068 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:21,068 INFO L85 PathProgramCache]: Analyzing trace with hash -1592151781, now seen corresponding path program 1 times [2022-02-20 23:51:21,068 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:21,068 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [900849254] [2022-02-20 23:51:21,068 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:21,069 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:21,069 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:21,069 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:21,070 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2022-02-20 23:51:21,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:21,117 INFO L263 TraceCheckSpWp]: Trace formula consists of 71 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:51:21,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:21,125 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:21,197 INFO L290 TraceCheckUtils]: 0: Hoare triple {9368#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {9368#true} is VALID [2022-02-20 23:51:21,197 INFO L290 TraceCheckUtils]: 1: Hoare triple {9368#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {9368#true} is VALID [2022-02-20 23:51:21,197 INFO L272 TraceCheckUtils]: 2: Hoare triple {9368#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {9368#true} is VALID [2022-02-20 23:51:21,197 INFO L290 TraceCheckUtils]: 3: Hoare triple {9368#true} ~size := #in~size; {9368#true} is VALID [2022-02-20 23:51:21,197 INFO L290 TraceCheckUtils]: 4: Hoare triple {9368#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9368#true} is VALID [2022-02-20 23:51:21,197 INFO L290 TraceCheckUtils]: 5: Hoare triple {9368#true} assume true; {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {9368#true} {9368#true} #196#return; {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L290 TraceCheckUtils]: 7: Hoare triple {9368#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L290 TraceCheckUtils]: 8: Hoare triple {9368#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L272 TraceCheckUtils]: 9: Hoare triple {9368#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L290 TraceCheckUtils]: 10: Hoare triple {9368#true} ~size := #in~size; {9368#true} is VALID [2022-02-20 23:51:21,198 INFO L290 TraceCheckUtils]: 11: Hoare triple {9368#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {9406#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:21,199 INFO L290 TraceCheckUtils]: 12: Hoare triple {9406#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {9406#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:21,199 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {9406#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {9368#true} #198#return; {9413#(and (= |ULTIMATE.start_entry_point_#t~ret54#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:21,200 INFO L290 TraceCheckUtils]: 14: Hoare triple {9413#(and (= |ULTIMATE.start_entry_point_#t~ret54#1.base| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret54#1.offset| (_ bv0 32)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {9417#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~intf~2#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:21,200 INFO L290 TraceCheckUtils]: 15: Hoare triple {9417#(and (= |ULTIMATE.start_entry_point_~intf~2#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~intf~2#1.base| (_ bv0 32)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {9369#false} is VALID [2022-02-20 23:51:21,200 INFO L272 TraceCheckUtils]: 16: Hoare triple {9369#false} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {9369#false} is VALID [2022-02-20 23:51:21,200 INFO L290 TraceCheckUtils]: 17: Hoare triple {9369#false} ~size := #in~size; {9369#false} is VALID [2022-02-20 23:51:21,201 INFO L290 TraceCheckUtils]: 18: Hoare triple {9369#false} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9369#false} is VALID [2022-02-20 23:51:21,201 INFO L290 TraceCheckUtils]: 19: Hoare triple {9369#false} assume true; {9369#false} is VALID [2022-02-20 23:51:21,201 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {9369#false} {9369#false} #200#return; {9369#false} is VALID [2022-02-20 23:51:21,201 INFO L290 TraceCheckUtils]: 21: Hoare triple {9369#false} assume !(1bv1 == #valid[entry_point_~intf~2#1.base]); {9369#false} is VALID [2022-02-20 23:51:21,201 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 10 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:21,201 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:21,201 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:21,201 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [900849254] [2022-02-20 23:51:21,202 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [900849254] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:21,202 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:21,202 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:51:21,202 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2127986223] [2022-02-20 23:51:21,202 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:21,202 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2022-02-20 23:51:21,203 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:21,203 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:21,218 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:21,219 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:51:21,219 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:21,219 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:51:21,219 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:21,219 INFO L87 Difference]: Start difference. First operand 245 states and 329 transitions. Second operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:21,726 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:21,727 INFO L93 Difference]: Finished difference Result 154 states and 173 transitions. [2022-02-20 23:51:21,727 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:21,727 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 22 [2022-02-20 23:51:21,727 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:21,727 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:21,729 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 140 transitions. [2022-02-20 23:51:21,729 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:21,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 140 transitions. [2022-02-20 23:51:21,735 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 140 transitions. [2022-02-20 23:51:21,835 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 140 edges. 140 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:21,838 INFO L225 Difference]: With dead ends: 154 [2022-02-20 23:51:21,838 INFO L226 Difference]: Without dead ends: 150 [2022-02-20 23:51:21,838 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:21,839 INFO L933 BasicCegarLoop]: 138 mSDtfsCounter, 0 mSDsluCounter, 394 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 532 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:21,839 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 532 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:51:21,840 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-02-20 23:51:21,841 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 148. [2022-02-20 23:51:21,841 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:21,842 INFO L82 GeneralOperation]: Start isEquivalent. First operand 150 states. Second operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:51:21,842 INFO L74 IsIncluded]: Start isIncluded. First operand 150 states. Second operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:51:21,842 INFO L87 Difference]: Start difference. First operand 150 states. Second operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:51:21,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:21,844 INFO L93 Difference]: Finished difference Result 150 states and 169 transitions. [2022-02-20 23:51:21,844 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 169 transitions. [2022-02-20 23:51:21,844 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:21,844 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:21,845 INFO L74 IsIncluded]: Start isIncluded. First operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Second operand 150 states. [2022-02-20 23:51:21,845 INFO L87 Difference]: Start difference. First operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Second operand 150 states. [2022-02-20 23:51:21,846 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:21,847 INFO L93 Difference]: Finished difference Result 150 states and 169 transitions. [2022-02-20 23:51:21,847 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 169 transitions. [2022-02-20 23:51:21,847 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:21,847 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:21,847 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:21,847 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:21,847 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 98 states have (on average 1.6020408163265305) internal successors, (157), 138 states have internal predecessors, (157), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2022-02-20 23:51:21,849 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 167 transitions. [2022-02-20 23:51:21,849 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 167 transitions. Word has length 22 [2022-02-20 23:51:21,849 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:21,849 INFO L470 AbstractCegarLoop]: Abstraction has 148 states and 167 transitions. [2022-02-20 23:51:21,849 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.0) internal successors, (15), 4 states have internal predecessors, (15), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:21,849 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 167 transitions. [2022-02-20 23:51:21,851 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:51:21,851 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:21,851 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:21,860 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:22,058 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:22,058 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr42ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:22,059 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:22,059 INFO L85 PathProgramCache]: Analyzing trace with hash 2097726863, now seen corresponding path program 1 times [2022-02-20 23:51:22,059 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:22,059 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [703560029] [2022-02-20 23:51:22,059 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:22,059 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:22,059 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:22,060 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:22,062 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-20 23:51:22,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:22,162 INFO L263 TraceCheckSpWp]: Trace formula consists of 100 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:51:22,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:22,171 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:22,233 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:22,269 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 8 [2022-02-20 23:51:22,290 INFO L290 TraceCheckUtils]: 0: Hoare triple {10040#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10040#true} is VALID [2022-02-20 23:51:22,290 INFO L290 TraceCheckUtils]: 1: Hoare triple {10040#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {10040#true} is VALID [2022-02-20 23:51:22,290 INFO L272 TraceCheckUtils]: 2: Hoare triple {10040#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {10040#true} is VALID [2022-02-20 23:51:22,290 INFO L290 TraceCheckUtils]: 3: Hoare triple {10040#true} ~size := #in~size; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 4: Hoare triple {10040#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 5: Hoare triple {10040#true} assume true; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10040#true} {10040#true} #196#return; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 7: Hoare triple {10040#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 8: Hoare triple {10040#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L272 TraceCheckUtils]: 9: Hoare triple {10040#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 10: Hoare triple {10040#true} ~size := #in~size; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 11: Hoare triple {10040#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10040#true} is VALID [2022-02-20 23:51:22,291 INFO L290 TraceCheckUtils]: 12: Hoare triple {10040#true} assume true; {10040#true} is VALID [2022-02-20 23:51:22,292 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {10040#true} {10040#true} #198#return; {10040#true} is VALID [2022-02-20 23:51:22,292 INFO L290 TraceCheckUtils]: 14: Hoare triple {10040#true} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {10040#true} is VALID [2022-02-20 23:51:22,292 INFO L290 TraceCheckUtils]: 15: Hoare triple {10040#true} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {10040#true} is VALID [2022-02-20 23:51:22,292 INFO L272 TraceCheckUtils]: 16: Hoare triple {10040#true} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {10040#true} is VALID [2022-02-20 23:51:22,292 INFO L290 TraceCheckUtils]: 17: Hoare triple {10040#true} ~size := #in~size; {10040#true} is VALID [2022-02-20 23:51:22,293 INFO L290 TraceCheckUtils]: 18: Hoare triple {10040#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10099#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:22,293 INFO L290 TraceCheckUtils]: 19: Hoare triple {10099#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {10099#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:22,293 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {10099#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {10040#true} #200#return; {10106#(not (= |ULTIMATE.start_entry_point_#t~ret55#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:22,295 INFO L290 TraceCheckUtils]: 21: Hoare triple {10106#(not (= |ULTIMATE.start_entry_point_#t~ret55#1.base| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {10110#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:22,296 INFO L290 TraceCheckUtils]: 22: Hoare triple {10110#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {10110#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:22,296 INFO L290 TraceCheckUtils]: 23: Hoare triple {10110#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {10117#(not (= |ULTIMATE.start_entry_point_#t~mem56#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:22,296 INFO L290 TraceCheckUtils]: 24: Hoare triple {10117#(not (= |ULTIMATE.start_entry_point_#t~mem56#1.base| (_ bv0 32)))} assume entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32;havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {10041#false} is VALID [2022-02-20 23:51:22,297 INFO L290 TraceCheckUtils]: 25: Hoare triple {10041#false} assume 0bv32 == entry_point_~intf~2#1.offset; {10041#false} is VALID [2022-02-20 23:51:22,297 INFO L290 TraceCheckUtils]: 26: Hoare triple {10041#false} assume !~bvult32(entry_point_~intf~2#1.base, #StackHeapBarrier); {10041#false} is VALID [2022-02-20 23:51:22,297 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:22,297 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:22,297 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:22,297 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [703560029] [2022-02-20 23:51:22,297 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [703560029] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:22,297 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:22,297 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:51:22,298 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1913290444] [2022-02-20 23:51:22,298 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:22,298 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:22,298 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:22,298 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:22,315 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:22,316 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:22,316 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:22,316 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:22,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:22,317 INFO L87 Difference]: Start difference. First operand 148 states and 167 transitions. Second operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:23,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:23,103 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:23,103 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:23,103 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:23,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:23,104 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:23,104 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 146 transitions. [2022-02-20 23:51:23,105 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:23,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 146 transitions. [2022-02-20 23:51:23,105 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 146 transitions. [2022-02-20 23:51:23,234 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 146 edges. 