./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1df2ca055a97db0a00e0c4b03f212c5ac3c2765d37b628ab5708f179a281754f --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:51:33,557 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:51:33,559 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:51:33,592 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:51:33,592 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:51:33,595 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:51:33,596 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:51:33,598 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:51:33,600 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:51:33,603 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:51:33,604 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:51:33,605 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:51:33,605 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:51:33,607 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:51:33,608 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:51:33,610 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:51:33,611 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:51:33,612 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:51:33,613 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:51:33,617 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:51:33,618 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:51:33,619 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:51:33,620 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:51:33,620 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:51:33,625 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:51:33,625 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:51:33,625 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:51:33,626 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:51:33,627 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:51:33,627 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:51:33,628 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:51:33,628 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:51:33,629 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:51:33,630 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:51:33,631 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:51:33,632 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:51:33,632 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:51:33,632 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:51:33,632 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:51:33,633 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:51:33,633 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:51:33,635 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:51:33,659 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:51:33,659 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:51:33,660 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:51:33,660 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:51:33,661 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:51:33,661 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:51:33,661 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:51:33,661 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:51:33,661 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:51:33,662 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:51:33,662 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:51:33,662 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:51:33,663 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:51:33,664 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:51:33,664 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:51:33,664 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:51:33,664 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:51:33,664 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:51:33,664 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:51:33,665 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:51:33,665 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:51:33,666 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:51:33,666 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:51:33,666 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:51:33,666 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1df2ca055a97db0a00e0c4b03f212c5ac3c2765d37b628ab5708f179a281754f [2022-02-20 23:51:33,851 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:51:33,873 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:51:33,875 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:51:33,876 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:51:33,876 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:51:33,877 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i [2022-02-20 23:51:33,941 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eac244cc4/e12866f7407e473285df767ecb120633/FLAG77a2eab5d [2022-02-20 23:51:34,342 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:51:34,347 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i [2022-02-20 23:51:34,356 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eac244cc4/e12866f7407e473285df767ecb120633/FLAG77a2eab5d [2022-02-20 23:51:34,365 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eac244cc4/e12866f7407e473285df767ecb120633 [2022-02-20 23:51:34,367 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:51:34,368 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:51:34,371 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:51:34,371 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:51:34,373 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:51:34,374 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:51:34" (1/1) ... [2022-02-20 23:51:34,375 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@248b56bc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:34, skipping insertion in model container [2022-02-20 23:51:34,375 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:51:34" (1/1) ... [2022-02-20 23:51:34,389 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:51:34,424 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:51:34,667 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:51:34,688 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-02-20 23:51:34,689 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@39b92448 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:34, skipping insertion in model container [2022-02-20 23:51:34,691 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:51:34,693 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-02-20 23:51:34,695 INFO L158 Benchmark]: Toolchain (without parser) took 325.79ms. Allocated memory is still 92.3MB. Free memory was 49.3MB in the beginning and 58.4MB in the end (delta: -9.1MB). Peak memory consumption was 5.0MB. Max. memory is 16.1GB. [2022-02-20 23:51:34,696 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 92.3MB. Free memory is still 67.2MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 23:51:34,697 INFO L158 Benchmark]: CACSL2BoogieTranslator took 322.20ms. Allocated memory is still 92.3MB. Free memory was 49.1MB in the beginning and 58.4MB in the end (delta: -9.3MB). Peak memory consumption was 5.0MB. Max. memory is 16.1GB. [2022-02-20 23:51:34,698 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 92.3MB. Free memory is still 67.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 322.20ms. Allocated memory is still 92.3MB. Free memory was 49.1MB in the beginning and 58.4MB in the end (delta: -9.3MB). Peak memory consumption was 5.0MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1df2ca055a97db0a00e0c4b03f212c5ac3c2765d37b628ab5708f179a281754f --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:51:36,189 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:51:36,192 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:51:36,222 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:51:36,222 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:51:36,225 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:51:36,226 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:51:36,229 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:51:36,231 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:51:36,234 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:51:36,234 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:51:36,235 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:51:36,236 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:51:36,237 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:51:36,238 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:51:36,242 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:51:36,243 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:51:36,243 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:51:36,245 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:51:36,249 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:51:36,250 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:51:36,250 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:51:36,251 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:51:36,252 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:51:36,257 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:51:36,257 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:51:36,257 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:51:36,258 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:51:36,259 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:51:36,259 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:51:36,259 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:51:36,260 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:51:36,261 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:51:36,261 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:51:36,262 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:51:36,262 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:51:36,263 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:51:36,263 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:51:36,263 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:51:36,264 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:51:36,265 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:51:36,268 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-20 23:51:36,292 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:51:36,292 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:51:36,292 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:51:36,292 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:51:36,293 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:51:36,293 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:51:36,293 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:51:36,294 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:51:36,294 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:51:36,294 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:51:36,294 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:51:36,294 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:51:36,294 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:51:36,295 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:51:36,296 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 23:51:36,296 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 23:51:36,296 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:51:36,296 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:51:36,296 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:51:36,296 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:51:36,297 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:36,297 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 23:51:36,298 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1df2ca055a97db0a00e0c4b03f212c5ac3c2765d37b628ab5708f179a281754f [2022-02-20 23:51:36,550 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:51:36,574 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:51:36,577 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:51:36,577 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:51:36,578 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:51:36,579 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i [2022-02-20 23:51:36,620 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/be428b872/76b4570f16f448fc8da2151a2716671b/FLAGf596ebc06 [2022-02-20 23:51:37,088 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:51:37,089 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test19-2.i [2022-02-20 23:51:37,102 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/be428b872/76b4570f16f448fc8da2151a2716671b/FLAGf596ebc06 [2022-02-20 23:51:37,115 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/be428b872/76b4570f16f448fc8da2151a2716671b [2022-02-20 23:51:37,117 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:51:37,118 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:51:37,120 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:51:37,120 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:51:37,123 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:51:37,124 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,125 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5ddd650f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37, skipping insertion in model container [2022-02-20 23:51:37,125 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,129 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:51:37,166 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:51:37,466 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:51:37,490 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 23:51:37,497 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:51:37,556 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:51:37,564 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:51:37,613 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:51:37,661 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:51:37,661 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37 WrapperNode [2022-02-20 23:51:37,661 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:51:37,662 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:51:37,662 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:51:37,663 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:51:37,667 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,701 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,722 INFO L137 Inliner]: procedures = 171, calls = 87, calls flagged for inlining = 25, calls inlined = 7, statements flattened = 76 [2022-02-20 23:51:37,723 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:51:37,724 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:51:37,724 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:51:37,724 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:51:37,729 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,729 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,731 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,732 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,739 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,740 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,741 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,743 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:51:37,743 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:51:37,743 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:51:37,744 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:51:37,744 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (1/1) ... [2022-02-20 23:51:37,748 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:51:37,757 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:51:37,766 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:51:37,801 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:51:37,818 INFO L130 BoogieDeclarations]: Found specification of procedure f19_undo [2022-02-20 23:51:37,818 INFO L138 BoogieDeclarations]: Found implementation of procedure f19_undo [2022-02-20 23:51:37,818 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-02-20 23:51:37,818 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-02-20 23:51:37,819 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:51:37,819 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:51:37,819 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2022-02-20 23:51:37,819 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:51:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:51:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:51:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:51:37,824 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:51:37,824 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:51:37,899 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:51:37,900 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:51:38,106 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:51:38,111 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:51:38,111 INFO L299 CfgBuilder]: Removed 0 assume(true) statements. [2022-02-20 23:51:38,113 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:51:38 BoogieIcfgContainer [2022-02-20 23:51:38,113 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:51:38,136 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:51:38,136 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:51:38,138 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:51:38,139 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:51:37" (1/3) ... [2022-02-20 23:51:38,139 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39749cf2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:51:38, skipping insertion in model container [2022-02-20 23:51:38,139 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:51:37" (2/3) ... [2022-02-20 23:51:38,140 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@39749cf2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:51:38, skipping insertion in model container [2022-02-20 23:51:38,140 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:51:38" (3/3) ... [2022-02-20 23:51:38,141 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test19-2.i [2022-02-20 23:51:38,144 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:51:38,144 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 24 error locations. [2022-02-20 23:51:38,187 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:51:38,205 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:51:38,205 INFO L340 AbstractCegarLoop]: Starting to check reachability of 24 error locations. [2022-02-20 23:51:38,223 INFO L276 IsEmpty]: Start isEmpty. Operand has 70 states, 39 states have (on average 1.7692307692307692) internal successors, (69), 64 states have internal predecessors, (69), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:51:38,227 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2022-02-20 23:51:38,228 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:38,229 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:38,229 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:38,235 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:38,236 INFO L85 PathProgramCache]: Analyzing trace with hash 1461209413, now seen corresponding path program 1 times [2022-02-20 23:51:38,243 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:38,245 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2035265976] [2022-02-20 23:51:38,245 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:38,246 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:38,246 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:38,248 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:38,273 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 23:51:38,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:38,323 INFO L263 TraceCheckSpWp]: Trace formula consists of 48 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:51:38,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:38,334 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:38,385 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:38,502 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:51:38,503 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:51:38,519 INFO L290 TraceCheckUtils]: 0: Hoare triple {73#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {73#true} is VALID [2022-02-20 23:51:38,520 INFO L290 TraceCheckUtils]: 1: Hoare triple {73#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {81#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:38,521 INFO L272 TraceCheckUtils]: 2: Hoare triple {81#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {85#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:38,522 INFO L290 TraceCheckUtils]: 3: Hoare triple {85#(= |old(#valid)| |#valid|)} ~size := #in~size; {85#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:38,523 INFO L290 TraceCheckUtils]: 4: Hoare triple {85#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {92#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:38,523 INFO L290 TraceCheckUtils]: 5: Hoare triple {92#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {92#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:38,525 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {92#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {81#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} #102#return; {81#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:38,525 INFO L290 TraceCheckUtils]: 7: Hoare triple {81#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[probe_unsafe_19_~a#1.base]); {74#false} is VALID [2022-02-20 23:51:38,526 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:38,526 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:38,527 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:38,527 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2035265976] [2022-02-20 23:51:38,527 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2035265976] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:38,527 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:38,528 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:51:38,529 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1447871544] [2022-02-20 23:51:38,529 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:38,532 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 8 [2022-02-20 23:51:38,534 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:38,536 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:38,549 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:38,549 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:51:38,550 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:38,566 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:51:38,567 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:38,570 INFO L87 Difference]: Start difference. First operand has 70 states, 39 states have (on average 1.7692307692307692) internal successors, (69), 64 states have internal predecessors, (69), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:39,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:39,084 INFO L93 Difference]: Finished difference Result 98 states and 111 transitions. [2022-02-20 23:51:39,084 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:39,085 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 8 [2022-02-20 23:51:39,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:39,086 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:39,100 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 114 transitions. [2022-02-20 23:51:39,101 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:39,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 114 transitions. [2022-02-20 23:51:39,106 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 114 transitions. [2022-02-20 23:51:39,208 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 114 edges. 114 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:39,217 INFO L225 Difference]: With dead ends: 98 [2022-02-20 23:51:39,217 INFO L226 Difference]: Without dead ends: 96 [2022-02-20 23:51:39,218 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 1 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:39,221 INFO L933 BasicCegarLoop]: 70 mSDtfsCounter, 51 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 81 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 81 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 41 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:39,221 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 208 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 81 Invalid, 0 Unknown, 41 Unchecked, 0.1s Time] [2022-02-20 23:51:39,232 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2022-02-20 23:51:39,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 75. [2022-02-20 23:51:39,243 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:39,244 INFO L82 GeneralOperation]: Start isEquivalent. First operand 96 states. Second operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:39,244 INFO L74 IsIncluded]: Start isIncluded. First operand 96 states. Second operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:39,245 INFO L87 Difference]: Start difference. First operand 96 states. Second operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:39,250 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:39,251 INFO L93 Difference]: Finished difference Result 96 states and 109 transitions. [2022-02-20 23:51:39,251 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 109 transitions. [2022-02-20 23:51:39,252 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:39,252 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:39,252 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) Second operand 96 states. [2022-02-20 23:51:39,253 INFO L87 Difference]: Start difference. First operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) Second operand 96 states. [2022-02-20 23:51:39,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:39,257 INFO L93 Difference]: Finished difference Result 96 states and 109 transitions. [2022-02-20 23:51:39,258 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 109 transitions. [2022-02-20 23:51:39,258 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:39,258 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:39,259 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:39,259 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:39,259 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 46 states have (on average 1.7391304347826086) internal successors, (80), 68 states have internal predecessors, (80), 4 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2022-02-20 23:51:39,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 90 transitions. [2022-02-20 23:51:39,263 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 90 transitions. Word has length 8 [2022-02-20 23:51:39,263 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:39,263 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 90 transitions. [2022-02-20 23:51:39,264 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:39,264 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 90 transitions. [2022-02-20 23:51:39,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2022-02-20 23:51:39,264 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:39,264 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:39,271 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Ended with exit code 0 [2022-02-20 23:51:39,470 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:39,471 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:39,472 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:39,472 INFO L85 PathProgramCache]: Analyzing trace with hash 1461209414, now seen corresponding path program 1 times [2022-02-20 23:51:39,473 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:39,473 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [452599592] [2022-02-20 23:51:39,473 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:39,473 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:39,473 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:39,474 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:39,478 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 23:51:39,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:39,534 INFO L263 TraceCheckSpWp]: Trace formula consists of 48 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:51:39,541 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:39,542 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:39,565 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:39,570 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:39,666 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:39,667 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:39,674 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:39,674 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:39,693 INFO L290 TraceCheckUtils]: 0: Hoare triple {466#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {466#true} is VALID [2022-02-20 23:51:39,694 INFO L290 TraceCheckUtils]: 1: Hoare triple {466#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {474#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:51:39,695 INFO L272 TraceCheckUtils]: 2: Hoare triple {474#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {478#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:39,695 INFO L290 TraceCheckUtils]: 3: Hoare triple {478#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {478#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:39,696 INFO L290 TraceCheckUtils]: 4: Hoare triple {478#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {485#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_13 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_13))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:39,697 INFO L290 TraceCheckUtils]: 5: Hoare triple {485#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_13 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_13))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {485#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_13 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_13))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:39,698 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {485#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_13 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_13))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {474#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} #102#return; {492#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:51:39,699 INFO L290 TraceCheckUtils]: 7: Hoare triple {492#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset)), #length[probe_unsafe_19_~a#1.base]) && ~bvule32(~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), ~bvadd32(4bv32, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset)))) && ~bvule32(0bv32, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset))); {467#false} is VALID [2022-02-20 23:51:39,699 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:39,699 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:39,699 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:39,700 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [452599592] [2022-02-20 23:51:39,700 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [452599592] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:39,700 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:39,700 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:51:39,700 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [895215796] [2022-02-20 23:51:39,700 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:39,701 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 8 [2022-02-20 23:51:39,701 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:39,702 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:39,711 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:39,711 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:39,711 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:39,711 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:39,711 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:39,712 INFO L87 Difference]: Start difference. First operand 75 states and 90 transitions. Second operand has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:40,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:40,335 INFO L93 Difference]: Finished difference Result 120 states and 134 transitions. [2022-02-20 23:51:40,335 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:51:40,335 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 8 [2022-02-20 23:51:40,335 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:40,335 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:40,338 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 139 transitions. [2022-02-20 23:51:40,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:40,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 139 transitions. [2022-02-20 23:51:40,341 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 139 transitions. [2022-02-20 23:51:40,460 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 139 edges. 139 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:40,463 INFO L225 Difference]: With dead ends: 120 [2022-02-20 23:51:40,463 INFO L226 Difference]: Without dead ends: 120 [2022-02-20 23:51:40,463 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:40,464 INFO L933 BasicCegarLoop]: 71 mSDtfsCounter, 66 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 55 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:40,464 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [67 Valid, 247 Invalid, 207 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 136 Invalid, 0 Unknown, 55 Unchecked, 0.2s Time] [2022-02-20 23:51:40,465 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2022-02-20 23:51:40,468 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 77. [2022-02-20 23:51:40,469 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:40,469 INFO L82 GeneralOperation]: Start isEquivalent. First operand 120 states. Second operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:40,469 INFO L74 IsIncluded]: Start isIncluded. First operand 120 states. Second operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:40,470 INFO L87 Difference]: Start difference. First operand 120 states. Second operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:40,473 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:40,473 INFO L93 Difference]: Finished difference Result 120 states and 134 transitions. [2022-02-20 23:51:40,473 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 134 transitions. [2022-02-20 23:51:40,474 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:40,474 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:40,475 INFO L74 IsIncluded]: Start isIncluded. First operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 120 states. [2022-02-20 23:51:40,475 INFO L87 Difference]: Start difference. First operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 120 states. [2022-02-20 23:51:40,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:40,479 INFO L93 Difference]: Finished difference Result 120 states and 134 transitions. [2022-02-20 23:51:40,479 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 134 transitions. [2022-02-20 23:51:40,480 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:40,480 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:40,480 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:40,480 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:40,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 49 states have (on average 1.6734693877551021) internal successors, (82), 69 states have internal predecessors, (82), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:40,483 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 94 transitions. [2022-02-20 23:51:40,483 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 94 transitions. Word has length 8 [2022-02-20 23:51:40,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:40,483 INFO L470 AbstractCegarLoop]: Abstraction has 77 states and 94 transitions. [2022-02-20 23:51:40,483 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 4 states have (on average 1.5) internal successors, (6), 5 states have internal predecessors, (6), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:40,484 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 94 transitions. [2022-02-20 23:51:40,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:51:40,484 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:40,484 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:40,493 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 23:51:40,690 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:40,691 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr13REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:40,691 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:40,691 INFO L85 PathProgramCache]: Analyzing trace with hash -1807662222, now seen corresponding path program 1 times [2022-02-20 23:51:40,692 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:40,692 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1490902329] [2022-02-20 23:51:40,692 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:40,692 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:40,693 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:40,693 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:40,695 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 23:51:40,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:40,744 INFO L263 TraceCheckSpWp]: Trace formula consists of 77 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:51:40,752 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:40,753 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:40,789 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:40,808 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 8 [2022-02-20 23:51:40,820 INFO L290 TraceCheckUtils]: 0: Hoare triple {932#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {932#true} is VALID [2022-02-20 23:51:40,821 INFO L290 TraceCheckUtils]: 1: Hoare triple {932#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {932#true} is VALID [2022-02-20 23:51:40,821 INFO L272 TraceCheckUtils]: 2: Hoare triple {932#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {932#true} is VALID [2022-02-20 23:51:40,821 INFO L290 TraceCheckUtils]: 3: Hoare triple {932#true} ~size := #in~size; {932#true} is VALID [2022-02-20 23:51:40,821 INFO L290 TraceCheckUtils]: 4: Hoare triple {932#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {949#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,822 INFO L290 TraceCheckUtils]: 5: Hoare triple {949#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {949#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,822 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {949#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {932#true} #102#return; {956#(not (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,824 INFO L290 TraceCheckUtils]: 7: Hoare triple {956#(not (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {960#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:40,824 INFO L290 TraceCheckUtils]: 8: Hoare triple {960#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {960#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:40,825 INFO L290 TraceCheckUtils]: 9: Hoare triple {960#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {967#(not (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:40,825 INFO L290 TraceCheckUtils]: 10: Hoare triple {967#(not (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.base| (_ bv0 32)))} assume probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32;havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset; {933#false} is VALID [2022-02-20 23:51:40,825 INFO L290 TraceCheckUtils]: 11: Hoare triple {933#false} probe_unsafe_19_#res#1 := probe_unsafe_19_~ret~0#1; {933#false} is VALID [2022-02-20 23:51:40,826 INFO L290 TraceCheckUtils]: 12: Hoare triple {933#false} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {933#false} is VALID [2022-02-20 23:51:40,826 INFO L290 TraceCheckUtils]: 13: Hoare triple {933#false} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {933#false} is VALID [2022-02-20 23:51:40,826 INFO L290 TraceCheckUtils]: 14: Hoare triple {933#false} assume !