146 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:23,236 INFO L225 Difference]: With dead ends: 158 [2022-02-20 23:51:23,236 INFO L226 Difference]: Without dead ends: 158 [2022-02-20 23:51:23,236 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:23,236 INFO L933 BasicCegarLoop]: 130 mSDtfsCounter, 5 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 5 SdHoareTripleChecker+Valid, 624 SdHoareTripleChecker+Invalid, 51 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:23,236 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [5 Valid, 624 Invalid, 51 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:51:23,237 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-02-20 23:51:23,238 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 154. [2022-02-20 23:51:23,238 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:23,238 INFO L82 GeneralOperation]: Start isEquivalent. First operand 158 states. Second operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:23,239 INFO L74 IsIncluded]: Start isIncluded. First operand 158 states. Second operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:23,239 INFO L87 Difference]: Start difference. First operand 158 states. Second operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:23,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:23,240 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:23,240 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 177 transitions. [2022-02-20 23:51:23,241 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:23,241 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:23,241 INFO L74 IsIncluded]: Start isIncluded. First operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 158 states. [2022-02-20 23:51:23,241 INFO L87 Difference]: Start difference. First operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 158 states. [2022-02-20 23:51:23,243 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:23,243 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:23,243 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 177 transitions. [2022-02-20 23:51:23,244 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:23,244 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:23,244 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:23,244 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:23,244 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 154 states, 103 states have (on average 1.5728155339805825) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:23,246 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 173 transitions. [2022-02-20 23:51:23,246 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 173 transitions. Word has length 27 [2022-02-20 23:51:23,246 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:23,246 INFO L470 AbstractCegarLoop]: Abstraction has 154 states and 173 transitions. [2022-02-20 23:51:23,246 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:23,246 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 173 transitions. [2022-02-20 23:51:23,247 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:51:23,247 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:23,247 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:23,255 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Ended with exit code 0 [2022-02-20 23:51:23,453 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:23,453 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr7REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:23,454 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:23,454 INFO L85 PathProgramCache]: Analyzing trace with hash 2097724533, now seen corresponding path program 1 times [2022-02-20 23:51:23,455 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:23,455 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2046717744] [2022-02-20 23:51:23,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:23,455 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:23,455 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:23,456 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:23,458 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-02-20 23:51:23,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:23,518 INFO L263 TraceCheckSpWp]: Trace formula consists of 104 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:51:23,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:23,529 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:23,568 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:23,613 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:23,619 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:23,674 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2022-02-20 23:51:23,684 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2022-02-20 23:51:23,699 INFO L290 TraceCheckUtils]: 0: Hoare triple {10758#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L290 TraceCheckUtils]: 1: Hoare triple {10758#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L272 TraceCheckUtils]: 2: Hoare triple {10758#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L290 TraceCheckUtils]: 3: Hoare triple {10758#true} ~size := #in~size; {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L290 TraceCheckUtils]: 4: Hoare triple {10758#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L290 TraceCheckUtils]: 5: Hoare triple {10758#true} assume true; {10758#true} is VALID [2022-02-20 23:51:23,699 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10758#true} {10758#true} #196#return; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 7: Hoare triple {10758#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 8: Hoare triple {10758#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L272 TraceCheckUtils]: 9: Hoare triple {10758#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 10: Hoare triple {10758#true} ~size := #in~size; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 11: Hoare triple {10758#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 12: Hoare triple {10758#true} assume true; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {10758#true} {10758#true} #198#return; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 14: Hoare triple {10758#true} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L290 TraceCheckUtils]: 15: Hoare triple {10758#true} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {10758#true} is VALID [2022-02-20 23:51:23,700 INFO L272 TraceCheckUtils]: 16: Hoare triple {10758#true} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {10758#true} is VALID [2022-02-20 23:51:23,701 INFO L290 TraceCheckUtils]: 17: Hoare triple {10758#true} ~size := #in~size; {10814#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:51:23,702 INFO L290 TraceCheckUtils]: 18: Hoare triple {10814#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10818#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:23,702 INFO L290 TraceCheckUtils]: 19: Hoare triple {10818#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {10818#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:23,703 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {10818#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {10758#true} #200#return; {10825#(and (= |ULTIMATE.start_entry_point_#t~ret55#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret55#1.base|) (_ bv9 32)))} is VALID [2022-02-20 23:51:23,705 INFO L290 TraceCheckUtils]: 21: Hoare triple {10825#(and (= |ULTIMATE.start_entry_point_#t~ret55#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret55#1.base|) (_ bv9 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:23,705 INFO L290 TraceCheckUtils]: 22: Hoare triple {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:23,706 INFO L290 TraceCheckUtils]: 23: Hoare triple {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:23,706 INFO L290 TraceCheckUtils]: 24: Hoare triple {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:23,711 INFO L290 TraceCheckUtils]: 25: Hoare triple {10829#(and (= (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv9 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {10842#(and (= |ULTIMATE.start_entry_point_#t~mem57#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_#t~mem57#1.base|) (_ bv9 32)))} is VALID [2022-02-20 23:51:23,712 INFO L290 TraceCheckUtils]: 26: Hoare triple {10842#(and (= |ULTIMATE.start_entry_point_#t~mem57#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_#t~mem57#1.base|) (_ bv9 32)))} assume !((~bvule32(~bvadd32(1bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset)), #length[entry_point_#t~mem57#1.base]) && ~bvule32(~bvadd32(7bv32, entry_point_#t~mem57#1.offset), ~bvadd32(1bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset)))) && ~bvule32(0bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset))); {10759#false} is VALID [2022-02-20 23:51:23,712 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-02-20 23:51:23,712 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:23,712 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:23,712 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2046717744] [2022-02-20 23:51:23,712 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2046717744] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:23,712 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:23,712 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:51:23,712 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [241983458] [2022-02-20 23:51:23,712 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:23,713 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:23,713 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:23,713 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:23,735 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:23,735 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:51:23,735 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:23,736 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:51:23,736 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:51:23,736 INFO L87 Difference]: Start difference. First operand 154 states and 173 transitions. Second operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:25,174 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:25,174 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:25,174 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:51:25,174 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:25,174 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:25,174 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:25,175 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 146 transitions. [2022-02-20 23:51:25,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:25,176 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 146 transitions. [2022-02-20 23:51:25,176 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 146 transitions. [2022-02-20 23:51:25,307 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 146 edges. 146 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:25,309 INFO L225 Difference]: With dead ends: 158 [2022-02-20 23:51:25,309 INFO L226 Difference]: Without dead ends: 158 [2022-02-20 23:51:25,309 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=23, Invalid=67, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:51:25,309 INFO L933 BasicCegarLoop]: 126 mSDtfsCounter, 8 mSDsluCounter, 495 mSDsCounter, 0 mSdLazyCounter, 184 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 621 SdHoareTripleChecker+Invalid, 185 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 184 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:25,310 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [8 Valid, 621 Invalid, 185 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 184 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-02-20 23:51:25,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-02-20 23:51:25,312 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 156. [2022-02-20 23:51:25,312 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:25,312 INFO L82 GeneralOperation]: Start isEquivalent. First operand 158 states. Second operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:25,313 INFO L74 IsIncluded]: Start isIncluded. First operand 158 states. Second operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:25,313 INFO L87 Difference]: Start difference. First operand 158 states. Second operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:25,316 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:25,316 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:25,316 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 177 transitions. [2022-02-20 23:51:25,316 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:25,316 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:25,320 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 158 states. [2022-02-20 23:51:25,320 INFO L87 Difference]: Start difference. First operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 158 states. [2022-02-20 23:51:25,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:25,322 INFO L93 Difference]: Finished difference Result 158 states and 177 transitions. [2022-02-20 23:51:25,322 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 177 transitions. [2022-02-20 23:51:25,322 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:25,323 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:25,323 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:25,323 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:25,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 105 states have (on average 1.5714285714285714) internal successors, (165), 145 states have internal predecessors, (165), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:25,325 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 176 transitions. [2022-02-20 23:51:25,325 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 176 transitions. Word has length 27 [2022-02-20 23:51:25,325 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:25,326 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 176 transitions. [2022-02-20 23:51:25,326 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 3.0) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:25,326 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 176 transitions. [2022-02-20 23:51:25,327 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:51:25,327 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:25,327 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:25,335 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Ended with exit code 0 [2022-02-20 23:51:25,535 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:25,538 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr6REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:25,538 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:25,538 INFO L85 PathProgramCache]: Analyzing trace with hash 2097724532, now seen corresponding path program 1 times [2022-02-20 23:51:25,538 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:25,538 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1139495154] [2022-02-20 23:51:25,538 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:25,539 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:25,539 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:25,540 INFO L229 MonitoredProcess]: Starting monitored process 17 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:25,541 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-02-20 23:51:25,595 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:25,597 INFO L263 TraceCheckSpWp]: Trace formula consists of 104 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:51:25,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:25,606 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:25,638 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:25,658 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:25,702 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2022-02-20 23:51:25,709 INFO L290 TraceCheckUtils]: 0: Hoare triple {11481#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {11481#true} is VALID [2022-02-20 23:51:25,710 INFO L290 TraceCheckUtils]: 1: Hoare triple {11481#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {11481#true} is VALID [2022-02-20 23:51:25,710 INFO L272 TraceCheckUtils]: 2: Hoare triple {11481#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {11481#true} is VALID [2022-02-20 23:51:25,711 INFO L290 TraceCheckUtils]: 3: Hoare triple {11481#true} ~size := #in~size; {11481#true} is VALID [2022-02-20 23:51:25,711 INFO L290 TraceCheckUtils]: 4: Hoare triple {11481#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L290 TraceCheckUtils]: 5: Hoare triple {11481#true} assume true; {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {11481#true} {11481#true} #196#return; {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L290 TraceCheckUtils]: 7: Hoare triple {11481#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L290 TraceCheckUtils]: 8: Hoare triple {11481#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L272 TraceCheckUtils]: 9: Hoare triple {11481#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {11481#true} is VALID [2022-02-20 23:51:25,712 INFO L290 TraceCheckUtils]: 10: Hoare triple {11481#true} ~size := #in~size; {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L290 TraceCheckUtils]: 11: Hoare triple {11481#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L290 TraceCheckUtils]: 12: Hoare triple {11481#true} assume true; {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {11481#true} {11481#true} #198#return; {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L290 TraceCheckUtils]: 14: Hoare triple {11481#true} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L290 TraceCheckUtils]: 15: Hoare triple {11481#true} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L272 TraceCheckUtils]: 16: Hoare triple {11481#true} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {11481#true} is VALID [2022-02-20 23:51:25,713 INFO L290 TraceCheckUtils]: 17: Hoare triple {11481#true} ~size := #in~size; {11481#true} is VALID [2022-02-20 23:51:25,714 INFO L290 TraceCheckUtils]: 18: Hoare triple {11481#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11540#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:25,715 INFO L290 TraceCheckUtils]: 19: Hoare triple {11540#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {11540#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:25,715 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {11540#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {11481#true} #200#return; {11547#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret55#1.base|))} is VALID [2022-02-20 23:51:25,717 INFO L290 TraceCheckUtils]: 21: Hoare triple {11547#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret55#1.base|))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} is VALID [2022-02-20 23:51:25,717 INFO L290 TraceCheckUtils]: 22: Hoare triple {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} is VALID [2022-02-20 23:51:25,717 INFO L290 TraceCheckUtils]: 23: Hoare triple {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} is VALID [2022-02-20 23:51:25,717 INFO L290 TraceCheckUtils]: 24: Hoare triple {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} is VALID [2022-02-20 23:51:25,718 INFO L290 TraceCheckUtils]: 25: Hoare triple {11551#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {11564#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem57#1.base|))} is VALID [2022-02-20 23:51:25,718 INFO L290 TraceCheckUtils]: 26: Hoare triple {11564#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~mem57#1.base|))} assume !(1bv1 == #valid[entry_point_#t~mem57#1.base]); {11482#false} is VALID [2022-02-20 23:51:25,718 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:25,718 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:25,719 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:25,719 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1139495154] [2022-02-20 23:51:25,719 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1139495154] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:25,719 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:25,719 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:51:25,719 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1518834712] [2022-02-20 23:51:25,719 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:25,720 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:25,720 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:25,720 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:25,737 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:25,737 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:25,737 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:25,738 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:25,738 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:25,738 INFO L87 Difference]: Start difference. First operand 156 states and 176 transitions. Second operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:26,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:26,804 INFO L93 Difference]: Finished difference Result 156 states and 175 transitions. [2022-02-20 23:51:26,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:51:26,804 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:26,804 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:26,804 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:26,805 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 144 transitions. [2022-02-20 23:51:26,805 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:26,806 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 144 transitions. [2022-02-20 23:51:26,806 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 144 transitions. [2022-02-20 23:51:26,916 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 144 edges. 144 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:26,918 INFO L225 Difference]: With dead ends: 156 [2022-02-20 23:51:26,918 INFO L226 Difference]: Without dead ends: 156 [2022-02-20 23:51:26,918 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:26,919 INFO L933 BasicCegarLoop]: 131 mSDtfsCounter, 2 mSDsluCounter, 336 mSDsCounter, 0 mSdLazyCounter, 206 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 467 SdHoareTripleChecker+Invalid, 208 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 206 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:26,919 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [2 Valid, 467 Invalid, 208 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 206 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:51:26,920 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2022-02-20 23:51:26,922 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 156. [2022-02-20 23:51:26,922 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:26,922 INFO L82 GeneralOperation]: Start isEquivalent. First operand 156 states. Second operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:26,922 INFO L74 IsIncluded]: Start isIncluded. First operand 156 states. Second operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:26,923 INFO L87 Difference]: Start difference. First operand 156 states. Second operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:26,925 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:26,943 INFO L93 Difference]: Finished difference Result 156 states and 175 transitions. [2022-02-20 23:51:26,943 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 175 transitions. [2022-02-20 23:51:26,944 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:26,944 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:26,944 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 156 states. [2022-02-20 23:51:26,945 INFO L87 Difference]: Start difference. First operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 156 states. [2022-02-20 23:51:26,947 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:26,947 INFO L93 Difference]: Finished difference Result 156 states and 175 transitions. [2022-02-20 23:51:26,947 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 175 transitions. [2022-02-20 23:51:26,948 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:26,948 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:26,948 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:26,948 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:26,948 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 105 states have (on average 1.561904761904762) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:26,950 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 175 transitions. [2022-02-20 23:51:26,950 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 175 transitions. Word has length 27 [2022-02-20 23:51:26,950 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:26,951 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 175 transitions. [2022-02-20 23:51:26,951 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:26,951 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 175 transitions. [2022-02-20 23:51:26,952 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:51:26,952 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:26,952 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:26,960 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:27,160 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:27,161 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr42ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:27,162 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:27,162 INFO L85 PathProgramCache]: Analyzing trace with hash 290272400, now seen corresponding path program 1 times [2022-02-20 23:51:27,162 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:27,162 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1192832347] [2022-02-20 23:51:27,162 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:27,162 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:27,163 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:27,183 INFO L229 MonitoredProcess]: Starting monitored process 18 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:27,204 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Waiting until timeout for monitored process [2022-02-20 23:51:27,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:27,241 INFO L263 TraceCheckSpWp]: Trace formula consists of 94 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:51:27,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:27,250 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:27,839 INFO L290 TraceCheckUtils]: 0: Hoare triple {12195#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:27,840 INFO L290 TraceCheckUtils]: 1: Hoare triple {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:27,840 INFO L272 TraceCheckUtils]: 2: Hoare triple {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:27,840 INFO L290 TraceCheckUtils]: 3: Hoare triple {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:27,842 INFO L290 TraceCheckUtils]: 4: Hoare triple {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,843 INFO L290 TraceCheckUtils]: 5: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,844 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {12200#(bvult (_ bv0 32) |#StackHeapBarrier|)} #196#return; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,845 INFO L290 TraceCheckUtils]: 7: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,846 INFO L290 TraceCheckUtils]: 8: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,846 INFO L272 TraceCheckUtils]: 9: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,848 INFO L290 TraceCheckUtils]: 10: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size := #in~size; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,849 INFO L290 TraceCheckUtils]: 11: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12235#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,851 INFO L290 TraceCheckUtils]: 12: Hoare triple {12235#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume true; {12235#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,851 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {12235#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} #198#return; {12242#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_entry_point_#t~ret54#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:27,853 INFO L290 TraceCheckUtils]: 14: Hoare triple {12242#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_entry_point_#t~ret54#1.base| |#StackHeapBarrier|))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,854 INFO L290 TraceCheckUtils]: 15: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,855 INFO L272 TraceCheckUtils]: 16: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,856 INFO L290 TraceCheckUtils]: 17: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size := #in~size; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,858 INFO L290 TraceCheckUtils]: 18: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,859 INFO L290 TraceCheckUtils]: 19: Hoare triple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:51:27,859 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {12213#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} #200#return; {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,863 INFO L290 TraceCheckUtils]: 21: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,868 INFO L290 TraceCheckUtils]: 22: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,873 INFO L290 TraceCheckUtils]: 23: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,875 INFO L290 TraceCheckUtils]: 24: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32;havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,876 INFO L290 TraceCheckUtils]: 25: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume 0bv32 == entry_point_~intf~2#1.offset; {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:51:27,877 INFO L290 TraceCheckUtils]: 26: Hoare triple {12246#(and (bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !~bvult32(entry_point_~intf~2#1.base, #StackHeapBarrier); {12196#false} is VALID [2022-02-20 23:51:27,877 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:51:27,877 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:28,024 INFO L290 TraceCheckUtils]: 26: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~intf~2#1.base, #StackHeapBarrier); {12196#false} is VALID [2022-02-20 23:51:28,025 INFO L290 TraceCheckUtils]: 25: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~intf~2#1.offset; {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,025 INFO L290 TraceCheckUtils]: 24: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} assume entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32;havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,025 INFO L290 TraceCheckUtils]: 23: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,026 INFO L290 TraceCheckUtils]: 22: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,026 INFO L290 TraceCheckUtils]: 21: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,027 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {12195#true} {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} #200#return; {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,027 INFO L290 TraceCheckUtils]: 19: Hoare triple {12195#true} assume true; {12195#true} is VALID [2022-02-20 23:51:28,027 INFO L290 TraceCheckUtils]: 18: Hoare triple {12195#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {12195#true} is VALID [2022-02-20 23:51:28,027 INFO L290 TraceCheckUtils]: 17: Hoare triple {12195#true} ~size := #in~size; {12195#true} is VALID [2022-02-20 23:51:28,027 INFO L272 TraceCheckUtils]: 16: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {12195#true} is VALID [2022-02-20 23:51:28,027 INFO L290 TraceCheckUtils]: 15: Hoare triple {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,027 INFO L290 TraceCheckUtils]: 14: Hoare triple {12320#(bvult |ULTIMATE.start_entry_point_#t~ret54#1.base| |#StackHeapBarrier|)} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {12283#(bvult |ULTIMATE.start_entry_point_~intf~2#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,028 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {12327#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {12195#true} #198#return; {12320#(bvult |ULTIMATE.start_entry_point_#t~ret54#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,028 INFO L290 TraceCheckUtils]: 12: Hoare triple {12327#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {12327#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 11: Hoare triple {12195#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12327#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 10: Hoare triple {12195#true} ~size := #in~size; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L272 TraceCheckUtils]: 9: Hoare triple {12195#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 8: Hoare triple {12195#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 7: Hoare triple {12195#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12195#true} {12195#true} #196#return; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 5: Hoare triple {12195#true} assume true; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 4: Hoare triple {12195#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 3: Hoare triple {12195#true} ~size := #in~size; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L272 TraceCheckUtils]: 2: Hoare triple {12195#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 1: Hoare triple {12195#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L290 TraceCheckUtils]: 0: Hoare triple {12195#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {12195#true} is VALID [2022-02-20 23:51:28,029 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:28,029 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:28,029 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1192832347] [2022-02-20 23:51:28,030 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1192832347] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:51:28,030 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:28,030 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:51:28,030 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1902263219] [2022-02-20 23:51:28,030 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:28,030 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Word has length 27 [2022-02-20 23:51:28,030 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:28,030 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:28,094 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 49 edges. 49 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:28,095 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:51:28,095 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:28,095 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:51:28,095 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:51:28,095 INFO L87 Difference]: Start difference. First operand 156 states and 175 transitions. Second operand has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:29,433 INFO L93 Difference]: Finished difference Result 196 states and 216 transitions. [2022-02-20 23:51:29,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:29,433 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Word has length 27 [2022-02-20 23:51:29,433 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:29,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 184 transitions. [2022-02-20 23:51:29,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 184 transitions. [2022-02-20 23:51:29,436 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 184 transitions. [2022-02-20 23:51:29,666 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 184 edges. 184 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:29,668 INFO L225 Difference]: With dead ends: 196 [2022-02-20 23:51:29,668 INFO L226 Difference]: Without dead ends: 196 [2022-02-20 23:51:29,668 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 53 GetRequests, 44 SyntacticMatches, 1 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:51:29,668 INFO L933 BasicCegarLoop]: 127 mSDtfsCounter, 97 mSDsluCounter, 814 mSDsCounter, 0 mSdLazyCounter, 62 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 98 SdHoareTripleChecker+Valid, 941 SdHoareTripleChecker+Invalid, 166 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 62 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 100 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:29,668 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [98 Valid, 941 Invalid, 166 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 62 Invalid, 0 Unknown, 100 Unchecked, 0.1s Time] [2022-02-20 23:51:29,669 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 196 states. [2022-02-20 23:51:29,670 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 196 to 161. [2022-02-20 23:51:29,670 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:29,670 INFO L82 GeneralOperation]: Start isEquivalent. First operand 196 states. Second operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,671 INFO L74 IsIncluded]: Start isIncluded. First operand 196 states. Second operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,671 INFO L87 Difference]: Start difference. First operand 196 states. Second operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:29,675 INFO L93 Difference]: Finished difference Result 196 states and 216 transitions. [2022-02-20 23:51:29,675 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 216 transitions. [2022-02-20 23:51:29,675 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:29,675 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:29,676 INFO L74 IsIncluded]: Start isIncluded. First operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 196 states. [2022-02-20 23:51:29,677 INFO L87 Difference]: Start difference. First operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 196 states. [2022-02-20 23:51:29,679 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:29,679 INFO L93 Difference]: Finished difference Result 196 states and 216 transitions. [2022-02-20 23:51:29,679 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 216 transitions. [2022-02-20 23:51:29,680 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:29,680 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:29,680 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:29,680 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:29,680 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 161 states, 109 states have (on average 1.5504587155963303) internal successors, (169), 149 states have internal predecessors, (169), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,682 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 161 states to 161 states and 180 transitions. [2022-02-20 23:51:29,682 INFO L78 Accepts]: Start accepts. Automaton has 161 states and 180 transitions. Word has length 27 [2022-02-20 23:51:29,682 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:29,682 INFO L470 AbstractCegarLoop]: Abstraction has 161 states and 180 transitions. [2022-02-20 23:51:29,682 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 8 states have internal predecessors, (37), 5 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:29,682 INFO L276 IsEmpty]: Start isEmpty. Operand 161 states and 180 transitions. [2022-02-20 23:51:29,683 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:51:29,683 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:29,683 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:29,705 