(1bv1 == #valid[disconnect_19_~a#1.base]); {933#false} is VALID [2022-02-20 23:51:40,826 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:40,826 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:40,826 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:40,827 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1490902329] [2022-02-20 23:51:40,827 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1490902329] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:40,827 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:40,827 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:51:40,827 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [637055270] [2022-02-20 23:51:40,827 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:40,828 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:51:40,828 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:40,828 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:40,840 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:40,840 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:40,841 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:40,841 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:40,841 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:40,841 INFO L87 Difference]: Start difference. First operand 77 states and 94 transitions. Second operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,174 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,175 INFO L93 Difference]: Finished difference Result 86 states and 107 transitions. [2022-02-20 23:51:41,175 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:41,175 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:51:41,175 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:41,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 85 transitions. [2022-02-20 23:51:41,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 85 transitions. [2022-02-20 23:51:41,178 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 85 transitions. [2022-02-20 23:51:41,244 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 85 edges. 85 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:41,245 INFO L225 Difference]: With dead ends: 86 [2022-02-20 23:51:41,245 INFO L226 Difference]: Without dead ends: 86 [2022-02-20 23:51:41,245 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:41,246 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 4 mSDsluCounter, 256 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 324 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:41,246 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [6 Valid, 324 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:51:41,246 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2022-02-20 23:51:41,249 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 81. [2022-02-20 23:51:41,249 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:41,249 INFO L82 GeneralOperation]: Start isEquivalent. First operand 86 states. Second operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,250 INFO L74 IsIncluded]: Start isIncluded. First operand 86 states. Second operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,250 INFO L87 Difference]: Start difference. First operand 86 states. Second operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,253 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,253 INFO L93 Difference]: Finished difference Result 86 states and 107 transitions. [2022-02-20 23:51:41,253 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 107 transitions. [2022-02-20 23:51:41,254 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:41,255 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:41,255 INFO L74 IsIncluded]: Start isIncluded. First operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 86 states. [2022-02-20 23:51:41,255 INFO L87 Difference]: Start difference. First operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 86 states. [2022-02-20 23:51:41,258 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,258 INFO L93 Difference]: Finished difference Result 86 states and 107 transitions. [2022-02-20 23:51:41,258 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 107 transitions. [2022-02-20 23:51:41,259 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:41,259 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:41,259 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:41,259 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:41,259 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 53 states have (on average 1.6226415094339623) internal successors, (86), 72 states have internal predecessors, (86), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,261 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 98 transitions. [2022-02-20 23:51:41,261 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 98 transitions. Word has length 15 [2022-02-20 23:51:41,262 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:41,262 INFO L470 AbstractCegarLoop]: Abstraction has 81 states and 98 transitions. [2022-02-20 23:51:41,267 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,267 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 98 transitions. [2022-02-20 23:51:41,268 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:51:41,268 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:41,268 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:41,276 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:41,474 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:41,475 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr13REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:41,475 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:41,476 INFO L85 PathProgramCache]: Analyzing trace with hash 690353715, now seen corresponding path program 1 times [2022-02-20 23:51:41,476 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:41,476 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [997857529] [2022-02-20 23:51:41,476 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:41,476 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:41,476 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:41,477 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:41,479 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 23:51:41,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:41,520 INFO L263 TraceCheckSpWp]: Trace formula consists of 71 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:51:41,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:41,526 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:41,567 INFO L290 TraceCheckUtils]: 0: Hoare triple {1325#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1325#true} is VALID [2022-02-20 23:51:41,568 INFO L290 TraceCheckUtils]: 1: Hoare triple {1325#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,568 INFO L272 TraceCheckUtils]: 2: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {1325#true} is VALID [2022-02-20 23:51:41,568 INFO L290 TraceCheckUtils]: 3: Hoare triple {1325#true} ~size := #in~size; {1325#true} is VALID [2022-02-20 23:51:41,569 INFO L290 TraceCheckUtils]: 4: Hoare triple {1325#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {1325#true} is VALID [2022-02-20 23:51:41,569 INFO L290 TraceCheckUtils]: 5: Hoare triple {1325#true} assume true; {1325#true} is VALID [2022-02-20 23:51:41,569 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1325#true} {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} #102#return; {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,570 INFO L290 TraceCheckUtils]: 7: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,570 INFO L290 TraceCheckUtils]: 8: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,571 INFO L290 TraceCheckUtils]: 9: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,571 INFO L290 TraceCheckUtils]: 10: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} assume probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32;havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset; {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,571 INFO L290 TraceCheckUtils]: 11: Hoare triple {1333#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} probe_unsafe_19_#res#1 := probe_unsafe_19_~ret~0#1; {1364#(= |ULTIMATE.start_probe_unsafe_19_#res#1| (_ bv3 32))} is VALID [2022-02-20 23:51:41,572 INFO L290 TraceCheckUtils]: 12: Hoare triple {1364#(= |ULTIMATE.start_probe_unsafe_19_#res#1| (_ bv3 32))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {1368#(= (_ bv3 32) |ULTIMATE.start_entry_point_~ret~1#1|)} is VALID [2022-02-20 23:51:41,572 INFO L290 TraceCheckUtils]: 13: Hoare triple {1368#(= (_ bv3 32) |ULTIMATE.start_entry_point_~ret~1#1|)} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {1326#false} is VALID [2022-02-20 23:51:41,572 INFO L290 TraceCheckUtils]: 14: Hoare triple {1326#false} assume !(1bv1 == #valid[disconnect_19_~a#1.base]); {1326#false} is VALID [2022-02-20 23:51:41,572 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:41,572 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:41,573 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:41,573 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [997857529] [2022-02-20 23:51:41,573 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [997857529] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:41,573 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:41,573 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:51:41,573 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [903980843] [2022-02-20 23:51:41,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:41,574 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:51:41,574 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:41,574 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,586 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:41,586 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:51:41,586 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:41,586 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:51:41,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:41,587 INFO L87 Difference]: Start difference. First operand 81 states and 98 transitions. Second operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,846 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,846 INFO L93 Difference]: Finished difference Result 88 states and 104 transitions. [2022-02-20 23:51:41,846 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:41,846 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:51:41,847 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:41,847 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,848 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 78 transitions. [2022-02-20 23:51:41,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,849 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 78 transitions. [2022-02-20 23:51:41,849 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 78 transitions. [2022-02-20 23:51:41,892 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 78 edges. 78 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:41,893 INFO L225 Difference]: With dead ends: 88 [2022-02-20 23:51:41,893 INFO L226 Difference]: Without dead ends: 88 [2022-02-20 23:51:41,893 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:51:41,894 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 25 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 251 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:41,894 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [26 Valid, 251 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:51:41,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-02-20 23:51:41,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 84. [2022-02-20 23:51:41,897 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:41,897 INFO L82 GeneralOperation]: Start isEquivalent. First operand 88 states. Second operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,898 INFO L74 IsIncluded]: Start isIncluded. First operand 88 states. Second operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,898 INFO L87 Difference]: Start difference. First operand 88 states. Second operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,900 INFO L93 Difference]: Finished difference Result 88 states and 104 transitions. [2022-02-20 23:51:41,900 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 104 transitions. [2022-02-20 23:51:41,900 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:41,900 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:41,900 INFO L74 IsIncluded]: Start isIncluded. First operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 88 states. [2022-02-20 23:51:41,900 INFO L87 Difference]: Start difference. First operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 88 states. [2022-02-20 23:51:41,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:41,902 INFO L93 Difference]: Finished difference Result 88 states and 104 transitions. [2022-02-20 23:51:41,902 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 104 transitions. [2022-02-20 23:51:41,903 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:41,903 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:41,903 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:41,903 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:41,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 56 states have (on average 1.5892857142857142) internal successors, (89), 75 states have internal predecessors, (89), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:41,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 101 transitions. [2022-02-20 23:51:41,917 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 101 transitions. Word has length 15 [2022-02-20 23:51:41,918 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:41,918 INFO L470 AbstractCegarLoop]: Abstraction has 84 states and 101 transitions. [2022-02-20 23:51:41,918 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:41,918 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 101 transitions. [2022-02-20 23:51:41,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:51:41,919 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:41,919 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:41,927 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:42,125 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:42,125 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr4REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:42,126 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:42,126 INFO L85 PathProgramCache]: Analyzing trace with hash 891124571, now seen corresponding path program 1 times [2022-02-20 23:51:42,126 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:42,126 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [207260971] [2022-02-20 23:51:42,126 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:42,126 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:42,126 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:42,127 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:42,128 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 23:51:42,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:42,189 INFO L263 TraceCheckSpWp]: Trace formula consists of 91 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:51:42,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:42,196 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:42,207 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:42,281 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:51:42,282 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:51:42,289 INFO L290 TraceCheckUtils]: 0: Hoare triple {1726#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L290 TraceCheckUtils]: 1: Hoare triple {1726#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L272 TraceCheckUtils]: 2: Hoare triple {1726#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L290 TraceCheckUtils]: 3: Hoare triple {1726#true} ~size := #in~size; {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L290 TraceCheckUtils]: 4: Hoare triple {1726#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L290 TraceCheckUtils]: 5: Hoare triple {1726#true} assume true; {1726#true} is VALID [2022-02-20 23:51:42,290 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1726#true} {1726#true} #102#return; {1726#true} is VALID [2022-02-20 23:51:42,292 INFO L290 TraceCheckUtils]: 7: Hoare triple {1726#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:42,293 INFO L290 TraceCheckUtils]: 8: Hoare triple {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:42,294 INFO L290 TraceCheckUtils]: 9: Hoare triple {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:42,294 INFO L290 TraceCheckUtils]: 10: Hoare triple {1752#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {1762#(= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:42,295 INFO L272 TraceCheckUtils]: 11: Hoare triple {1762#(= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {1766#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:42,295 INFO L290 TraceCheckUtils]: 12: Hoare triple {1766#(= |old(#valid)| |#valid|)} ~size := #in~size; {1766#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:42,296 INFO L290 TraceCheckUtils]: 13: Hoare triple {1766#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1773#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:42,297 INFO L290 TraceCheckUtils]: 14: Hoare triple {1773#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} assume true; {1773#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} is VALID [2022-02-20 23:51:42,297 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {1773#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |old(#valid)| |ldv_malloc_#res.base| (_ bv1 1)) |#valid|))} {1762#(= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1))} #104#return; {1762#(= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:51:42,298 INFO L290 TraceCheckUtils]: 16: Hoare triple {1762#(= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[f19_~a#1.base]); {1727#false} is VALID [2022-02-20 23:51:42,298 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:42,298 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:42,298 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:42,298 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [207260971] [2022-02-20 23:51:42,299 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [207260971] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:42,299 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:42,299 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:51:42,299 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1858914109] [2022-02-20 23:51:42,299 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:42,299 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:51:42,300 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:42,300 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:42,313 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:42,313 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:42,313 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:42,314 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:42,314 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:42,314 INFO L87 Difference]: Start difference. First operand 84 states and 101 transitions. Second operand has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:42,955 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:42,955 INFO L93 Difference]: Finished difference Result 118 states and 133 transitions. [2022-02-20 23:51:42,956 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:42,956 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:51:42,956 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:42,956 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:42,958 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 132 transitions. [2022-02-20 23:51:42,958 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:42,959 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 132 transitions. [2022-02-20 23:51:42,960 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 132 transitions. [2022-02-20 23:51:43,069 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 132 edges. 