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:29,889 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 18 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:29,890 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr7REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:29,890 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:29,890 INFO L85 PathProgramCache]: Analyzing trace with hash 290270070, now seen corresponding path program 1 times [2022-02-20 23:51:29,891 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:29,891 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2096341631] [2022-02-20 23:51:29,891 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:29,891 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:29,891 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:29,892 INFO L229 MonitoredProcess]: Starting monitored process 19 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:29,894 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-02-20 23:51:29,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:29,950 INFO L263 TraceCheckSpWp]: Trace formula consists of 98 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:51:29,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:29,960 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:30,036 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:30,041 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:30,071 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2022-02-20 23:51:30,074 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 0: Hoare triple {13113#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 1: Hoare triple {13113#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L272 TraceCheckUtils]: 2: Hoare triple {13113#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 3: Hoare triple {13113#true} ~size := #in~size; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 4: Hoare triple {13113#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 5: Hoare triple {13113#true} assume true; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {13113#true} {13113#true} #196#return; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 7: Hoare triple {13113#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 8: Hoare triple {13113#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L272 TraceCheckUtils]: 9: Hoare triple {13113#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 10: Hoare triple {13113#true} ~size := #in~size; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 11: Hoare triple {13113#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 12: Hoare triple {13113#true} assume true; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {13113#true} {13113#true} #198#return; {13113#true} is VALID [2022-02-20 23:51:30,088 INFO L290 TraceCheckUtils]: 14: Hoare triple {13113#true} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {13113#true} is VALID [2022-02-20 23:51:30,089 INFO L290 TraceCheckUtils]: 15: Hoare triple {13113#true} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {13113#true} is VALID [2022-02-20 23:51:30,089 INFO L272 TraceCheckUtils]: 16: Hoare triple {13113#true} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {13113#true} is VALID [2022-02-20 23:51:30,089 INFO L290 TraceCheckUtils]: 17: Hoare triple {13113#true} ~size := #in~size; {13113#true} is VALID [2022-02-20 23:51:30,089 INFO L290 TraceCheckUtils]: 18: Hoare triple {13113#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {13172#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:30,089 INFO L290 TraceCheckUtils]: 19: Hoare triple {13172#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {13172#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:30,090 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {13172#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {13113#true} #200#return; {13179#(and (= |ULTIMATE.start_entry_point_#t~ret55#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret55#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:30,092 INFO L290 TraceCheckUtils]: 21: Hoare triple {13179#(and (= |ULTIMATE.start_entry_point_#t~ret55#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~ret55#1.base| (_ bv0 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {13183#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:30,092 INFO L290 TraceCheckUtils]: 22: Hoare triple {13183#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {13183#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:30,092 INFO L290 TraceCheckUtils]: 23: Hoare triple {13183#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|)) (_ bv0 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {13190#(and (= |ULTIMATE.start_entry_point_#t~mem56#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem56#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:30,093 INFO L290 TraceCheckUtils]: 24: Hoare triple {13190#(and (= |ULTIMATE.start_entry_point_#t~mem56#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_#t~mem56#1.base| (_ bv0 32)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {13114#false} is VALID [2022-02-20 23:51:30,093 INFO L290 TraceCheckUtils]: 25: Hoare triple {13114#false} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {13114#false} is VALID [2022-02-20 23:51:30,093 INFO L290 TraceCheckUtils]: 26: Hoare triple {13114#false} assume !((~bvule32(~bvadd32(1bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset)), #length[entry_point_#t~mem57#1.base]) && ~bvule32(~bvadd32(7bv32, entry_point_#t~mem57#1.offset), ~bvadd32(1bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset)))) && ~bvule32(0bv32, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset))); {13114#false} is VALID [2022-02-20 23:51:30,093 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:30,093 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:30,093 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:30,093 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2096341631] [2022-02-20 23:51:30,093 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2096341631] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:30,093 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:30,093 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:51:30,093 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [473935200] [2022-02-20 23:51:30,093 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:30,094 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:30,094 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:30,094 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:30,113 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:30,113 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:30,113 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:30,114 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:30,114 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:30,114 INFO L87 Difference]: Start difference. First operand 161 states and 180 transitions. Second operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:30,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:30,906 INFO L93 Difference]: Finished difference Result 165 states and 182 transitions. [2022-02-20 23:51:30,906 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:30,906 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:51:30,906 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:30,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:30,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 149 transitions. [2022-02-20 23:51:30,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:30,908 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 149 transitions. [2022-02-20 23:51:30,908 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 149 transitions. [2022-02-20 23:51:31,028 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 149 edges. 149 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:31,029 INFO L225 Difference]: With dead ends: 165 [2022-02-20 23:51:31,029 INFO L226 Difference]: Without dead ends: 165 [2022-02-20 23:51:31,029 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:31,030 INFO L933 BasicCegarLoop]: 132 mSDtfsCounter, 12 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 12 SdHoareTripleChecker+Valid, 626 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:31,030 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [12 Valid, 626 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:51:31,030 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2022-02-20 23:51:31,032 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 157. [2022-02-20 23:51:31,032 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:31,032 INFO L82 GeneralOperation]: Start isEquivalent. First operand 165 states. Second operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:31,032 INFO L74 IsIncluded]: Start isIncluded. First operand 165 states. Second operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:31,032 INFO L87 Difference]: Start difference. First operand 165 states. Second operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:31,034 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:31,034 INFO L93 Difference]: Finished difference Result 165 states and 182 transitions. [2022-02-20 23:51:31,034 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 182 transitions. [2022-02-20 23:51:31,034 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:31,034 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:31,034 INFO L74 IsIncluded]: Start isIncluded. First operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 165 states. [2022-02-20 23:51:31,035 INFO L87 Difference]: Start difference. First operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 165 states. [2022-02-20 23:51:31,036 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:31,037 INFO L93 Difference]: Finished difference Result 165 states and 182 transitions. [2022-02-20 23:51:31,037 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 182 transitions. [2022-02-20 23:51:31,037 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:31,037 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:31,037 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:31,037 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:31,037 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 107 states have (on average 1.5327102803738317) internal successors, (164), 145 states have internal predecessors, (164), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:31,039 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 175 transitions. [2022-02-20 23:51:31,039 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 175 transitions. Word has length 27 [2022-02-20 23:51:31,039 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:31,040 INFO L470 AbstractCegarLoop]: Abstraction has 157 states and 175 transitions. [2022-02-20 23:51:31,040 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 5 states have internal predecessors, (17), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:31,040 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 175 transitions. [2022-02-20 23:51:31,040 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:51:31,040 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:31,040 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:31,047 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:31,247 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 19 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:31,247 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:31,247 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:31,247 INFO L85 PathProgramCache]: Analyzing trace with hash 1573614037, now seen corresponding path program 1 times [2022-02-20 23:51:31,247 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:31,247 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [674936325] [2022-02-20 23:51:31,247 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:31,247 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:31,248 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:31,249 INFO L229 MonitoredProcess]: Starting monitored process 20 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:31,295 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Waiting until timeout for monitored process [2022-02-20 23:51:31,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:31,331 INFO L263 TraceCheckSpWp]: Trace formula consists of 118 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:51:31,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:31,343 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:31,354 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:31,450 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:51:31,451 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 18 treesize of output 25 [2022-02-20 23:51:33,509 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:51:33,509 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:51:33,534 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:33,592 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 5 [2022-02-20 23:51:33,605 INFO L290 TraceCheckUtils]: 0: Hoare triple {13855#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {13855#true} is VALID [2022-02-20 23:51:33,605 INFO L290 TraceCheckUtils]: 1: Hoare triple {13855#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {13855#true} is VALID [2022-02-20 23:51:33,605 INFO L272 TraceCheckUtils]: 2: Hoare triple {13855#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {13855#true} is VALID [2022-02-20 23:51:33,605 INFO L290 TraceCheckUtils]: 3: Hoare triple {13855#true} ~size := #in~size; {13855#true} is VALID [2022-02-20 23:51:33,606 INFO L290 TraceCheckUtils]: 4: Hoare triple {13855#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:33,606 INFO L290 TraceCheckUtils]: 5: Hoare triple {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:33,607 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {13855#true} #196#return; {13879#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,607 INFO L290 TraceCheckUtils]: 7: Hoare triple {13879#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,608 INFO L290 TraceCheckUtils]: 8: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,608 INFO L272 TraceCheckUtils]: 9: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {13890#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:33,608 INFO L290 TraceCheckUtils]: 10: Hoare triple {13890#(= |old(#valid)| |#valid|)} ~size := #in~size; {13890#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:33,609 INFO L290 TraceCheckUtils]: 11: Hoare triple {13890#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13897#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_158 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_158) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:33,610 INFO L290 TraceCheckUtils]: 12: Hoare triple {13897#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_158 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_158) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {13897#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_158 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_158) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:33,611 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {13897#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_158 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_158) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #198#return; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,611 INFO L290 TraceCheckUtils]: 14: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,611 INFO L290 TraceCheckUtils]: 15: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,612 INFO L272 TraceCheckUtils]: 16: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {13890#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:33,612 INFO L290 TraceCheckUtils]: 17: Hoare triple {13890#(= |old(#valid)| |#valid|)} ~size := #in~size; {13890#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:33,612 INFO L290 TraceCheckUtils]: 18: Hoare triple {13890#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13919#(= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|)} is VALID [2022-02-20 23:51:33,613 INFO L290 TraceCheckUtils]: 19: Hoare triple {13919#(= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|)} assume true; {13919#(= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|)} is VALID [2022-02-20 23:51:33,614 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {13919#(= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|)} {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #200#return; {13926#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret55#1.base|)))} is VALID [2022-02-20 23:51:33,615 INFO L290 TraceCheckUtils]: 21: Hoare triple {13926#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_entry_point_#t~ret55#1.base|)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:51:33,616 INFO L290 TraceCheckUtils]: 22: Hoare triple {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:51:33,616 INFO L290 TraceCheckUtils]: 23: Hoare triple {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:51:33,617 INFO L290 TraceCheckUtils]: 24: Hoare triple {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:51:33,617 INFO L290 TraceCheckUtils]: 25: Hoare triple {13930#(and (= (bvadd (bvneg (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (_ bv1 1)) (_ bv0 1)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~intf~2#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_entry_point_~intf~2#1.offset|))) (_ bv1 1)))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,617 INFO L290 TraceCheckUtils]: 26: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,618 INFO L290 TraceCheckUtils]: 27: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,618 INFO L290 TraceCheckUtils]: 28: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~hdev~0#1.base]); {13856#false} is VALID [2022-02-20 23:51:33,618 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 6 proven. 2 refuted. 2 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:33,618 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:33,931 INFO L290 TraceCheckUtils]: 28: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[entry_point_~hdev~0#1.base]); {13856#false} is VALID [2022-02-20 23:51:33,931 INFO L290 TraceCheckUtils]: 27: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,935 INFO L290 TraceCheckUtils]: 26: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,936 INFO L290 TraceCheckUtils]: 25: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,936 INFO L290 TraceCheckUtils]: 24: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,936 INFO L290 TraceCheckUtils]: 23: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,936 INFO L290 TraceCheckUtils]: 22: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,937 INFO L290 TraceCheckUtils]: 21: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,938 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #200#return; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,938 INFO L290 TraceCheckUtils]: 19: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} assume true; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,939 INFO L290 TraceCheckUtils]: 18: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,940 INFO L290 TraceCheckUtils]: 17: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} ~size := #in~size; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,940 INFO L272 TraceCheckUtils]: 16: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,940 INFO L290 TraceCheckUtils]: 15: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,941 INFO L290 TraceCheckUtils]: 14: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,942 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} #198#return; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,943 INFO L290 TraceCheckUtils]: 12: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} assume true; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,943 INFO L290 TraceCheckUtils]: 11: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,944 INFO L290 TraceCheckUtils]: 10: Hoare triple {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} ~size := #in~size; {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,944 INFO L272 TraceCheckUtils]: 9: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {13979#(forall ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11| (_ BitVec 32))) (or (not (= (select |old(#valid)| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))) (= (select |#valid| |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_11|) (_ bv1 1))))} is VALID [2022-02-20 23:51:33,945 INFO L290 TraceCheckUtils]: 8: Hoare triple {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,945 INFO L290 TraceCheckUtils]: 7: Hoare triple {13879#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {13883#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,945 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {13855#true} #196#return; {13879#(= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:33,946 INFO L290 TraceCheckUtils]: 5: Hoare triple {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:33,946 INFO L290 TraceCheckUtils]: 4: Hoare triple {13855#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {13872#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:51:33,946 INFO L290 TraceCheckUtils]: 3: Hoare triple {13855#true} ~size := #in~size; {13855#true} is VALID [2022-02-20 23:51:33,946 INFO L272 TraceCheckUtils]: 2: Hoare triple {13855#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {13855#true} is VALID [2022-02-20 23:51:33,947 INFO L290 TraceCheckUtils]: 1: Hoare triple {13855#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {13855#true} is VALID [2022-02-20 23:51:33,947 INFO L290 TraceCheckUtils]: 0: Hoare triple {13855#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {13855#true} is VALID [2022-02-20 23:51:33,947 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 4 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:51:33,947 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:33,947 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [674936325] [2022-02-20 23:51:33,947 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [674936325] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:51:33,947 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:33,947 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 5] total 10 [2022-02-20 23:51:33,947 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [840074163] [2022-02-20 23:51:33,947 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:33,948 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 29 [2022-02-20 23:51:33,948 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:33,948 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-02-20 23:51:33,975 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:33,976 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-02-20 23:51:33,976 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:33,976 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-02-20 23:51:33,976 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=84, Unknown=1, NotChecked=0, Total=110 [2022-02-20 23:51:33,976 INFO L87 Difference]: Start difference. First operand 157 states and 175 transitions. Second operand has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-02-20 23:51:39,838 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:39,839 INFO L93 Difference]: Finished difference Result 180 states and 192 transitions. [2022-02-20 23:51:39,839 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:51:39,839 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 29 [2022-02-20 23:51:39,839 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:39,839 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-02-20 23:51:39,840 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 181 transitions. [2022-02-20 23:51:39,840 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-02-20 23:51:39,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 181 transitions. [2022-02-20 23:51:39,841 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 181 transitions. [2022-02-20 23:51:39,997 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 181 edges. 181 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:39,998 INFO L225 Difference]: With dead ends: 180 [2022-02-20 23:51:39,998 INFO L226 Difference]: Without dead ends: 180 [2022-02-20 23:51:39,998 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 58 GetRequests, 38 SyntacticMatches, 9 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 33 ImplicationChecksByTransitivity, 6.2s TimeCoverageRelationStatistics Valid=36, Invalid=118, Unknown=2, NotChecked=0, Total=156 [2022-02-20 23:51:39,999 INFO L933 BasicCegarLoop]: 87 mSDtfsCounter, 94 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 392 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 96 SdHoareTripleChecker+Valid, 651 SdHoareTripleChecker+Invalid, 540 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 392 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 144 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:39,999 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [96 Valid, 651 Invalid, 540 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 392 Invalid, 0 Unknown, 144 Unchecked, 0.6s Time] [2022-02-20 23:51:39,999 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2022-02-20 23:51:40,001 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 156. [2022-02-20 23:51:40,001 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:40,001 INFO L82 GeneralOperation]: Start isEquivalent. First operand 180 states. Second operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:40,001 INFO L74 IsIncluded]: Start isIncluded. First operand 180 states. Second operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:40,001 INFO L87 Difference]: Start difference. First operand 180 states. Second operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:40,004 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:40,004 INFO L93 Difference]: Finished difference Result 180 states and 192 transitions. [2022-02-20 23:51:40,004 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 192 transitions. [2022-02-20 23:51:40,004 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:40,004 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:40,005 INFO L74 IsIncluded]: Start isIncluded. First operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 180 states. [2022-02-20 23:51:40,005 INFO L87 Difference]: Start difference. First operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 180 states. [2022-02-20 23:51:40,007 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:40,007 INFO L93 Difference]: Finished difference Result 180 states and 192 transitions. [2022-02-20 23:51:40,007 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 192 transitions. [2022-02-20 23:51:40,007 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:40,007 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:40,007 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:40,007 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:40,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 156 states, 107 states have (on average 1.5233644859813085) internal successors, (163), 144 states have internal predecessors, (163), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:40,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 156 states to 156 states and 174 transitions. [2022-02-20 23:51:40,009 INFO L78 Accepts]: Start accepts. Automaton has 156 states and 174 transitions. Word has length 29 [2022-02-20 23:51:40,009 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:40,009 INFO L470 AbstractCegarLoop]: Abstraction has 156 states and 174 transitions. [2022-02-20 23:51:40,010 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 10 states have (on average 3.0) internal successors, (30), 9 states have internal predecessors, (30), 2 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-02-20 23:51:40,010 INFO L276 IsEmpty]: Start isEmpty. Operand 156 states and 174 transitions. [2022-02-20 23:51:40,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:51:40,013 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:40,013 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:40,021 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:40,220 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 20 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:40,220 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:40,220 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:40,220 INFO L85 PathProgramCache]: Analyzing trace with hash 1573614038, now seen corresponding path program 1 times [2022-02-20 23:51:40,221 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:40,221 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2043739487] [2022-02-20 23:51:40,221 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:40,221 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:40,221 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:40,222 INFO L229 MonitoredProcess]: Starting monitored process 21 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:40,231 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (21)] Waiting until timeout for monitored process [2022-02-20 23:51:40,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:40,307 INFO L263 TraceCheckSpWp]: Trace formula consists of 118 conjuncts, 25 conjunts are in the unsatisfiable core [2022-02-20 23:51:40,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:40,322 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:40,343 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:40,346 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:40,515 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:51:40,516 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 18 treesize of output 25 [2022-02-20 23:51:40,531 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:40,643 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:40,644 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:40,651 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:40,651 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:40,721 INFO L290 TraceCheckUtils]: 0: Hoare triple {14736#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {14736#true} is VALID [2022-02-20 23:51:40,721 INFO L290 TraceCheckUtils]: 1: Hoare triple {14736#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {14736#true} is VALID [2022-02-20 23:51:40,721 INFO L272 TraceCheckUtils]: 2: Hoare triple {14736#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {14736#true} is VALID [2022-02-20 23:51:40,722 INFO L290 TraceCheckUtils]: 3: Hoare triple {14736#true} ~size := #in~size; {14750#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:51:40,723 INFO L290 TraceCheckUtils]: 4: Hoare triple {14750#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,723 INFO L290 TraceCheckUtils]: 5: Hoare triple {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,724 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {14736#true} #196#return; {14761#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv12 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,724 INFO L290 TraceCheckUtils]: 7: Hoare triple {14761#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv12 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,725 INFO L290 TraceCheckUtils]: 8: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,725 INFO L272 TraceCheckUtils]: 9: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:40,726 INFO L290 TraceCheckUtils]: 10: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:40,727 INFO L290 TraceCheckUtils]: 11: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:40,728 INFO L290 TraceCheckUtils]: 12: Hoare triple {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:40,729 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} #198#return; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,730 INFO L290 TraceCheckUtils]: 14: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,730 INFO L290 TraceCheckUtils]: 15: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,731 INFO L272 TraceCheckUtils]: 16: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:40,731 INFO L290 TraceCheckUtils]: 17: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:40,732 INFO L290 TraceCheckUtils]: 18: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} is VALID [2022-02-20 23:51:40,732 INFO L290 TraceCheckUtils]: 19: Hoare triple {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} assume true; {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} is VALID [2022-02-20 23:51:40,734 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} #200#return; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,734 INFO L290 TraceCheckUtils]: 21: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,735 INFO L290 TraceCheckUtils]: 22: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,735 INFO L290 TraceCheckUtils]: 23: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,736 INFO L290 TraceCheckUtils]: 24: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,736 INFO L290 TraceCheckUtils]: 25: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,737 INFO L290 TraceCheckUtils]: 26: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,737 INFO L290 TraceCheckUtils]: 27: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:40,737 INFO L290 TraceCheckUtils]: 28: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset)), #length[entry_point_~hdev~0#1.base]) && ~bvule32(~bvadd32(8bv32, entry_point_~hdev~0#1.offset), ~bvadd32(4bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset)))) && ~bvule32(0bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset))); {14737#false} is VALID [2022-02-20 23:51:40,738 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:40,738 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:43,030 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:43,030 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2043739487] [2022-02-20 23:51:43,030 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2043739487] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:43,030 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [493157190] [2022-02-20 23:51:43,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:43,030 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:43,031 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:51:43,032 INFO L229 MonitoredProcess]: Starting monitored process 22 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:51:43,049 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (22)] Waiting until timeout for monitored process [2022-02-20 23:51:43,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:43,166 INFO L263 TraceCheckSpWp]: Trace formula consists of 118 conjuncts, 25 conjunts are in the unsatisfiable core [2022-02-20 23:51:43,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:43,178 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:43,198 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:43,202 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:43,344 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:51:43,344 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 18 treesize of output 25 [2022-02-20 23:51:43,359 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:45,485 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:45,486 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:45,493 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:45,493 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:45,543 INFO L290 TraceCheckUtils]: 0: Hoare triple {14736#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {14736#true} is VALID [2022-02-20 23:51:45,544 INFO L290 TraceCheckUtils]: 1: Hoare triple {14736#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {14736#true} is VALID [2022-02-20 23:51:45,544 INFO L272 TraceCheckUtils]: 2: Hoare triple {14736#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {14736#true} is VALID [2022-02-20 23:51:45,544 INFO L290 TraceCheckUtils]: 3: Hoare triple {14736#true} ~size := #in~size; {14750#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:51:45,545 INFO L290 TraceCheckUtils]: 4: Hoare triple {14750#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:45,545 INFO L290 TraceCheckUtils]: 5: Hoare triple {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:45,546 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {14754#(and (= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|)) (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {14736#true} #196#return; {14761#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv12 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:45,546 INFO L290 TraceCheckUtils]: 7: Hoare triple {14761#(and (= (select |#valid| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_#t~ret53#1.base|) (_ bv12 32)) (= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32)))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,547 INFO L290 TraceCheckUtils]: 8: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,547 INFO L272 TraceCheckUtils]: 9: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:45,548 INFO L290 TraceCheckUtils]: 10: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:45,549 INFO L290 TraceCheckUtils]: 11: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:45,549 INFO L290 TraceCheckUtils]: 12: Hoare triple {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:45,551 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {14779#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_187 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_187))) (exists ((v_ArrVal_188 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_188) |#valid|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} #198#return; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,551 INFO L290 TraceCheckUtils]: 14: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,552 INFO L290 TraceCheckUtils]: 15: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,552 INFO