132 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:43,070 INFO L225 Difference]: With dead ends: 118 [2022-02-20 23:51:43,070 INFO L226 Difference]: Without dead ends: 118 [2022-02-20 23:51:43,071 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:51:43,071 INFO L933 BasicCegarLoop]: 69 mSDtfsCounter, 80 mSDsluCounter, 175 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 244 SdHoareTripleChecker+Invalid, 187 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 51 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:43,071 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 244 Invalid, 187 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 126 Invalid, 0 Unknown, 51 Unchecked, 0.2s Time] [2022-02-20 23:51:43,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2022-02-20 23:51:43,074 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 82. [2022-02-20 23:51:43,075 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:43,075 INFO L82 GeneralOperation]: Start isEquivalent. First operand 118 states. Second operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:43,075 INFO L74 IsIncluded]: Start isIncluded. First operand 118 states. Second operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:43,075 INFO L87 Difference]: Start difference. First operand 118 states. Second operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:43,078 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:43,078 INFO L93 Difference]: Finished difference Result 118 states and 133 transitions. [2022-02-20 23:51:43,078 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 133 transitions. [2022-02-20 23:51:43,078 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:43,078 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:43,079 INFO L74 IsIncluded]: Start isIncluded. First operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 118 states. [2022-02-20 23:51:43,079 INFO L87 Difference]: Start difference. First operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 118 states. [2022-02-20 23:51:43,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:43,081 INFO L93 Difference]: Finished difference Result 118 states and 133 transitions. [2022-02-20 23:51:43,081 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 133 transitions. [2022-02-20 23:51:43,081 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:43,082 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:43,082 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:43,082 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:43,082 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 56 states have (on average 1.5178571428571428) internal successors, (85), 73 states have internal predecessors, (85), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:43,083 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 97 transitions. [2022-02-20 23:51:43,084 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 97 transitions. Word has length 17 [2022-02-20 23:51:43,084 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:43,084 INFO L470 AbstractCegarLoop]: Abstraction has 82 states and 97 transitions. [2022-02-20 23:51:43,084 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 2.6) internal successors, (13), 6 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:43,084 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 97 transitions. [2022-02-20 23:51:43,084 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:51:43,084 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:43,084 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:43,091 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:43,290 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:43,291 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr5REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:43,291 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:43,291 INFO L85 PathProgramCache]: Analyzing trace with hash 891124572, now seen corresponding path program 1 times [2022-02-20 23:51:43,292 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:43,292 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2073222423] [2022-02-20 23:51:43,292 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:43,292 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:43,292 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:43,293 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:43,295 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 23:51:43,377 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:43,379 INFO L263 TraceCheckSpWp]: Trace formula consists of 91 conjuncts, 17 conjunts are in the unsatisfiable core [2022-02-20 23:51:43,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:43,390 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:43,406 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:51:43,596 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:43,597 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:51:43,604 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:51:43,604 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:51:43,631 INFO L290 TraceCheckUtils]: 0: Hoare triple {2220#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2220#true} is VALID [2022-02-20 23:51:43,632 INFO L290 TraceCheckUtils]: 1: Hoare triple {2220#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {2228#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:43,632 INFO L272 TraceCheckUtils]: 2: Hoare triple {2228#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {2220#true} is VALID [2022-02-20 23:51:43,632 INFO L290 TraceCheckUtils]: 3: Hoare triple {2220#true} ~size := #in~size; {2220#true} is VALID [2022-02-20 23:51:43,632 INFO L290 TraceCheckUtils]: 4: Hoare triple {2220#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2220#true} is VALID [2022-02-20 23:51:43,632 INFO L290 TraceCheckUtils]: 5: Hoare triple {2220#true} assume true; {2220#true} is VALID [2022-02-20 23:51:43,633 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2220#true} {2228#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {2228#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:43,633 INFO L290 TraceCheckUtils]: 7: Hoare triple {2228#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:51:43,634 INFO L290 TraceCheckUtils]: 8: Hoare triple {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:51:43,634 INFO L290 TraceCheckUtils]: 9: Hoare triple {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:51:43,635 INFO L290 TraceCheckUtils]: 10: Hoare triple {2247#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1)) (bvule (bvadd (_ bv8 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {2257#(and (= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1)) (bvule (_ bv8 32) (select |#length| |ULTIMATE.start_f19_~a#1.base|)) (= |ULTIMATE.start_f19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:43,635 INFO L272 TraceCheckUtils]: 11: Hoare triple {2257#(and (= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1)) (bvule (_ bv8 32) (select |#length| |ULTIMATE.start_f19_~a#1.base|)) (= |ULTIMATE.start_f19_~a#1.offset| (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {2261#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:43,635 INFO L290 TraceCheckUtils]: 12: Hoare triple {2261#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {2261#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:51:43,636 INFO L290 TraceCheckUtils]: 13: Hoare triple {2261#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2268#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_61 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_61) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:43,637 INFO L290 TraceCheckUtils]: 14: Hoare triple {2268#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_61 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_61) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {2268#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_61 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_61) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:51:43,638 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {2268#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_61 (_ BitVec 32))) (= (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_61) |#length|)) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {2257#(and (= (select |#valid| |ULTIMATE.start_f19_~a#1.base|) (_ bv1 1)) (bvule (_ bv8 32) (select |#length| |ULTIMATE.start_f19_~a#1.base|)) (= |ULTIMATE.start_f19_~a#1.offset| (_ bv0 32)))} #104#return; {2275#(and (bvule (_ bv8 32) (select |#length| |ULTIMATE.start_f19_~a#1.base|)) (= |ULTIMATE.start_f19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:43,639 INFO L290 TraceCheckUtils]: 16: Hoare triple {2275#(and (bvule (_ bv8 32) (select |#length| |ULTIMATE.start_f19_~a#1.base|)) (= |ULTIMATE.start_f19_~a#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, f19_~a#1.offset), #length[f19_~a#1.base]) && ~bvule32(f19_~a#1.offset, ~bvadd32(4bv32, f19_~a#1.offset))) && ~bvule32(0bv32, f19_~a#1.offset)); {2221#false} is VALID [2022-02-20 23:51:43,639 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:43,639 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:43,639 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:43,639 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2073222423] [2022-02-20 23:51:43,639 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2073222423] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:43,639 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:43,639 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:51:43,639 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2077610583] [2022-02-20 23:51:43,639 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:43,640 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:51:43,640 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:43,640 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:43,653 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:43,653 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:51:43,654 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:43,654 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:51:43,654 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:43,654 INFO L87 Difference]: Start difference. First operand 82 states and 97 transitions. Second operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:46,693 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:46,693 INFO L93 Difference]: Finished difference Result 148 states and 162 transitions. [2022-02-20 23:51:46,693 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:51:46,694 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-02-20 23:51:46,694 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:46,694 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:46,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 163 transitions. [2022-02-20 23:51:46,696 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:46,697 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 163 transitions. [2022-02-20 23:51:46,697 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 163 transitions. [2022-02-20 23:51:46,847 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 163 edges. 163 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:46,848 INFO L225 Difference]: With dead ends: 148 [2022-02-20 23:51:46,848 INFO L226 Difference]: Without dead ends: 148 [2022-02-20 23:51:46,849 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:51:46,849 INFO L933 BasicCegarLoop]: 78 mSDtfsCounter, 123 mSDsluCounter, 247 mSDsCounter, 0 mSdLazyCounter, 228 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 325 SdHoareTripleChecker+Invalid, 310 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 228 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 59 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:46,849 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [124 Valid, 325 Invalid, 310 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 228 Invalid, 0 Unknown, 59 Unchecked, 0.3s Time] [2022-02-20 23:51:46,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2022-02-20 23:51:46,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 80. [2022-02-20 23:51:46,853 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:46,853 INFO L82 GeneralOperation]: Start isEquivalent. First operand 148 states. Second operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:46,853 INFO L74 IsIncluded]: Start isIncluded. First operand 148 states. Second operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:46,854 INFO L87 Difference]: Start difference. First operand 148 states. Second operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:46,856 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:46,856 INFO L93 Difference]: Finished difference Result 148 states and 162 transitions. [2022-02-20 23:51:46,856 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 162 transitions. [2022-02-20 23:51:46,857 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:46,857 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:46,857 INFO L74 IsIncluded]: Start isIncluded. First operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 148 states. [2022-02-20 23:51:46,857 INFO L87 Difference]: Start difference. First operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) Second operand 148 states. [2022-02-20 23:51:46,860 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:46,860 INFO L93 Difference]: Finished difference Result 148 states and 162 transitions. [2022-02-20 23:51:46,860 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 162 transitions. [2022-02-20 23:51:46,861 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:46,861 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:46,861 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:46,861 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:46,861 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 56 states have (on average 1.4464285714285714) internal successors, (81), 71 states have internal predecessors, (81), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 7 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:46,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 93 transitions. [2022-02-20 23:51:46,863 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 93 transitions. Word has length 17 [2022-02-20 23:51:46,863 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:46,863 INFO L470 AbstractCegarLoop]: Abstraction has 80 states and 93 transitions. [2022-02-20 23:51:46,863 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 7 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:46,863 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 93 transitions. [2022-02-20 23:51:46,863 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-02-20 23:51:46,864 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:46,864 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:46,877 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:47,070 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:47,071 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr18ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:47,071 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:47,071 INFO L85 PathProgramCache]: Analyzing trace with hash 2005389781, now seen corresponding path program 1 times [2022-02-20 23:51:47,071 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:47,072 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [32716283] [2022-02-20 23:51:47,072 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:47,072 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:47,072 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:47,073 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:47,073 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 23:51:47,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:47,130 INFO L263 TraceCheckSpWp]: Trace formula consists of 70 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:51:47,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:47,138 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:47,285 INFO L290 TraceCheckUtils]: 0: Hoare triple {2808#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {2808#true} is VALID [2022-02-20 23:51:47,286 INFO L290 TraceCheckUtils]: 1: Hoare triple {2808#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,287 INFO L272 TraceCheckUtils]: 2: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {2820#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:47,287 INFO L290 TraceCheckUtils]: 3: Hoare triple {2820#(= |old(#valid)| |#valid|)} ~size := #in~size; {2820#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:47,288 INFO L290 TraceCheckUtils]: 4: Hoare triple {2820#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2820#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:47,299 INFO L290 TraceCheckUtils]: 5: Hoare triple {2820#(= |old(#valid)| |#valid|)} assume true; {2820#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:51:47,300 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2820#(= |old(#valid)| |#valid|)} {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} #102#return; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,301 INFO L290 TraceCheckUtils]: 7: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,302 INFO L290 TraceCheckUtils]: 8: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,302 INFO L290 TraceCheckUtils]: 9: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,303 INFO L290 TraceCheckUtils]: 10: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} assume probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32;havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,303 INFO L290 TraceCheckUtils]: 11: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} probe_unsafe_19_#res#1 := probe_unsafe_19_~ret~0#1; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,304 INFO L290 TraceCheckUtils]: 12: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,304 INFO L290 TraceCheckUtils]: 13: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} assume !(0bv32 == entry_point_~ret~1#1); {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} is VALID [2022-02-20 23:51:47,305 INFO L290 TraceCheckUtils]: 14: Hoare triple {2816#(and (= (select |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv0 1)) (exists ((v_ArrVal_71 (_ BitVec 1))) (= (store |ULTIMATE.start_main_old_#valid#1| |ULTIMATE.start_entry_point_~#a19~0#1.base| v_ArrVal_71) |#valid|)))} call ULTIMATE.dealloc(entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset);havoc entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset; {2857#(exists ((|v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ bv0 1)) |#valid|) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6|))))} is VALID [2022-02-20 23:51:47,306 INFO L290 TraceCheckUtils]: 15: Hoare triple {2857#(exists ((|v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ bv0 1)) |#valid|) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6|))))} assume { :end_inline_entry_point } true; {2857#(exists ((|v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ bv0 1)) |#valid|) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6|))))} is VALID [2022-02-20 23:51:47,306 INFO L290 TraceCheckUtils]: 16: Hoare triple {2857#(exists ((|v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ BitVec 32))) (and (= (store |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6| (_ bv0 1)) |#valid|) (= (_ bv0 1) (select |ULTIMATE.start_main_old_#valid#1| |v_ULTIMATE.start_entry_point_~#a19~0#1.base_6|))))} assume !(#valid == main_old_#valid#1); {2809#false} is VALID [2022-02-20 23:51:47,306 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:47,307 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:47,307 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:47,307 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [32716283] [2022-02-20 23:51:47,307 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [32716283] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:47,307 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:47,307 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:51:47,307 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1566551607] [2022-02-20 23:51:47,307 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:47,308 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-02-20 23:51:47,308 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:47,308 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:47,334 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 17 edges. 17 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:47,335 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:51:47,335 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:47,335 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:51:47,335 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:47,336 INFO L87 Difference]: Start difference. First operand 80 states and 93 transitions. Second operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:47,588 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:47,588 INFO L93 Difference]: Finished difference Result 84 states and 98 transitions. [2022-02-20 23:51:47,588 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:47,588 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-02-20 23:51:47,588 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:47,589 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:47,589 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 83 transitions. [2022-02-20 23:51:47,590 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:47,590 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 83 transitions. [2022-02-20 23:51:47,590 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 83 transitions. [2022-02-20 23:51:47,653 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 83 edges. 