L272 TraceCheckUtils]: 16: Hoare triple {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:45,553 INFO L290 TraceCheckUtils]: 17: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:45,554 INFO L290 TraceCheckUtils]: 18: Hoare triple {14772#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} is VALID [2022-02-20 23:51:45,554 INFO L290 TraceCheckUtils]: 19: Hoare triple {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} assume true; {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} is VALID [2022-02-20 23:51:45,555 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {14801#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_189 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_189) |#length|))))} {14765#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} #200#return; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,556 INFO L290 TraceCheckUtils]: 21: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,556 INFO L290 TraceCheckUtils]: 22: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,556 INFO L290 TraceCheckUtils]: 23: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,557 INFO L290 TraceCheckUtils]: 24: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,557 INFO L290 TraceCheckUtils]: 25: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,558 INFO L290 TraceCheckUtils]: 26: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,558 INFO L290 TraceCheckUtils]: 27: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} is VALID [2022-02-20 23:51:45,558 INFO L290 TraceCheckUtils]: 28: Hoare triple {14808#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv12 32)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset)), #length[entry_point_~hdev~0#1.base]) && ~bvule32(~bvadd32(8bv32, entry_point_~hdev~0#1.offset), ~bvadd32(4bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset)))) && ~bvule32(0bv32, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset))); {14737#false} is VALID [2022-02-20 23:51:45,558 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:45,559 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:47,821 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [493157190] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:47,821 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:47,821 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 9 [2022-02-20 23:51:47,821 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [549784230] [2022-02-20 23:51:47,821 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:47,822 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 29 [2022-02-20 23:51:47,822 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:47,822 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:47,857 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:47,857 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:51:47,857 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:47,857 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:51:47,857 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=105, Unknown=1, NotChecked=0, Total=132 [2022-02-20 23:51:47,858 INFO L87 Difference]: Start difference. First operand 156 states and 174 transitions. Second operand has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:52,046 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:52,046 INFO L93 Difference]: Finished difference Result 179 states and 191 transitions. [2022-02-20 23:51:52,046 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:51:52,046 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 29 [2022-02-20 23:51:52,047 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:52,047 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:52,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 180 transitions. [2022-02-20 23:51:52,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:52,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 180 transitions. [2022-02-20 23:51:52,049 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 180 transitions. [2022-02-20 23:51:52,222 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 180 edges. 180 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:52,223 INFO L225 Difference]: With dead ends: 179 [2022-02-20 23:51:52,223 INFO L226 Difference]: Without dead ends: 179 [2022-02-20 23:51:52,224 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 76 GetRequests, 59 SyntacticMatches, 5 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17 ImplicationChecksByTransitivity, 6.4s TimeCoverageRelationStatistics Valid=36, Invalid=145, Unknown=1, NotChecked=0, Total=182 [2022-02-20 23:51:52,224 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 235 mSDsluCounter, 325 mSDsCounter, 0 mSdLazyCounter, 388 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 396 SdHoareTripleChecker+Invalid, 477 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 388 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 73 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:52,224 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [237 Valid, 396 Invalid, 477 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 388 Invalid, 0 Unknown, 73 Unchecked, 0.8s Time] [2022-02-20 23:51:52,224 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2022-02-20 23:51:52,226 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 155. [2022-02-20 23:51:52,226 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:52,226 INFO L82 GeneralOperation]: Start isEquivalent. First operand 179 states. Second operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:52,226 INFO L74 IsIncluded]: Start isIncluded. First operand 179 states. Second operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:52,226 INFO L87 Difference]: Start difference. First operand 179 states. Second operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:52,228 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:52,228 INFO L93 Difference]: Finished difference Result 179 states and 191 transitions. [2022-02-20 23:51:52,228 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 191 transitions. [2022-02-20 23:51:52,228 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:52,229 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:52,229 INFO L74 IsIncluded]: Start isIncluded. First operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 179 states. [2022-02-20 23:51:52,229 INFO L87 Difference]: Start difference. First operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 179 states. [2022-02-20 23:51:52,231 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:52,231 INFO L93 Difference]: Finished difference Result 179 states and 191 transitions. [2022-02-20 23:51:52,232 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 191 transitions. [2022-02-20 23:51:52,232 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:52,232 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:52,232 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:52,232 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:52,232 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 155 states, 107 states have (on average 1.514018691588785) internal successors, (162), 143 states have internal predecessors, (162), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:52,234 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 173 transitions. [2022-02-20 23:51:52,234 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 173 transitions. Word has length 29 [2022-02-20 23:51:52,234 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:52,234 INFO L470 AbstractCegarLoop]: Abstraction has 155 states and 173 transitions. [2022-02-20 23:51:52,234 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 2.4444444444444446) internal successors, (22), 9 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:51:52,234 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 173 transitions. [2022-02-20 23:51:52,235 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:51:52,235 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:52,235 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:52,242 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (22)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:52,444 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (21)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:52,643 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 22 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,21 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:52,644 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting ULTIMATE.startErr45ASSERT_VIOLATIONMEMORY_FREE === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:52,644 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:52,644 INFO L85 PathProgramCache]: Analyzing trace with hash 1736110180, now seen corresponding path program 1 times [2022-02-20 23:51:52,644 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:52,644 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1642896243] [2022-02-20 23:51:52,644 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:52,644 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:52,644 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:52,645 INFO L229 MonitoredProcess]: Starting monitored process 23 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:52,646 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (23)] Waiting until timeout for monitored process [2022-02-20 23:51:52,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:52,712 INFO L263 TraceCheckSpWp]: Trace formula consists of 99 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:51:52,717 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:52,718 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:53,085 INFO L290 TraceCheckUtils]: 0: Hoare triple {15668#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,086 INFO L290 TraceCheckUtils]: 1: Hoare triple {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,086 INFO L272 TraceCheckUtils]: 2: Hoare triple {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,086 INFO L290 TraceCheckUtils]: 3: Hoare triple {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,087 INFO L290 TraceCheckUtils]: 4: Hoare triple {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {15686#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:51:53,087 INFO L290 TraceCheckUtils]: 5: Hoare triple {15686#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {15686#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:51:53,088 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {15686#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {15673#(bvult (_ bv0 32) |#StackHeapBarrier|)} #196#return; {15693#(and (bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32))))} is VALID [2022-02-20 23:51:53,088 INFO L290 TraceCheckUtils]: 7: Hoare triple {15693#(and (bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|) (not (= |ULTIMATE.start_entry_point_#t~ret53#1.base| (_ bv0 32))))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,088 INFO L290 TraceCheckUtils]: 8: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,091 INFO L272 TraceCheckUtils]: 9: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,091 INFO L290 TraceCheckUtils]: 10: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} ~size := #in~size; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,091 INFO L290 TraceCheckUtils]: 11: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,092 INFO L290 TraceCheckUtils]: 12: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} assume true; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,092 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} #198#return; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,093 INFO L290 TraceCheckUtils]: 14: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,093 INFO L290 TraceCheckUtils]: 15: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,095 INFO L272 TraceCheckUtils]: 16: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,096 INFO L290 TraceCheckUtils]: 17: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} ~size := #in~size; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,096 INFO L290 TraceCheckUtils]: 18: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,096 INFO L290 TraceCheckUtils]: 19: Hoare triple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} assume true; {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} is VALID [2022-02-20 23:51:53,097 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {15704#(exists ((|v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| (_ BitVec 32))) (and (bvult |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17| |#StackHeapBarrier|) (not (= (_ bv0 32) |v_ULTIMATE.start_entry_point_~hdev~0#1.base_BEFORE_CALL_17|))))} {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} #200#return; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,097 INFO L290 TraceCheckUtils]: 21: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,098 INFO L290 TraceCheckUtils]: 22: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,098 INFO L290 TraceCheckUtils]: 23: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,098 INFO L290 TraceCheckUtils]: 24: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32;havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,099 INFO L290 TraceCheckUtils]: 25: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume 0bv32 == entry_point_~intf~2#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,099 INFO L290 TraceCheckUtils]: 26: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume ~bvult32(entry_point_~intf~2#1.base, #StackHeapBarrier); {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,100 INFO L290 TraceCheckUtils]: 27: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume 0bv32 == entry_point_~intf~2#1.base || 1bv1 == #valid[entry_point_~intf~2#1.base];call ULTIMATE.dealloc(entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset); {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,100 INFO L290 TraceCheckUtils]: 28: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume 0bv32 == entry_point_~hdev~0#1.offset; {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:51:53,100 INFO L290 TraceCheckUtils]: 29: Hoare triple {15697#(and (not (= |ULTIMATE.start_entry_point_~hdev~0#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|))} assume !~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {15669#false} is VALID [2022-02-20 23:51:53,100 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 4 proven. 4 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:51:53,100 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:53,244 INFO L290 TraceCheckUtils]: 29: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume !~bvult32(entry_point_~hdev~0#1.base, #StackHeapBarrier); {15669#false} is VALID [2022-02-20 23:51:53,244 INFO L290 TraceCheckUtils]: 28: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~hdev~0#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,244 INFO L290 TraceCheckUtils]: 27: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~intf~2#1.base || 1bv1 == #valid[entry_point_~intf~2#1.base];call ULTIMATE.dealloc(entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset); {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,245 INFO L290 TraceCheckUtils]: 26: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume ~bvult32(entry_point_~intf~2#1.base, #StackHeapBarrier); {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,245 INFO L290 TraceCheckUtils]: 25: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume 0bv32 == entry_point_~intf~2#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,245 INFO L290 TraceCheckUtils]: 24: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32;havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,246 INFO L290 TraceCheckUtils]: 23: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,246 INFO L290 TraceCheckUtils]: 22: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,246 INFO L290 TraceCheckUtils]: 21: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,247 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {15668#true} {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} #200#return; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,247 INFO L290 TraceCheckUtils]: 19: Hoare triple {15668#true} assume true; {15668#true} is VALID [2022-02-20 23:51:53,247 INFO L290 TraceCheckUtils]: 18: Hoare triple {15668#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {15668#true} is VALID [2022-02-20 23:51:53,247 INFO L290 TraceCheckUtils]: 17: Hoare triple {15668#true} ~size := #in~size; {15668#true} is VALID [2022-02-20 23:51:53,247 INFO L272 TraceCheckUtils]: 16: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {15668#true} is VALID [2022-02-20 23:51:53,247 INFO L290 TraceCheckUtils]: 15: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,248 INFO L290 TraceCheckUtils]: 14: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,248 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {15668#true} {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} #198#return; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,248 INFO L290 TraceCheckUtils]: 12: Hoare triple {15668#true} assume true; {15668#true} is VALID [2022-02-20 23:51:53,248 INFO L290 TraceCheckUtils]: 11: Hoare triple {15668#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {15668#true} is VALID [2022-02-20 23:51:53,248 INFO L290 TraceCheckUtils]: 10: Hoare triple {15668#true} ~size := #in~size; {15668#true} is VALID [2022-02-20 23:51:53,248 INFO L272 TraceCheckUtils]: 9: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {15668#true} is VALID [2022-02-20 23:51:53,249 INFO L290 TraceCheckUtils]: 8: Hoare triple {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,249 INFO L290 TraceCheckUtils]: 7: Hoare triple {15832#(bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|)} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {15765#(bvult |ULTIMATE.start_entry_point_~hdev~0#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,250 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {15839#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {15668#true} #196#return; {15832#(bvult |ULTIMATE.start_entry_point_#t~ret53#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,250 INFO L290 TraceCheckUtils]: 5: Hoare triple {15839#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {15839#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,250 INFO L290 TraceCheckUtils]: 4: Hoare triple {15668#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {15839#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:51:53,250 INFO L290 TraceCheckUtils]: 3: Hoare triple {15668#true} ~size := #in~size; {15668#true} is VALID [2022-02-20 23:51:53,250 INFO L272 TraceCheckUtils]: 2: Hoare triple {15668#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {15668#true} is VALID [2022-02-20 23:51:53,250 INFO L290 TraceCheckUtils]: 1: Hoare triple {15668#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {15668#true} is VALID [2022-02-20 23:51:53,250 INFO L290 TraceCheckUtils]: 0: Hoare triple {15668#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {15668#true} is VALID [2022-02-20 23:51:53,251 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:53,251 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:53,251 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1642896243] [2022-02-20 23:51:53,251 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1642896243] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:51:53,251 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:53,251 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4] total 9 [2022-02-20 23:51:53,251 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [988933509] [2022-02-20 23:51:53,251 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:53,251 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) Word has length 30 [2022-02-20 23:51:53,251 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:53,255 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:53,330 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 55 edges. 