83 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:47,654 INFO L225 Difference]: With dead ends: 84 [2022-02-20 23:51:47,654 INFO L226 Difference]: Without dead ends: 78 [2022-02-20 23:51:47,654 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:47,655 INFO L933 BasicCegarLoop]: 67 mSDtfsCounter, 10 mSDsluCounter, 127 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 194 SdHoareTripleChecker+Invalid, 90 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 64 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:47,655 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [10 Valid, 194 Invalid, 90 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 23 Invalid, 0 Unknown, 64 Unchecked, 0.0s Time] [2022-02-20 23:51:47,655 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2022-02-20 23:51:47,660 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 73. [2022-02-20 23:51:47,660 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:47,661 INFO L82 GeneralOperation]: Start isEquivalent. First operand 78 states. Second operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:47,661 INFO L74 IsIncluded]: Start isIncluded. First operand 78 states. Second operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:47,661 INFO L87 Difference]: Start difference. First operand 78 states. Second operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:47,663 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:47,663 INFO L93 Difference]: Finished difference Result 78 states and 92 transitions. [2022-02-20 23:51:47,663 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 92 transitions. [2022-02-20 23:51:47,663 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:47,663 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:47,663 INFO L74 IsIncluded]: Start isIncluded. First operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 78 states. [2022-02-20 23:51:47,663 INFO L87 Difference]: Start difference. First operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 78 states. [2022-02-20 23:51:47,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:47,665 INFO L93 Difference]: Finished difference Result 78 states and 92 transitions. [2022-02-20 23:51:47,665 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 92 transitions. [2022-02-20 23:51:47,665 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:47,665 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:47,665 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:47,665 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:47,665 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 49 states have (on average 1.489795918367347) internal successors, (73), 65 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:47,668 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 85 transitions. [2022-02-20 23:51:47,668 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 85 transitions. Word has length 17 [2022-02-20 23:51:47,668 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:47,668 INFO L470 AbstractCegarLoop]: Abstraction has 73 states and 85 transitions. [2022-02-20 23:51:47,668 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 3.75) internal successors, (15), 5 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:51:47,668 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 85 transitions. [2022-02-20 23:51:47,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 23:51:47,669 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:47,669 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:47,676 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:47,869 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:47,869 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:47,870 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:47,870 INFO L85 PathProgramCache]: Analyzing trace with hash -1867537779, now seen corresponding path program 1 times [2022-02-20 23:51:47,870 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:47,870 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1617898272] [2022-02-20 23:51:47,870 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:47,870 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:47,870 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:47,871 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:47,873 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 23:51:47,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:47,925 INFO L263 TraceCheckSpWp]: Trace formula consists of 115 conjuncts, 3 conjunts are in the unsatisfiable core [2022-02-20 23:51:47,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:47,952 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:48,003 INFO L290 TraceCheckUtils]: 0: Hoare triple {3176#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3176#true} is VALID [2022-02-20 23:51:48,003 INFO L290 TraceCheckUtils]: 1: Hoare triple {3176#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {3176#true} is VALID [2022-02-20 23:51:48,003 INFO L272 TraceCheckUtils]: 2: Hoare triple {3176#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {3176#true} is VALID [2022-02-20 23:51:48,003 INFO L290 TraceCheckUtils]: 3: Hoare triple {3176#true} ~size := #in~size; {3176#true} is VALID [2022-02-20 23:51:48,003 INFO L290 TraceCheckUtils]: 4: Hoare triple {3176#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3176#true} is VALID [2022-02-20 23:51:48,003 INFO L290 TraceCheckUtils]: 5: Hoare triple {3176#true} assume true; {3176#true} is VALID [2022-02-20 23:51:48,005 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3176#true} {3176#true} #102#return; {3176#true} is VALID [2022-02-20 23:51:48,005 INFO L290 TraceCheckUtils]: 7: Hoare triple {3176#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {3176#true} is VALID [2022-02-20 23:51:48,005 INFO L290 TraceCheckUtils]: 8: Hoare triple {3176#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L290 TraceCheckUtils]: 9: Hoare triple {3176#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L290 TraceCheckUtils]: 10: Hoare triple {3176#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L272 TraceCheckUtils]: 11: Hoare triple {3176#true} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L290 TraceCheckUtils]: 12: Hoare triple {3176#true} ~size := #in~size; {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L290 TraceCheckUtils]: 13: Hoare triple {3176#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3176#true} is VALID [2022-02-20 23:51:48,006 INFO L290 TraceCheckUtils]: 14: Hoare triple {3176#true} assume true; {3176#true} is VALID [2022-02-20 23:51:48,007 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {3176#true} {3176#true} #104#return; {3176#true} is VALID [2022-02-20 23:51:48,007 INFO L290 TraceCheckUtils]: 16: Hoare triple {3176#true} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {3176#true} is VALID [2022-02-20 23:51:48,008 INFO L290 TraceCheckUtils]: 17: Hoare triple {3176#true} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {3176#true} is VALID [2022-02-20 23:51:48,008 INFO L290 TraceCheckUtils]: 18: Hoare triple {3176#true} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {3176#true} is VALID [2022-02-20 23:51:48,010 INFO L290 TraceCheckUtils]: 19: Hoare triple {3176#true} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {3238#(= |ULTIMATE.start_f19_#res#1| (_ bv0 32))} is VALID [2022-02-20 23:51:48,010 INFO L290 TraceCheckUtils]: 20: Hoare triple {3238#(= |ULTIMATE.start_f19_#res#1| (_ bv0 32))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {3242#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv0 32))} is VALID [2022-02-20 23:51:48,019 INFO L290 TraceCheckUtils]: 21: Hoare triple {3242#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv0 32))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {3177#false} is VALID [2022-02-20 23:51:48,019 INFO L290 TraceCheckUtils]: 22: Hoare triple {3177#false} assume !(1bv1 == #valid[probe_unsafe_19_~a#1.base]); {3177#false} is VALID [2022-02-20 23:51:48,019 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:51:48,020 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:48,020 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:48,020 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1617898272] [2022-02-20 23:51:48,020 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1617898272] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:48,020 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:48,020 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:51:48,020 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1193981005] [2022-02-20 23:51:48,020 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:48,021 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2022-02-20 23:51:48,021 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:48,021 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,038 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:48,039 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:51:48,039 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:48,039 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:51:48,039 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:51:48,040 INFO L87 Difference]: Start difference. First operand 73 states and 85 transitions. Second operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,236 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:48,236 INFO L93 Difference]: Finished difference Result 138 states and 157 transitions. [2022-02-20 23:51:48,236 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:51:48,236 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2022-02-20 23:51:48,236 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:48,236 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,237 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 130 transitions. [2022-02-20 23:51:48,237 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,238 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 130 transitions. [2022-02-20 23:51:48,238 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 130 transitions. [2022-02-20 23:51:48,331 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 130 edges. 130 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:48,332 INFO L225 Difference]: With dead ends: 138 [2022-02-20 23:51:48,332 INFO L226 Difference]: Without dead ends: 138 [2022-02-20 23:51:48,332 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:51:48,333 INFO L933 BasicCegarLoop]: 85 mSDtfsCounter, 80 mSDsluCounter, 129 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:48,333 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [82 Valid, 214 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:51:48,333 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 138 states. [2022-02-20 23:51:48,335 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 138 to 77. [2022-02-20 23:51:48,335 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:48,335 INFO L82 GeneralOperation]: Start isEquivalent. First operand 138 states. Second operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:48,336 INFO L74 IsIncluded]: Start isIncluded. First operand 138 states. Second operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:48,336 INFO L87 Difference]: Start difference. First operand 138 states. Second operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:48,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:48,338 INFO L93 Difference]: Finished difference Result 138 states and 157 transitions. [2022-02-20 23:51:48,338 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 157 transitions. [2022-02-20 23:51:48,339 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:48,339 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:48,339 INFO L74 IsIncluded]: Start isIncluded. First operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 138 states. [2022-02-20 23:51:48,339 INFO L87 Difference]: Start difference. First operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 138 states. [2022-02-20 23:51:48,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:48,342 INFO L93 Difference]: Finished difference Result 138 states and 157 transitions. [2022-02-20 23:51:48,342 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 157 transitions. [2022-02-20 23:51:48,342 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:48,342 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:48,343 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:48,343 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:48,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 53 states have (on average 1.4528301886792452) internal successors, (77), 69 states have internal predecessors, (77), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:48,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 89 transitions. [2022-02-20 23:51:48,344 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 89 transitions. Word has length 23 [2022-02-20 23:51:48,344 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:48,345 INFO L470 AbstractCegarLoop]: Abstraction has 77 states and 89 transitions. [2022-02-20 23:51:48,345 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.0) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,345 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 89 transitions. [2022-02-20 23:51:48,345 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 23:51:48,345 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:48,345 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:48,352 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:48,552 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:48,552 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:48,553 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:48,553 INFO L85 PathProgramCache]: Analyzing trace with hash -1867478197, now seen corresponding path program 1 times [2022-02-20 23:51:48,553 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:48,553 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [765582355] [2022-02-20 23:51:48,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:48,553 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:48,554 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:48,554 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:48,555 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 23:51:48,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:48,642 INFO L263 TraceCheckSpWp]: Trace formula consists of 116 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:51:48,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:48,652 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:48,709 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:51:48,730 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 8 [2022-02-20 23:51:48,741 INFO L290 TraceCheckUtils]: 0: Hoare triple {3741#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 1: Hoare triple {3741#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L272 TraceCheckUtils]: 2: Hoare triple {3741#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 3: Hoare triple {3741#true} ~size := #in~size; {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 4: Hoare triple {3741#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 5: Hoare triple {3741#true} assume true; {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3741#true} {3741#true} #102#return; {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 7: Hoare triple {3741#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {3741#true} is VALID [2022-02-20 23:51:48,742 INFO L290 TraceCheckUtils]: 8: Hoare triple {3741#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {3741#true} is VALID [2022-02-20 23:51:48,743 INFO L290 TraceCheckUtils]: 9: Hoare triple {3741#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {3741#true} is VALID [2022-02-20 23:51:48,743 INFO L290 TraceCheckUtils]: 10: Hoare triple {3741#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {3741#true} is VALID [2022-02-20 23:51:48,743 INFO L272 TraceCheckUtils]: 11: Hoare triple {3741#true} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {3741#true} is VALID [2022-02-20 23:51:48,743 INFO L290 TraceCheckUtils]: 12: Hoare triple {3741#true} ~size := #in~size; {3741#true} is VALID [2022-02-20 23:51:48,744 INFO L290 TraceCheckUtils]: 13: Hoare triple {3741#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {3785#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:48,745 INFO L290 TraceCheckUtils]: 14: Hoare triple {3785#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {3785#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:48,745 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {3785#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {3741#true} #104#return; {3792#(not (= |ULTIMATE.start_f19_#t~ret38#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:48,747 INFO L290 TraceCheckUtils]: 16: Hoare triple {3792#(not (= |ULTIMATE.start_f19_#t~ret38#1.base| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {3796#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} is VALID [2022-02-20 23:51:48,747 INFO L290 TraceCheckUtils]: 17: Hoare triple {3796#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {3796#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} is VALID [2022-02-20 23:51:48,747 INFO L290 TraceCheckUtils]: 18: Hoare triple {3796#(not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {3803#(not (= |ULTIMATE.start_f19_#t~mem39#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:51:48,748 INFO L290 TraceCheckUtils]: 19: Hoare triple {3803#(not (= |ULTIMATE.start_f19_#t~mem39#1.base| (_ bv0 32)))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {3742#false} is VALID [2022-02-20 23:51:48,748 INFO L290 TraceCheckUtils]: 20: Hoare triple {3742#false} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {3742#false} is VALID [2022-02-20 23:51:48,748 INFO L290 TraceCheckUtils]: 21: Hoare triple {3742#false} assume 0bv32 != probe_unsafe_19_~ret~0#1; {3742#false} is VALID [2022-02-20 23:51:48,748 INFO L290 TraceCheckUtils]: 22: Hoare triple {3742#false} assume !(1bv1 == #valid[probe_unsafe_19_~a#1.base]); {3742#false} is VALID [2022-02-20 23:51:48,748 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:51:48,748 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:51:48,748 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:48,749 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [765582355] [2022-02-20 23:51:48,749 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [765582355] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:51:48,749 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:51:48,749 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:51:48,749 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1383142994] [2022-02-20 23:51:48,749 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:51:48,750 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2022-02-20 23:51:48,750 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:48,750 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:48,767 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:48,767 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:51:48,767 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:48,767 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:51:48,767 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:51:48,767 INFO L87 Difference]: Start difference. First operand 77 states and 89 transitions. Second operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:49,094 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:49,094 INFO L93 Difference]: Finished difference Result 100 states and 110 transitions. [2022-02-20 23:51:49,094 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:51:49,094 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2022-02-20 23:51:49,094 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:49,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:49,096 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 108 transitions. [2022-02-20 23:51:49,096 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:49,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 108 transitions. [2022-02-20 23:51:49,097 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 108 transitions. [2022-02-20 23:51:49,179 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 108 edges. 108 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:49,180 INFO L225 Difference]: With dead ends: 100 [2022-02-20 23:51:49,180 INFO L226 Difference]: Without dead ends: 100 [2022-02-20 23:51:49,181 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:51:49,181 INFO L933 BasicCegarLoop]: 63 mSDtfsCounter, 33 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 300 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:49,181 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [35 Valid, 300 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:51:49,181 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2022-02-20 23:51:49,183 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 75. [2022-02-20 23:51:49,183 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:49,183 INFO L82 GeneralOperation]: Start isEquivalent. First operand 100 states. Second operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:49,183 INFO L74 IsIncluded]: Start isIncluded. First operand 100 states. Second operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:49,184 INFO L87 Difference]: Start difference. First operand 100 states. Second operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:49,186 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:49,186 INFO L93 Difference]: Finished difference Result 100 states and 110 transitions. [2022-02-20 23:51:49,186 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 110 transitions. [2022-02-20 23:51:49,186 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:49,186 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:49,186 INFO L74 IsIncluded]: Start isIncluded. First operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 100 states. [2022-02-20 23:51:49,187 INFO L87 Difference]: Start difference. First operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) Second operand 100 states. [2022-02-20 23:51:49,188 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:49,188 INFO L93 Difference]: Finished difference Result 100 states and 110 transitions. [2022-02-20 23:51:49,188 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 110 transitions. [2022-02-20 23:51:49,189 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:49,189 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:49,189 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:49,189 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:49,189 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 51 states have (on average 1.4313725490196079) internal successors, (73), 66 states have internal predecessors, (73), 5 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (7), 6 states have call predecessors, (7), 5 states have call successors, (7) [2022-02-20 23:51:49,190 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 85 transitions. [2022-02-20 23:51:49,190 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 85 transitions. Word has length 23 [2022-02-20 23:51:49,190 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:49,190 INFO L470 AbstractCegarLoop]: Abstraction has 75 states and 85 transitions. [2022-02-20 23:51:49,191 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:51:49,191 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 85 transitions. [2022-02-20 23:51:49,191 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 23:51:49,191 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:49,191 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:49,219 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:49,392 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:51:49,392 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr10ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:49,392 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:49,392 INFO L85 PathProgramCache]: Analyzing trace with hash 440766702, now seen corresponding path program 1 times [2022-02-20 23:51:49,392 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:49,393 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1687620773] [2022-02-20 23:51:49,393 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:49,393 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:49,393 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:49,394 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:49,395 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Waiting until timeout for monitored process [2022-02-20 23:51:49,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:49,469 INFO L263 TraceCheckSpWp]: Trace formula consists of 116 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:51:49,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:49,481 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:49,529 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:49,647 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:49,648 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:51:49,704 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:51:49,711 INFO L290 TraceCheckUtils]: 0: Hoare triple {4194#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4194#true} is VALID [2022-02-20 23:51:49,712 INFO L290 TraceCheckUtils]: 1: Hoare triple {4194#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:49,712 INFO L272 TraceCheckUtils]: 2: Hoare triple {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {4194#true} is VALID [2022-02-20 23:51:49,712 INFO L290 TraceCheckUtils]: 3: Hoare triple {4194#true} ~size := #in~size; {4194#true} is VALID [2022-02-20 23:51:49,712 INFO L290 TraceCheckUtils]: 4: Hoare triple {4194#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:49,713 INFO L290 TraceCheckUtils]: 5: Hoare triple {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:49,713 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {4219#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:49,714 INFO L290 TraceCheckUtils]: 7: Hoare triple {4219#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,715 INFO L290 TraceCheckUtils]: 8: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,715 INFO L290 TraceCheckUtils]: 9: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,716 INFO L290 TraceCheckUtils]: 10: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,717 INFO L272 TraceCheckUtils]: 11: Hoare triple {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,717 INFO L290 TraceCheckUtils]: 12: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} ~size := #in~size; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,717 INFO L290 TraceCheckUtils]: 13: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,718 INFO L290 TraceCheckUtils]: 14: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} assume true; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,718 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} #104#return; {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,719 INFO L290 TraceCheckUtils]: 16: Hoare triple {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,720 INFO L290 TraceCheckUtils]: 17: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,720 INFO L290 TraceCheckUtils]: 18: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,721 INFO L290 TraceCheckUtils]: 19: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,721 INFO L290 TraceCheckUtils]: 20: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,721 INFO L290 TraceCheckUtils]: 21: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:49,722 INFO L290 TraceCheckUtils]: 22: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {4271#(= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.offset|)} is VALID [2022-02-20 23:51:49,722 INFO L290 TraceCheckUtils]: 23: Hoare triple {4271#(= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.offset|)} assume !(0bv32 == probe_unsafe_19_#t~mem46#1.offset); {4195#false} is VALID [2022-02-20 23:51:49,722 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:49,722 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:51,346 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:51:51,347 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1687620773] [2022-02-20 23:51:51,347 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1687620773] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:51,347 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1092526809] [2022-02-20 23:51:51,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:51,347 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:51,347 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:51:51,364 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:51:51,411 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (12)] Waiting until timeout for monitored process [2022-02-20 23:51:51,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:51,505 INFO L263 TraceCheckSpWp]: Trace formula consists of 116 conjuncts, 19 conjunts are in the unsatisfiable core [2022-02-20 23:51:51,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:51,516 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:51:51,556 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:51:51,699 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:51:51,700 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:51:51,729 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:51:51,730 INFO L290 TraceCheckUtils]: 0: Hoare triple {4194#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4194#true} is VALID [2022-02-20 23:51:51,731 INFO L290 TraceCheckUtils]: 1: Hoare triple {4194#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:51,731 INFO L272 TraceCheckUtils]: 2: Hoare triple {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {4194#true} is VALID [2022-02-20 23:51:51,731 INFO L290 TraceCheckUtils]: 3: Hoare triple {4194#true} ~size := #in~size; {4194#true} is VALID [2022-02-20 23:51:51,731 INFO L290 TraceCheckUtils]: 4: Hoare triple {4194#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:51,731 INFO L290 TraceCheckUtils]: 5: Hoare triple {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:51:51,732 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4212#(= |ldv_malloc_#res.offset| (_ bv0 32))} {4202#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {4219#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:51:51,733 INFO L290 TraceCheckUtils]: 7: Hoare triple {4219#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,733 INFO L290 TraceCheckUtils]: 8: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,734 INFO L290 TraceCheckUtils]: 9: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,734 INFO L290 TraceCheckUtils]: 10: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,735 INFO L272 TraceCheckUtils]: 11: Hoare triple {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,735 INFO L290 TraceCheckUtils]: 12: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} ~size := #in~size; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,736 INFO L290 TraceCheckUtils]: 13: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,736 INFO L290 TraceCheckUtils]: 14: Hoare triple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} assume true; {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,737 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {4237#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_3|) (_ bv4 32)) (_ bv0 32)))} {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} #104#return; {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,738 INFO L290 TraceCheckUtils]: 16: Hoare triple {4233#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,738 INFO L290 TraceCheckUtils]: 17: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,739 INFO L290 TraceCheckUtils]: 18: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,739 INFO L290 TraceCheckUtils]: 19: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,740 INFO L290 TraceCheckUtils]: 20: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,740 INFO L290 TraceCheckUtils]: 21: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:51:51,740 INFO L290 TraceCheckUtils]: 22: Hoare triple {4223#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {4271#(= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.offset|)} is VALID [2022-02-20 23:51:51,741 INFO L290 TraceCheckUtils]: 23: Hoare triple {4271#(= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.offset|)} assume !(0bv32 == probe_unsafe_19_#t~mem46#1.offset); {4195#false} is VALID [2022-02-20 23:51:51,741 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:51:51,741 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:51:52,819 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1092526809] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:51:52,819 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:51:52,819 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 8 [2022-02-20 23:51:52,819 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1554900096] [2022-02-20 23:51:52,819 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:51:52,819 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2022-02-20 23:51:52,820 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:51:52,820 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:52,840 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:52,841 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:51:52,841 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:51:52,841 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:51:52,841 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=80, Unknown=1, NotChecked=0, Total=110 [2022-02-20 23:51:52,841 INFO L87 Difference]: Start difference. First operand 75 states and 85 transitions. Second operand has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:59,323 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:59,323 INFO L93 Difference]: Finished difference Result 80 states and 89 transitions. [2022-02-20 23:51:59,323 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:51:59,323 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2022-02-20 23:51:59,323 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:51:59,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:59,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 70 transitions. [2022-02-20 23:51:59,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:59,325 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 70 transitions. [2022-02-20 23:51:59,325 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 70 transitions. [2022-02-20 23:51:59,405 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 70 edges. 70 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:51:59,406 INFO L225 Difference]: With dead ends: 80 [2022-02-20 23:51:59,406 INFO L226 Difference]: Without dead ends: 80 [2022-02-20 23:51:59,406 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 67 GetRequests, 51 SyntacticMatches, 4 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 40 ImplicationChecksByTransitivity, 2.7s TimeCoverageRelationStatistics Valid=49, Invalid=132, Unknown=1, NotChecked=0, Total=182 [2022-02-20 23:51:59,406 INFO L933 BasicCegarLoop]: 58 mSDtfsCounter, 84 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 87 SdHoareTripleChecker+Valid, 234 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 6 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:51:59,406 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [87 Valid, 234 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 47 Invalid, 0 Unknown, 6 Unchecked, 0.1s Time] [2022-02-20 23:51:59,407 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-02-20 23:51:59,408 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 78. [2022-02-20 23:51:59,408 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:51:59,408 INFO L82 GeneralOperation]: Start isEquivalent. First operand 80 states. Second operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:59,408 INFO L74 IsIncluded]: Start isIncluded. First operand 80 states. Second operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:59,408 INFO L87 Difference]: Start difference. First operand 80 states. Second operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:59,410 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:59,410 INFO L93 Difference]: Finished difference Result 80 states and 89 transitions. [2022-02-20 23:51:59,410 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 89 transitions. [2022-02-20 23:51:59,410 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:59,410 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:59,410 INFO L74 IsIncluded]: Start isIncluded. First operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 80 states. [2022-02-20 23:51:59,415 INFO L87 Difference]: Start difference. First operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 80 states. [2022-02-20 23:51:59,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:51:59,421 INFO L93 Difference]: Finished difference Result 80 states and 89 transitions. [2022-02-20 23:51:59,421 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 89 transitions. [2022-02-20 23:51:59,421 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:51:59,421 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:51:59,421 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:51:59,421 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:51:59,422 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 54 states have (on average 1.4074074074074074) internal successors, (76), 68 states have internal predecessors, (76), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:51:59,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 87 transitions. [2022-02-20 23:51:59,436 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 87 transitions. Word has length 24 [2022-02-20 23:51:59,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:51:59,436 INFO L470 AbstractCegarLoop]: Abstraction has 78 states and 87 transitions. [2022-02-20 23:51:59,437 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 2.857142857142857) internal successors, (20), 8 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:51:59,437 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 87 transitions. [2022-02-20 23:51:59,438 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:51:59,438 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:51:59,438 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:51:59,460 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:59,647 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (12)] Forceful destruction successful, exit code 0 [2022-02-20 23:51:59,846 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3,12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt [2022-02-20 23:51:59,847 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr11ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:51:59,847 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:51:59,847 INFO L85 PathProgramCache]: Analyzing trace with hash 778865962, now seen corresponding path program 1 times [2022-02-20 23:51:59,847 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:51:59,847 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1237311053] [2022-02-20 23:51:59,847 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:51:59,847 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:51:59,848 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:51:59,849 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:51:59,850 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-20 23:51:59,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:59,911 INFO L263 TraceCheckSpWp]: Trace formula consists of 117 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:51:59,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:51:59,935 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:00,028 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:00,252 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:00,253 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 24 [2022-02-20 23:52:00,316 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 11 [2022-02-20 23:52:00,339 INFO L290 TraceCheckUtils]: 0: Hoare triple {4723#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:00,340 INFO L290 TraceCheckUtils]: 1: Hoare triple {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {4732#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (_ bv0 32) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,340 INFO L272 TraceCheckUtils]: 2: Hoare triple {4732#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (_ bv0 32) |#StackHeapBarrier|))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:00,341 INFO L290 TraceCheckUtils]: 3: Hoare triple {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:00,341 INFO L290 TraceCheckUtils]: 4: Hoare triple {4728#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4742#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:52:00,342 INFO L290 TraceCheckUtils]: 5: Hoare triple {4742#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} assume true; {4742#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} is VALID [2022-02-20 23:52:00,342 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4742#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))} {4732#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (_ bv0 32) |#StackHeapBarrier|))} #102#return; {4749#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,346 INFO L290 TraceCheckUtils]: 7: Hoare triple {4749#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32))) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,347 INFO L290 TraceCheckUtils]: 8: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,347 INFO L290 TraceCheckUtils]: 9: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,348 INFO L290 TraceCheckUtils]: 10: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {4763#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,352 INFO L272 TraceCheckUtils]: 11: Hoare triple {4763#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} is VALID [2022-02-20 23:52:00,353 INFO L290 TraceCheckUtils]: 12: Hoare triple {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} ~size := #in~size; {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} is VALID [2022-02-20 23:52:00,354 INFO L290 TraceCheckUtils]: 13: Hoare triple {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} is VALID [2022-02-20 23:52:00,354 INFO L290 TraceCheckUtils]: 14: Hoare triple {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} assume true; {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} is VALID [2022-02-20 23:52:00,355 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {4767#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5| (_ BitVec 32))) (and (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) |#StackHeapBarrier|) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_5|) (_ bv4 32)) (_ bv0 32)))))} {4763#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} #104#return; {4763#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,360 INFO L290 TraceCheckUtils]: 16: Hoare triple {4763#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,361 INFO L290 TraceCheckUtils]: 17: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,361 INFO L290 TraceCheckUtils]: 18: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,361 INFO L290 TraceCheckUtils]: 19: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,362 INFO L290 TraceCheckUtils]: 20: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,362 INFO L290 TraceCheckUtils]: 21: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:00,363 INFO L290 TraceCheckUtils]: 22: Hoare triple {4753#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32))) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {4801#(and (bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|) (not (= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|)))} is VALID [2022-02-20 23:52:00,363 INFO L290 TraceCheckUtils]: 23: Hoare triple {4801#(and (bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|) (not (= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|)))} assume 0bv32 == probe_unsafe_19_#t~mem46#1.offset; {4801#(and (bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|) (not (= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|)))} is VALID [2022-02-20 23:52:00,363 INFO L290 TraceCheckUtils]: 24: Hoare triple {4801#(and (bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|) (not (= (_ bv0 32) |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|)))} assume !