55 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:53,330 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:51:53,330 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:53,330 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:51:53,331 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:51:53,331 INFO L87 Difference]: Start difference. First operand 155 states and 173 transitions. Second operand has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:54,774 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:54,774 INFO L93 Difference]: Finished difference Result 208 states and 228 transitions. [2022-02-20 23:51:54,774 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:51:54,775 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) Word has length 30 [2022-02-20 23:51:54,776 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:54,776 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:54,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 188 transitions. [2022-02-20 23:51:54,778 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:54,779 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 188 transitions. [2022-02-20 23:51:54,780 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 188 transitions. [2022-02-20 23:51:55,000 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 188 edges. 188 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:55,002 INFO L225 Difference]: With dead ends: 208 [2022-02-20 23:51:55,003 INFO L226 Difference]: Without dead ends: 208 [2022-02-20 23:51:55,003 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 58 GetRequests, 47 SyntacticMatches, 3 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:51:55,003 INFO L933 BasicCegarLoop]: 109 mSDtfsCounter, 371 mSDsluCounter, 413 mSDsCounter, 0 mSdLazyCounter, 130 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 372 SdHoareTripleChecker+Valid, 522 SdHoareTripleChecker+Invalid, 163 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 130 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 25 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:55,003 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [372 Valid, 522 Invalid, 163 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 130 Invalid, 0 Unknown, 25 Unchecked, 0.2s Time] [2022-02-20 23:51:55,004 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2022-02-20 23:51:55,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 186. [2022-02-20 23:51:55,006 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:55,007 INFO L82 GeneralOperation]: Start isEquivalent. First operand 208 states. Second operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,007 INFO L74 IsIncluded]: Start isIncluded. First operand 208 states. Second operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,008 INFO L87 Difference]: Start difference. First operand 208 states. Second operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:55,011 INFO L93 Difference]: Finished difference Result 208 states and 228 transitions. [2022-02-20 23:51:55,011 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 228 transitions. [2022-02-20 23:51:55,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:55,012 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:55,012 INFO L74 IsIncluded]: Start isIncluded. First operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 208 states. [2022-02-20 23:51:55,012 INFO L87 Difference]: Start difference. First operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 208 states. [2022-02-20 23:51:55,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:55,023 INFO L93 Difference]: Finished difference Result 208 states and 228 transitions. [2022-02-20 23:51:55,023 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 228 transitions. [2022-02-20 23:51:55,024 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:55,024 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:55,024 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:55,024 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:55,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 186 states, 138 states have (on average 1.5434782608695652) internal successors, (213), 174 states have internal predecessors, (213), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,026 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 186 states to 186 states and 224 transitions. [2022-02-20 23:51:55,027 INFO L78 Accepts]: Start accepts. Automaton has 186 states and 224 transitions. Word has length 30 [2022-02-20 23:51:55,027 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:55,027 INFO L470 AbstractCegarLoop]: Abstraction has 186 states and 224 transitions. [2022-02-20 23:51:55,027 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 4.777777777777778) internal successors, (43), 8 states have internal predecessors, (43), 4 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:55,027 INFO L276 IsEmpty]: Start isEmpty. Operand 186 states and 224 transitions. [2022-02-20 23:51:55,027 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 23:51:55,028 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:55,028 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:55,050 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (23)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:55,249 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 23 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:55,250 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting ULTIMATE.startErr10REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:55,250 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:55,250 INFO L85 PathProgramCache]: Analyzing trace with hash 414602102, now seen corresponding path program 1 times [2022-02-20 23:51:55,250 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:55,250 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1843938293] [2022-02-20 23:51:55,250 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:55,250 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:55,250 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:55,251 INFO L229 MonitoredProcess]: Starting monitored process 24 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:55,287 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (24)] Waiting until timeout for monitored process [2022-02-20 23:51:55,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:55,327 INFO L263 TraceCheckSpWp]: Trace formula consists of 139 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:51:55,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:55,340 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:55,374 INFO L290 TraceCheckUtils]: 0: Hoare triple {16664#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {16664#true} is VALID [2022-02-20 23:51:55,374 INFO L290 TraceCheckUtils]: 1: Hoare triple {16664#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {16664#true} is VALID [2022-02-20 23:51:55,374 INFO L272 TraceCheckUtils]: 2: Hoare triple {16664#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 3: Hoare triple {16664#true} ~size := #in~size; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 4: Hoare triple {16664#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 5: Hoare triple {16664#true} assume true; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {16664#true} {16664#true} #196#return; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 7: Hoare triple {16664#true} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 8: Hoare triple {16664#true} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L272 TraceCheckUtils]: 9: Hoare triple {16664#true} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 10: Hoare triple {16664#true} ~size := #in~size; {16664#true} is VALID [2022-02-20 23:51:55,375 INFO L290 TraceCheckUtils]: 11: Hoare triple {16664#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 12: Hoare triple {16664#true} assume true; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {16664#true} {16664#true} #198#return; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 14: Hoare triple {16664#true} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 15: Hoare triple {16664#true} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L272 TraceCheckUtils]: 16: Hoare triple {16664#true} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 17: Hoare triple {16664#true} ~size := #in~size; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 18: Hoare triple {16664#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 19: Hoare triple {16664#true} assume true; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {16664#true} {16664#true} #200#return; {16664#true} is VALID [2022-02-20 23:51:55,376 INFO L290 TraceCheckUtils]: 21: Hoare triple {16664#true} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 22: Hoare triple {16664#true} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 23: Hoare triple {16664#true} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 24: Hoare triple {16664#true} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 25: Hoare triple {16664#true} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 26: Hoare triple {16664#true} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 27: Hoare triple {16664#true} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {16664#true} is VALID [2022-02-20 23:51:55,377 INFO L290 TraceCheckUtils]: 28: Hoare triple {16664#true} SUMMARY for call write~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(8bv32, entry_point_~intf~2#1.offset), entry_point_~hdev~0#1.base, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset), 4bv32); srcloc: L829 {16753#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:55,378 INFO L290 TraceCheckUtils]: 29: Hoare triple {16753#(= (select |#valid| |ULTIMATE.start_entry_point_~hdev~0#1.base|) (_ bv1 1))} assume { :begin_inline_ldv_arvo_probe } true;ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset := entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset;havoc ldv_arvo_probe_#res#1;havoc ldv_arvo_probe_#t~ret52#1, ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset, ldv_arvo_probe_~retval~1#1;ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset := ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset;havoc ldv_arvo_probe_~retval~1#1;assume { :begin_inline_ldv_arvo_init_specials } true;ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset := ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset;havoc ldv_arvo_init_specials_#res#1;havoc ldv_arvo_init_specials_#t~mem43#1.base, ldv_arvo_init_specials_#t~mem43#1.offset, ldv_arvo_init_specials_~__mptr~4#1.base, ldv_arvo_init_specials_~__mptr~4#1.offset, ldv_arvo_init_specials_#t~mem44#1.base, ldv_arvo_init_specials_#t~mem44#1.offset, ldv_arvo_init_specials_#t~mem45#1, ldv_arvo_init_specials_#t~ret46#1.base, ldv_arvo_init_specials_#t~ret46#1.offset, ldv_arvo_init_specials_#t~ret47#1, ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset, ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset, ldv_arvo_init_specials_~retval~0#1, ldv_arvo_init_specials_~intf~0#1.base, ldv_arvo_init_specials_~intf~0#1.offset;ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset := ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset;havoc ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset;havoc ldv_arvo_init_specials_~retval~0#1; {16757#(= (select |#valid| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:55,378 INFO L290 TraceCheckUtils]: 30: Hoare triple {16757#(= (select |#valid| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[ldv_arvo_init_specials_~hdev#1.base]); {16665#false} is VALID [2022-02-20 23:51:55,378 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-02-20 23:51:55,378 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:55,379 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:55,379 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1843938293] [2022-02-20 23:51:55,379 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1843938293] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:55,379 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:55,379 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:51:55,379 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1495362238] [2022-02-20 23:51:55,379 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:55,379 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 31 [2022-02-20 23:51:55,380 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:55,380 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:55,395 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:55,395 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:51:55,395 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:55,396 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:51:55,396 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:51:55,396 INFO L87 Difference]: Start difference. First operand 186 states and 224 transitions. Second operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:55,795 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:55,795 INFO L93 Difference]: Finished difference Result 212 states and 247 transitions. [2022-02-20 23:51:55,795 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:51:55,795 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 31 [2022-02-20 23:51:55,796 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:55,796 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:55,797 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 171 transitions. [2022-02-20 23:51:55,797 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:55,798 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 171 transitions. [2022-02-20 23:51:55,798 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 171 transitions. [2022-02-20 23:51:55,924 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 171 edges. 171 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:55,939 INFO L225 Difference]: With dead ends: 212 [2022-02-20 23:51:55,939 INFO L226 Difference]: Without dead ends: 212 [2022-02-20 23:51:55,940 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:55,940 INFO L933 BasicCegarLoop]: 100 mSDtfsCounter, 155 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 155 SdHoareTripleChecker+Valid, 205 SdHoareTripleChecker+Invalid, 104 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:55,940 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [155 Valid, 205 Invalid, 104 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:51:55,941 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 212 states. [2022-02-20 23:51:55,948 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 212 to 185. [2022-02-20 23:51:55,948 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:55,949 INFO L82 GeneralOperation]: Start isEquivalent. First operand 212 states. Second operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,950 INFO L74 IsIncluded]: Start isIncluded. First operand 212 states. Second operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,950 INFO L87 Difference]: Start difference. First operand 212 states. Second operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,953 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:55,954 INFO L93 Difference]: Finished difference Result 212 states and 247 transitions. [2022-02-20 23:51:55,954 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 247 transitions. [2022-02-20 23:51:55,954 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:55,954 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:55,955 INFO L74 IsIncluded]: Start isIncluded. First operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 212 states. [2022-02-20 23:51:55,955 INFO L87 Difference]: Start difference. First operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 212 states. [2022-02-20 23:51:55,958 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:55,959 INFO L93 Difference]: Finished difference Result 212 states and 247 transitions. [2022-02-20 23:51:55,959 INFO L276 IsEmpty]: Start isEmpty. Operand 212 states and 247 transitions. [2022-02-20 23:51:55,959 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:55,959 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:55,959 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:55,960 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:55,960 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 138 states have (on average 1.536231884057971) internal successors, (212), 173 states have internal predecessors, (212), 5 states have call successors, (5), 5 states have call predecessors, (5), 6 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:55,964 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 223 transitions. [2022-02-20 23:51:55,964 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 223 transitions. Word has length 31 [2022-02-20 23:51:55,964 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:55,965 INFO L470 AbstractCegarLoop]: Abstraction has 185 states and 223 transitions. [2022-02-20 23:51:55,965 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:51:55,965 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 223 transitions. [2022-02-20 23:51:55,965 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 23:51:55,965 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:55,965 INFO L514 BasicCegarLoop]: trace histogram [3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:55,980 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (24)] Ended with exit code 0 [2022-02-20 23:51:56,175 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 24 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:56,175 INFO L402 AbstractCegarLoop]: === Iteration 21 === Targeting ULTIMATE.startErr11REQUIRES_VIOLATION === [ldv_hid_set_drvdataErr0REQUIRES_VIOLATION, ldv_hid_set_drvdataErr1REQUIRES_VIOLATION, ULTIMATE.startErr0REQUIRES_VIOLATION (and 47 more)] === [2022-02-20 23:51:56,176 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:56,176 INFO L85 PathProgramCache]: Analyzing trace with hash 414602103, now seen corresponding path program 1 times [2022-02-20 23:51:56,176 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:56,194 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [759251618] [2022-02-20 23:51:56,194 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:56,194 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:56,194 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:56,195 INFO L229 MonitoredProcess]: Starting monitored process 25 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:56,196 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (25)] Waiting until timeout for monitored process [2022-02-20 23:51:56,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:56,292 INFO L263 TraceCheckSpWp]: Trace formula consists of 139 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:51:56,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:56,300 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:56,410 INFO L290 TraceCheckUtils]: 0: Hoare triple {17583#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {17583#true} is VALID [2022-02-20 23:51:56,410 INFO L290 TraceCheckUtils]: 1: Hoare triple {17583#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {17583#true} is VALID [2022-02-20 23:51:56,410 INFO L272 TraceCheckUtils]: 2: Hoare triple {17583#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {17583#true} is VALID [2022-02-20 23:51:56,411 INFO L290 TraceCheckUtils]: 3: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,411 INFO L290 TraceCheckUtils]: 4: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17600#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,411 INFO L290 TraceCheckUtils]: 5: Hoare triple {17600#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {17600#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,412 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {17600#(= |ldv_malloc_#res.offset| (_ bv0 32))} {17583#true} #196#return; {17607#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,412 INFO L290 TraceCheckUtils]: 7: Hoare triple {17607#(= |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv0 32))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,412 INFO L290 TraceCheckUtils]: 8: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,413 INFO L272 TraceCheckUtils]: 9: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {17583#true} is VALID [2022-02-20 23:51:56,413 INFO L290 TraceCheckUtils]: 10: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,413 INFO L290 TraceCheckUtils]: 11: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17583#true} is VALID [2022-02-20 23:51:56,413 INFO L290 TraceCheckUtils]: 12: Hoare triple {17583#true} assume true; {17583#true} is VALID [2022-02-20 23:51:56,413 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {17583#true} {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} #198#return; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,414 INFO L290 TraceCheckUtils]: 14: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,414 INFO L290 TraceCheckUtils]: 15: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,414 INFO L272 TraceCheckUtils]: 16: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {17583#true} is VALID [2022-02-20 23:51:56,414 INFO L290 TraceCheckUtils]: 17: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,415 INFO L290 TraceCheckUtils]: 18: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17583#true} is VALID [2022-02-20 23:51:56,415 INFO L290 TraceCheckUtils]: 19: Hoare triple {17583#true} assume true; {17583#true} is VALID [2022-02-20 23:51:56,415 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {17583#true} {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} #200#return; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,416 INFO L290 TraceCheckUtils]: 21: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,416 INFO L290 TraceCheckUtils]: 22: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,416 INFO L290 TraceCheckUtils]: 23: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,417 INFO L290 TraceCheckUtils]: 24: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,417 INFO L290 TraceCheckUtils]: 25: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,417 INFO L290 TraceCheckUtils]: 26: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,417 INFO L290 TraceCheckUtils]: 27: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:56,418 INFO L290 TraceCheckUtils]: 28: Hoare triple {17611#(= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32))} SUMMARY for call write~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(8bv32, entry_point_~intf~2#1.offset), entry_point_~hdev~0#1.base, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset), 4bv32); srcloc: L829 {17675#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (bvule (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|)))} is VALID [2022-02-20 23:51:56,419 INFO L290 TraceCheckUtils]: 29: Hoare triple {17675#(and (= |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv0 32)) (bvule (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|)))} assume { :begin_inline_ldv_arvo_probe } true;ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset := entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset;havoc ldv_arvo_probe_#res#1;havoc ldv_arvo_probe_#t~ret52#1, ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset, ldv_arvo_probe_~retval~1#1;ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset := ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset;havoc ldv_arvo_probe_~retval~1#1;assume { :begin_inline_ldv_arvo_init_specials } true;ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset := ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset;havoc ldv_arvo_init_specials_#res#1;havoc ldv_arvo_init_specials_#t~mem43#1.base, ldv_arvo_init_specials_#t~mem43#1.offset, ldv_arvo_init_specials_~__mptr~4#1.base, ldv_arvo_init_specials_~__mptr~4#1.offset, ldv_arvo_init_specials_#t~mem44#1.base, ldv_arvo_init_specials_#t~mem44#1.offset, ldv_arvo_init_specials_#t~mem45#1, ldv_arvo_init_specials_#t~ret46#1.base, ldv_arvo_init_specials_#t~ret46#1.offset, ldv_arvo_init_specials_#t~ret47#1, ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset, ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset, ldv_arvo_init_specials_~retval~0#1, ldv_arvo_init_specials_~intf~0#1.base, ldv_arvo_init_specials_~intf~0#1.offset;ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset := ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset;havoc ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset;havoc ldv_arvo_init_specials_~retval~0#1; {17679#(and (bvule (_ bv12 32) (select |#length| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|)) (= (_ bv0 32) |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset|))} is VALID [2022-02-20 23:51:56,419 INFO L290 TraceCheckUtils]: 30: Hoare triple {17679#(and (bvule (_ bv12 32) (select |#length| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|)) (= (_ bv0 32) |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset|))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset)), #length[ldv_arvo_init_specials_~hdev#1.base]) && ~bvule32(~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset), ~bvadd32(4bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset)))) && ~bvule32(0bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset))); {17584#false} is VALID [2022-02-20 23:51:56,419 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:56,419 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:56,517 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 6 [2022-02-20 23:51:56,706 INFO L290 TraceCheckUtils]: 30: Hoare triple {17683#(and (bvule (bvadd |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset|) (bvadd |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset| (_ bv12 32))))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset)), #length[ldv_arvo_init_specials_~hdev#1.base]) && ~bvule32(~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset), ~bvadd32(4bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset)))) && ~bvule32(0bv32, ~bvadd32(8bv32, ldv_arvo_init_specials_~hdev#1.offset))); {17584#false} is VALID [2022-02-20 23:51:56,707 INFO L290 TraceCheckUtils]: 29: Hoare triple {17687#(and (bvule (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32))))} assume { :begin_inline_ldv_arvo_probe } true;ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset := entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset;havoc ldv_arvo_probe_#res#1;havoc ldv_arvo_probe_#t~ret52#1, ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset, ldv_arvo_probe_~retval~1#1;ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset := ldv_arvo_probe_#in~hdev#1.base, ldv_arvo_probe_#in~hdev#1.offset;havoc ldv_arvo_probe_~retval~1#1;assume { :begin_inline_ldv_arvo_init_specials } true;ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset := ldv_arvo_probe_~hdev#1.base, ldv_arvo_probe_~hdev#1.offset;havoc ldv_arvo_init_specials_#res#1;havoc ldv_arvo_init_specials_#t~mem43#1.base, ldv_arvo_init_specials_#t~mem43#1.offset, ldv_arvo_init_specials_~__mptr~4#1.base, ldv_arvo_init_specials_~__mptr~4#1.offset, ldv_arvo_init_specials_#t~mem44#1.base, ldv_arvo_init_specials_#t~mem44#1.offset, ldv_arvo_init_specials_#t~mem45#1, ldv_arvo_init_specials_#t~ret46#1.base, ldv_arvo_init_specials_#t~ret46#1.offset, ldv_arvo_init_specials_#t~ret47#1, ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset, ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset, ldv_arvo_init_specials_~retval~0#1, ldv_arvo_init_specials_~intf~0#1.base, ldv_arvo_init_specials_~intf~0#1.offset;ldv_arvo_init_specials_~hdev#1.base, ldv_arvo_init_specials_~hdev#1.offset := ldv_arvo_init_specials_#in~hdev#1.base, ldv_arvo_init_specials_#in~hdev#1.offset;havoc ldv_arvo_init_specials_~arvo~0#1.base, ldv_arvo_init_specials_~arvo~0#1.offset;havoc ldv_arvo_init_specials_~retval~0#1; {17683#(and (bvule (bvadd |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.base|)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset|) (bvadd |ULTIMATE.start_ldv_arvo_init_specials_~hdev#1.offset| (_ bv12 32))))} is VALID [2022-02-20 23:51:56,708 INFO L290 TraceCheckUtils]: 28: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} SUMMARY for call write~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(8bv32, entry_point_~intf~2#1.offset), entry_point_~hdev~0#1.base, ~bvadd32(8bv32, entry_point_~hdev~0#1.offset), 4bv32); srcloc: L829 {17687#(and (bvule (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)) (select |#length| |ULTIMATE.start_entry_point_~hdev~0#1.base|)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32))))} is VALID [2022-02-20 23:51:56,708 INFO L290 TraceCheckUtils]: 27: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} havoc entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset;havoc entry_point_#t~nondet58#1; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,709 INFO L290 TraceCheckUtils]: 26: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} SUMMARY for call write~intINTTYPE1(entry_point_#t~nondet58#1[8:0], entry_point_#t~mem57#1.base, ~bvadd32(7bv32, entry_point_#t~mem57#1.offset), 1bv32); srcloc: L828-1 {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,709 INFO L290 TraceCheckUtils]: 25: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} SUMMARY for call entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L828 {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,709 INFO L290 TraceCheckUtils]: 24: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} assume !(entry_point_#t~mem56#1.base == 0bv32 && entry_point_#t~mem56#1.offset == 0bv32);havoc entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,710 INFO L290 TraceCheckUtils]: 23: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} SUMMARY for call entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset := read~$Pointer$(entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L827 {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,710 INFO L290 TraceCheckUtils]: 22: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} havoc entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,711 INFO L290 TraceCheckUtils]: 21: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} SUMMARY for call write~$Pointer$(entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_~intf~2#1.base, ~bvadd32(4bv32, entry_point_~intf~2#1.offset), 4bv32); srcloc: L826-1 {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,711 INFO L284 TraceCheckUtils]: 20: Hoare quadruple {17583#true} {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} #200#return; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,711 INFO L290 TraceCheckUtils]: 19: Hoare triple {17583#true} assume true; {17583#true} is VALID [2022-02-20 23:51:56,711 INFO L290 TraceCheckUtils]: 18: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17583#true} is VALID [2022-02-20 23:51:56,711 INFO L290 TraceCheckUtils]: 17: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,711 INFO L272 TraceCheckUtils]: 16: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} call entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset := ldv_malloc(9bv32); {17583#true} is VALID [2022-02-20 23:51:56,712 INFO L290 TraceCheckUtils]: 15: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} assume !(entry_point_~intf~2#1.base == 0bv32 && entry_point_~intf~2#1.offset == 0bv32); {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,712 INFO L290 TraceCheckUtils]: 14: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset := entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset;havoc entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,713 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {17583#true} {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} #198#return; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,713 INFO L290 TraceCheckUtils]: 12: Hoare triple {17583#true} assume true; {17583#true} is VALID [2022-02-20 23:51:56,713 INFO L290 TraceCheckUtils]: 11: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17583#true} is VALID [2022-02-20 23:51:56,713 INFO L290 TraceCheckUtils]: 10: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,713 INFO L272 TraceCheckUtils]: 9: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} call entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset := ldv_malloc(20bv32); {17583#true} is VALID [2022-02-20 23:51:56,713 INFO L290 TraceCheckUtils]: 8: Hoare triple {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} assume !(entry_point_~hdev~0#1.base == 0bv32 && entry_point_~hdev~0#1.offset == 0bv32); {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,714 INFO L290 TraceCheckUtils]: 7: Hoare triple {17755#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_#t~ret53#1.offset|) (bvadd |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv12 32)))} entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset := entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset; {17691#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_~hdev~0#1.offset|) (bvadd |ULTIMATE.start_entry_point_~hdev~0#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,714 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {17762#(bvule (bvadd (_ bv8 32) |ldv_malloc_#res.offset|) (bvadd |ldv_malloc_#res.offset| (_ bv12 32)))} {17583#true} #196#return; {17755#(bvule (bvadd (_ bv8 32) |ULTIMATE.start_entry_point_#t~ret53#1.offset|) (bvadd |ULTIMATE.start_entry_point_#t~ret53#1.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,715 INFO L290 TraceCheckUtils]: 5: Hoare triple {17762#(bvule (bvadd (_ bv8 32) |ldv_malloc_#res.offset|) (bvadd |ldv_malloc_#res.offset| (_ bv12 32)))} assume true; {17762#(bvule (bvadd (_ bv8 32) |ldv_malloc_#res.offset|) (bvadd |ldv_malloc_#res.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,715 INFO L290 TraceCheckUtils]: 4: Hoare triple {17583#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17762#(bvule (bvadd (_ bv8 32) |ldv_malloc_#res.offset|) (bvadd |ldv_malloc_#res.offset| (_ bv12 32)))} is VALID [2022-02-20 23:51:56,715 INFO L290 TraceCheckUtils]: 3: Hoare triple {17583#true} ~size := #in~size; {17583#true} is VALID [2022-02-20 23:51:56,715 INFO L272 TraceCheckUtils]: 2: Hoare triple {17583#true} call entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset := ldv_malloc(12bv32); {17583#true} is VALID [2022-02-20 23:51:56,715 INFO L290 TraceCheckUtils]: 1: Hoare triple {17583#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret53#1.base, entry_point_#t~ret53#1.offset, entry_point_#t~ret54#1.base, entry_point_#t~ret54#1.offset, entry_point_#t~ret55#1.base, entry_point_#t~ret55#1.offset, entry_point_#t~mem56#1.base, entry_point_#t~mem56#1.offset, entry_point_#t~mem57#1.base, entry_point_#t~mem57#1.offset, entry_point_#t~nondet58#1, entry_point_#t~ret59#1, entry_point_#t~mem60#1.base, entry_point_#t~mem60#1.offset, entry_point_~hdev~0#1.base, entry_point_~hdev~0#1.offset, entry_point_~intf~2#1.base, entry_point_~intf~2#1.offset; {17583#true} is VALID [2022-02-20 23:51:56,715 INFO L290 TraceCheckUtils]: 0: Hoare triple {17583#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {17583#true} is VALID [2022-02-20 23:51:56,715 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-02-20 23:51:56,715 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:56,716 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [759251618] [2022-02-20 23:51:56,716 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [759251618] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:51:56,716 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:56,716 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6] total 11 [2022-02-20 23:51:56,716 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1501467377] [2022-02-20 23:51:56,716 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:56,716 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 3.3636363636363638) internal successors, (37), 10 states have internal predecessors, (37), 3 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) Word has length 31 [2022-02-20 23:51:56,716 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:56,716 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 11 states have (on average 3.3636363636363638) internal successors, (37), 10 states have internal predecessors, (37), 3 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2022-02-20 23:51:56,768 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 48 edges. 48 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:56,768 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:51:56,768 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:56,769 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:51:56,769 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2022-02-20 23:51:56,769 INFO L87 Difference]: Start difference. First operand 185 states and 223 transitions. Second operand has 12 states, 11 states have (on average 3.3636363636363638) internal successors, (37), 10 states have internal predecessors, (37), 3 states have call successors, (5), 1 states have call predecessors, (5), 3 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6)