~bvult32(probe_unsafe_19_#t~mem46#1.base, #StackHeapBarrier); {4724#false} is VALID [2022-02-20 23:52:00,364 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:00,364 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:00,493 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:00,493 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1237311053] [2022-02-20 23:52:00,493 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1237311053] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:00,493 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [660310640] [2022-02-20 23:52:00,493 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:00,494 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:00,494 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:52:00,502 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:52:00,504 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Waiting until timeout for monitored process [2022-02-20 23:52:00,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:00,600 INFO L263 TraceCheckSpWp]: Trace formula consists of 117 conjuncts, 19 conjunts are in the unsatisfiable core [2022-02-20 23:52:00,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:00,615 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:00,708 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:02,726 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:02,727 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:52:02,779 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:02,787 INFO L290 TraceCheckUtils]: 0: Hoare triple {4723#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {4723#true} is VALID [2022-02-20 23:52:02,788 INFO L290 TraceCheckUtils]: 1: Hoare triple {4723#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {4844#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:02,788 INFO L272 TraceCheckUtils]: 2: Hoare triple {4844#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {4723#true} is VALID [2022-02-20 23:52:02,788 INFO L290 TraceCheckUtils]: 3: Hoare triple {4723#true} ~size := #in~size; {4723#true} is VALID [2022-02-20 23:52:02,789 INFO L290 TraceCheckUtils]: 4: Hoare triple {4723#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {4854#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:02,789 INFO L290 TraceCheckUtils]: 5: Hoare triple {4854#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {4854#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:02,790 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4854#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {4844#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {4861#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,795 INFO L290 TraceCheckUtils]: 7: Hoare triple {4861#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,796 INFO L290 TraceCheckUtils]: 8: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,796 INFO L290 TraceCheckUtils]: 9: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,797 INFO L290 TraceCheckUtils]: 10: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {4875#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,801 INFO L272 TraceCheckUtils]: 11: Hoare triple {4875#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,802 INFO L290 TraceCheckUtils]: 12: Hoare triple {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} ~size := #in~size; {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,802 INFO L290 TraceCheckUtils]: 13: Hoare triple {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,803 INFO L290 TraceCheckUtils]: 14: Hoare triple {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} assume true; {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,804 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {4879#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_6|) (_ bv4 32)) |#StackHeapBarrier|))} {4875#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} #104#return; {4875#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,812 INFO L290 TraceCheckUtils]: 16: Hoare triple {4875#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,813 INFO L290 TraceCheckUtils]: 17: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,814 INFO L290 TraceCheckUtils]: 18: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,814 INFO L290 TraceCheckUtils]: 19: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,814 INFO L290 TraceCheckUtils]: 20: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,815 INFO L290 TraceCheckUtils]: 21: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:02,815 INFO L290 TraceCheckUtils]: 22: Hoare triple {4865#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {4808#(bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:02,816 INFO L290 TraceCheckUtils]: 23: Hoare triple {4808#(bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|)} assume 0bv32 == probe_unsafe_19_#t~mem46#1.offset; {4808#(bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:02,816 INFO L290 TraceCheckUtils]: 24: Hoare triple {4808#(bvult |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base| |#StackHeapBarrier|)} assume !~bvult32(probe_unsafe_19_#t~mem46#1.base, #StackHeapBarrier); {4724#false} is VALID [2022-02-20 23:52:02,816 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:02,816 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:03,066 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [660310640] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:03,066 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:52:03,066 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 16 [2022-02-20 23:52:03,067 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [480163165] [2022-02-20 23:52:03,067 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:52:03,067 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 25 [2022-02-20 23:52:03,067 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:03,067 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:52:03,162 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 50 edges. 50 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:03,162 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2022-02-20 23:52:03,162 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:03,162 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2022-02-20 23:52:03,162 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=85, Invalid=256, Unknown=1, NotChecked=0, Total=342 [2022-02-20 23:52:03,163 INFO L87 Difference]: Start difference. First operand 78 states and 87 transitions. Second operand has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:52:07,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:07,049 INFO L93 Difference]: Finished difference Result 135 states and 154 transitions. [2022-02-20 23:52:07,049 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-02-20 23:52:07,049 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 25 [2022-02-20 23:52:07,049 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:07,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:52:07,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 123 transitions. [2022-02-20 23:52:07,051 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:52:07,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21 states to 21 states and 123 transitions. [2022-02-20 23:52:07,052 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 21 states and 123 transitions. [2022-02-20 23:52:07,325 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 123 edges. 123 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:07,326 INFO L225 Difference]: With dead ends: 135 [2022-02-20 23:52:07,326 INFO L226 Difference]: Without dead ends: 135 [2022-02-20 23:52:07,327 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 75 GetRequests, 48 SyntacticMatches, 3 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 152 ImplicationChecksByTransitivity, 2.5s TimeCoverageRelationStatistics Valid=160, Invalid=489, Unknown=1, NotChecked=0, Total=650 [2022-02-20 23:52:07,328 INFO L933 BasicCegarLoop]: 67 mSDtfsCounter, 110 mSDsluCounter, 432 mSDsCounter, 0 mSdLazyCounter, 285 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 499 SdHoareTripleChecker+Invalid, 336 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 285 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 37 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:07,328 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [118 Valid, 499 Invalid, 336 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 285 Invalid, 0 Unknown, 37 Unchecked, 0.5s Time] [2022-02-20 23:52:07,330 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2022-02-20 23:52:07,332 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 77. [2022-02-20 23:52:07,332 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:07,334 INFO L82 GeneralOperation]: Start isEquivalent. First operand 135 states. Second operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:07,335 INFO L74 IsIncluded]: Start isIncluded. First operand 135 states. Second operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:07,335 INFO L87 Difference]: Start difference. First operand 135 states. Second operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:07,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:07,338 INFO L93 Difference]: Finished difference Result 135 states and 154 transitions. [2022-02-20 23:52:07,338 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 154 transitions. [2022-02-20 23:52:07,338 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:07,338 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:07,339 INFO L74 IsIncluded]: Start isIncluded. First operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 135 states. [2022-02-20 23:52:07,339 INFO L87 Difference]: Start difference. First operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 135 states. [2022-02-20 23:52:07,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:07,342 INFO L93 Difference]: Finished difference Result 135 states and 154 transitions. [2022-02-20 23:52:07,342 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 154 transitions. [2022-02-20 23:52:07,342 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:07,342 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:07,342 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:07,342 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:07,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 67 states have internal predecessors, (75), 5 states have call successors, (5), 3 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:07,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 86 transitions. [2022-02-20 23:52:07,344 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 86 transitions. Word has length 25 [2022-02-20 23:52:07,344 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:07,344 INFO L470 AbstractCegarLoop]: Abstraction has 77 states and 86 transitions. [2022-02-20 23:52:07,344 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 14 states have (on average 3.0) internal successors, (42), 15 states have internal predecessors, (42), 4 states have call successors, (4), 4 states have call predecessors, (4), 4 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:52:07,344 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 86 transitions. [2022-02-20 23:52:07,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:52:07,347 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:07,347 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:07,361 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (14)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:07,558 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:07,755 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:07,756 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting f19_undoErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:07,756 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:07,756 INFO L85 PathProgramCache]: Analyzing trace with hash -1765484354, now seen corresponding path program 1 times [2022-02-20 23:52:07,756 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:07,757 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [439083385] [2022-02-20 23:52:07,757 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:07,757 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:07,757 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:07,758 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:07,759 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-20 23:52:07,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:07,836 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:52:07,844 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:07,845 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:07,936 INFO L290 TraceCheckUtils]: 0: Hoare triple {5444#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5444#true} is VALID [2022-02-20 23:52:07,936 INFO L290 TraceCheckUtils]: 1: Hoare triple {5444#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {5444#true} is VALID [2022-02-20 23:52:07,936 INFO L272 TraceCheckUtils]: 2: Hoare triple {5444#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {5444#true} is VALID [2022-02-20 23:52:07,936 INFO L290 TraceCheckUtils]: 3: Hoare triple {5444#true} ~size := #in~size; {5444#true} is VALID [2022-02-20 23:52:07,936 INFO L290 TraceCheckUtils]: 4: Hoare triple {5444#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5444#true} is VALID [2022-02-20 23:52:07,936 INFO L290 TraceCheckUtils]: 5: Hoare triple {5444#true} assume true; {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5444#true} {5444#true} #102#return; {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 7: Hoare triple {5444#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 8: Hoare triple {5444#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 9: Hoare triple {5444#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 10: Hoare triple {5444#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {5479#(= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|)} is VALID [2022-02-20 23:52:07,937 INFO L272 TraceCheckUtils]: 11: Hoare triple {5479#(= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|)} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 12: Hoare triple {5444#true} ~size := #in~size; {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 13: Hoare triple {5444#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5444#true} is VALID [2022-02-20 23:52:07,937 INFO L290 TraceCheckUtils]: 14: Hoare triple {5444#true} assume true; {5444#true} is VALID [2022-02-20 23:52:07,938 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {5444#true} {5479#(= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|)} #104#return; {5479#(= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|)} is VALID [2022-02-20 23:52:07,938 INFO L290 TraceCheckUtils]: 16: Hoare triple {5479#(= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|)} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,939 INFO L290 TraceCheckUtils]: 17: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,942 INFO L290 TraceCheckUtils]: 18: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,942 INFO L290 TraceCheckUtils]: 19: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,942 INFO L290 TraceCheckUtils]: 20: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,942 INFO L290 TraceCheckUtils]: 21: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,943 INFO L290 TraceCheckUtils]: 22: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,943 INFO L290 TraceCheckUtils]: 23: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:07,944 INFO L272 TraceCheckUtils]: 24: Hoare triple {5498#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (_ bv1 1))} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {5523#(= (_ bv1 1) (select |#valid| |f19_undo_#in~a.base|))} is VALID [2022-02-20 23:52:07,944 INFO L290 TraceCheckUtils]: 25: Hoare triple {5523#(= (_ bv1 1) (select |#valid| |f19_undo_#in~a.base|))} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {5527#(= (select |#valid| f19_undo_~a.base) (_ bv1 1))} is VALID [2022-02-20 23:52:07,944 INFO L290 TraceCheckUtils]: 26: Hoare triple {5527#(= (select |#valid| f19_undo_~a.base) (_ bv1 1))} assume !(1bv1 == #valid[~a.base]); {5445#false} is VALID [2022-02-20 23:52:07,944 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:52:07,944 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:07,944 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:07,944 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [439083385] [2022-02-20 23:52:07,945 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [439083385] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:07,945 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:07,945 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:07,945 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1590375239] [2022-02-20 23:52:07,945 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:07,945 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:07,945 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:07,945 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:07,965 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:07,965 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:07,965 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:07,966 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:07,966 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:07,966 INFO L87 Difference]: Start difference. First operand 77 states and 86 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:08,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:08,385 INFO L93 Difference]: Finished difference Result 98 states and 108 transitions. [2022-02-20 23:52:08,385 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:52:08,385 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:08,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:08,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:08,389 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 88 transitions. [2022-02-20 23:52:08,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:08,389 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 88 transitions. [2022-02-20 23:52:08,389 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 88 transitions. [2022-02-20 23:52:08,458 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 88 edges. 88 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:08,459 INFO L225 Difference]: With dead ends: 98 [2022-02-20 23:52:08,459 INFO L226 Difference]: Without dead ends: 98 [2022-02-20 23:52:08,459 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:52:08,459 INFO L933 BasicCegarLoop]: 45 mSDtfsCounter, 87 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 105 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 149 SdHoareTripleChecker+Invalid, 113 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 105 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:08,459 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [88 Valid, 149 Invalid, 113 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:52:08,460 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2022-02-20 23:52:08,461 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 79. [2022-02-20 23:52:08,461 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:08,461 INFO L82 GeneralOperation]: Start isEquivalent. First operand 98 states. Second operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:08,461 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:08,461 INFO L87 Difference]: Start difference. First operand 98 states. Second operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:08,462 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:08,462 INFO L93 Difference]: Finished difference Result 98 states and 108 transitions. [2022-02-20 23:52:08,463 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 108 transitions. [2022-02-20 23:52:08,463 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:08,463 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:08,463 INFO L74 IsIncluded]: Start isIncluded. First operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 98 states. [2022-02-20 23:52:08,463 INFO L87 Difference]: Start difference. First operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 98 states. [2022-02-20 23:52:08,464 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:08,464 INFO L93 Difference]: Finished difference Result 98 states and 108 transitions. [2022-02-20 23:52:08,464 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 108 transitions. [2022-02-20 23:52:08,464 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:08,464 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:08,464 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:08,464 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:08,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 56 states have (on average 1.3928571428571428) internal successors, (78), 68 states have internal predecessors, (78), 5 states have call successors, (5), 4 states have call predecessors, (5), 4 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:08,465 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 89 transitions. [2022-02-20 23:52:08,465 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 89 transitions. Word has length 27 [2022-02-20 23:52:08,465 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:08,465 INFO L470 AbstractCegarLoop]: Abstraction has 79 states and 89 transitions. [2022-02-20 23:52:08,466 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:08,466 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 89 transitions. [2022-02-20 23:52:08,466 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:52:08,466 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:08,466 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:08,474 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Ended with exit code 0 [2022-02-20 23:52:08,666 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:08,666 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting f19_undoErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:08,667 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:08,667 INFO L85 PathProgramCache]: Analyzing trace with hash -1765484353, now seen corresponding path program 1 times [2022-02-20 23:52:08,667 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:08,667 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [292473587] [2022-02-20 23:52:08,667 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:08,667 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:08,667 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:08,669 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:08,670 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-02-20 23:52:08,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:08,739 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:52:08,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:08,748 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:08,940 INFO L290 TraceCheckUtils]: 0: Hoare triple {5907#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {5907#true} is VALID [2022-02-20 23:52:08,941 INFO L290 TraceCheckUtils]: 1: Hoare triple {5907#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:08,941 INFO L272 TraceCheckUtils]: 2: Hoare triple {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {5907#true} is VALID [2022-02-20 23:52:08,942 INFO L290 TraceCheckUtils]: 3: Hoare triple {5907#true} ~size := #in~size; {5907#true} is VALID [2022-02-20 23:52:08,942 INFO L290 TraceCheckUtils]: 4: Hoare triple {5907#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5907#true} is VALID [2022-02-20 23:52:08,942 INFO L290 TraceCheckUtils]: 5: Hoare triple {5907#true} assume true; {5907#true} is VALID [2022-02-20 23:52:08,942 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5907#true} {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:08,943 INFO L290 TraceCheckUtils]: 7: Hoare triple {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:08,943 INFO L290 TraceCheckUtils]: 8: Hoare triple {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:08,943 INFO L290 TraceCheckUtils]: 9: Hoare triple {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:08,944 INFO L290 TraceCheckUtils]: 10: Hoare triple {5915#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {5943#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:08,944 INFO L272 TraceCheckUtils]: 11: Hoare triple {5943#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {5907#true} is VALID [2022-02-20 23:52:08,944 INFO L290 TraceCheckUtils]: 12: Hoare triple {5907#true} ~size := #in~size; {5907#true} is VALID [2022-02-20 23:52:08,944 INFO L290 TraceCheckUtils]: 13: Hoare triple {5907#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5907#true} is VALID [2022-02-20 23:52:08,944 INFO L290 TraceCheckUtils]: 14: Hoare triple {5907#true} assume true; {5907#true} is VALID [2022-02-20 23:52:08,945 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {5907#true} {5943#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} #104#return; {5943#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:08,945 INFO L290 TraceCheckUtils]: 16: Hoare triple {5943#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,946 INFO L290 TraceCheckUtils]: 17: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,946 INFO L290 TraceCheckUtils]: 18: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,947 INFO L290 TraceCheckUtils]: 19: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,947 INFO L290 TraceCheckUtils]: 20: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,947 INFO L290 TraceCheckUtils]: 21: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,948 INFO L290 TraceCheckUtils]: 22: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,948 INFO L290 TraceCheckUtils]: 23: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} is VALID [2022-02-20 23:52:08,949 INFO L272 TraceCheckUtils]: 24: Hoare triple {5962#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (bvule (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (select |#length| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)))} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {5987#(and (bvule (bvadd |f19_undo_#in~a.offset| (_ bv4 32)) (select |#length| |f19_undo_#in~a.base|)) (= |f19_undo_#in~a.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:08,949 INFO L290 TraceCheckUtils]: 25: Hoare triple {5987#(and (bvule (bvadd |f19_undo_#in~a.offset| (_ bv4 32)) (select |#length| |f19_undo_#in~a.base|)) (= |f19_undo_#in~a.offset| (_ bv0 32)))} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {5991#(and (= (_ bv0 32) f19_undo_~a.offset) (bvule (bvadd (_ bv4 32) f19_undo_~a.offset) (select |#length| f19_undo_~a.base)))} is VALID [2022-02-20 23:52:08,949 INFO L290 TraceCheckUtils]: 26: Hoare triple {5991#(and (= (_ bv0 32) f19_undo_~a.offset) (bvule (bvadd (_ bv4 32) f19_undo_~a.offset) (select |#length| f19_undo_~a.base)))} assume !((~bvule32(~bvadd32(4bv32, ~a.offset), #length[~a.base]) && ~bvule32(~a.offset, ~bvadd32(4bv32, ~a.offset))) && ~bvule32(0bv32, ~a.offset)); {5908#false} is VALID [2022-02-20 23:52:08,950 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:52:08,950 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:08,950 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:08,950 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [292473587] [2022-02-20 23:52:08,950 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [292473587] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:08,950 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:08,950 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:52:08,950 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [918625926] [2022-02-20 23:52:08,951 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:08,951 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:08,951 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:08,951 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:08,976 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:08,976 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:52:08,976 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:08,977 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:52:08,977 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:08,977 INFO L87 Difference]: Start difference. First operand 79 states and 89 transitions. Second operand has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:09,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:09,602 INFO L93 Difference]: Finished difference Result 87 states and 95 transitions. [2022-02-20 23:52:09,603 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:52:09,603 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:09,603 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:09,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:09,603 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 74 transitions. [2022-02-20 23:52:09,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:09,604 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 74 transitions. [2022-02-20 23:52:09,604 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 74 transitions. [2022-02-20 23:52:09,674 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 74 edges. 74 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:09,675 INFO L225 Difference]: With dead ends: 87 [2022-02-20 23:52:09,675 INFO L226 Difference]: Without dead ends: 87 [2022-02-20 23:52:09,675 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=22, Invalid=50, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:52:09,675 INFO L933 BasicCegarLoop]: 51 mSDtfsCounter, 82 mSDsluCounter, 131 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 83 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:09,676 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [82 Valid, 182 Invalid, 83 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:52:09,676 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2022-02-20 23:52:09,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 84. [2022-02-20 23:52:09,677 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:09,677 INFO L82 GeneralOperation]: Start isEquivalent. First operand 87 states. Second operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:09,677 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:09,677 INFO L87 Difference]: Start difference. First operand 87 states. Second operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:09,679 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:09,679 INFO L93 Difference]: Finished difference Result 87 states and 95 transitions. [2022-02-20 23:52:09,679 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 95 transitions. [2022-02-20 23:52:09,679 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:09,679 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:09,679 INFO L74 IsIncluded]: Start isIncluded. First operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 87 states. [2022-02-20 23:52:09,680 INFO L87 Difference]: Start difference. First operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 87 states. [2022-02-20 23:52:09,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:09,681 INFO L93 Difference]: Finished difference Result 87 states and 95 transitions. [2022-02-20 23:52:09,681 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 95 transitions. [2022-02-20 23:52:09,681 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:09,681 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:09,681 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:09,681 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:09,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 60 states have (on average 1.4) internal successors, (84), 73 states have internal predecessors, (84), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:09,682 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 95 transitions. [2022-02-20 23:52:09,682 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 95 transitions. Word has length 27 [2022-02-20 23:52:09,683 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:09,683 INFO L470 AbstractCegarLoop]: Abstraction has 84 states and 95 transitions. [2022-02-20 23:52:09,683 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 3.1666666666666665) internal successors, (19), 6 states have internal predecessors, (19), 3 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:09,683 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 95 transitions. [2022-02-20 23:52:09,683 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 23:52:09,683 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:09,683 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:09,692 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:09,891 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:09,891 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr12ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:09,891 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:09,891 INFO L85 PathProgramCache]: Analyzing trace with hash -1624958864, now seen corresponding path program 1 times [2022-02-20 23:52:09,892 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:09,892 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2134988255] [2022-02-20 23:52:09,892 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:09,892 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:09,892 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:09,893 INFO L229 MonitoredProcess]: Starting monitored process 17 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:09,894 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-02-20 23:52:09,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:09,963 INFO L263 TraceCheckSpWp]: Trace formula consists of 119 conjuncts, 19 conjunts are in the unsatisfiable core [2022-02-20 23:52:09,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:09,974 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:09,992 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:10,025 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:10,100 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 3 [2022-02-20 23:52:10,146 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:10,147 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 22 [2022-02-20 23:52:10,197 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:52:10,212 INFO L290 TraceCheckUtils]: 0: Hoare triple {6343#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6343#true} is VALID [2022-02-20 23:52:10,212 INFO L290 TraceCheckUtils]: 1: Hoare triple {6343#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:10,213 INFO L272 TraceCheckUtils]: 2: Hoare triple {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {6343#true} is VALID [2022-02-20 23:52:10,213 INFO L290 TraceCheckUtils]: 3: Hoare triple {6343#true} ~size := #in~size; {6343#true} is VALID [2022-02-20 23:52:10,214 INFO L290 TraceCheckUtils]: 4: Hoare triple {6343#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:10,214 INFO L290 TraceCheckUtils]: 5: Hoare triple {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:10,215 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {6368#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)))} is VALID [2022-02-20 23:52:10,216 INFO L290 TraceCheckUtils]: 7: Hoare triple {6368#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,216 INFO L290 TraceCheckUtils]: 8: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,217 INFO L290 TraceCheckUtils]: 9: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,217 INFO L290 TraceCheckUtils]: 10: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:10,218 INFO L272 TraceCheckUtils]: 11: Hoare triple {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,218 INFO L290 TraceCheckUtils]: 12: Hoare triple {6386#(= |old(#valid)| |#valid|)} ~size := #in~size; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,219 INFO L290 TraceCheckUtils]: 13: Hoare triple {6386#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,220 INFO L290 TraceCheckUtils]: 14: Hoare triple {6386#(= |old(#valid)| |#valid|)} assume true; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,221 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {6386#(= |old(#valid)| |#valid|)} {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} #104#return; {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:10,222 INFO L290 TraceCheckUtils]: 16: Hoare triple {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,222 INFO L290 TraceCheckUtils]: 17: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,223 INFO L290 TraceCheckUtils]: 18: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,223 INFO L290 TraceCheckUtils]: 19: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,223 INFO L290 TraceCheckUtils]: 20: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,224 INFO L290 TraceCheckUtils]: 21: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,224 INFO L290 TraceCheckUtils]: 22: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,225 INFO L290 TraceCheckUtils]: 23: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume 0bv32 == probe_unsafe_19_#t~mem46#1.offset; {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,225 INFO L290 TraceCheckUtils]: 24: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume ~bvult32(probe_unsafe_19_#t~mem46#1.base, #StackHeapBarrier); {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,225 INFO L290 TraceCheckUtils]: 25: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume !(0bv32 == probe_unsafe_19_#t~mem46#1.base || 1bv1 == #valid[probe_unsafe_19_#t~mem46#1.base]); {6344#false} is VALID [2022-02-20 23:52:10,226 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:10,226 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:10,383 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:10,383 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2134988255] [2022-02-20 23:52:10,383 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2134988255] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:10,383 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [86331095] [2022-02-20 23:52:10,383 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:10,383 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:10,383 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:52:10,384 INFO L229 MonitoredProcess]: Starting monitored process 18 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:52:10,395 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (18)] Waiting until timeout for monitored process [2022-02-20 23:52:10,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:10,487 INFO L263 TraceCheckSpWp]: Trace formula consists of 119 conjuncts, 23 conjunts are in the unsatisfiable core [2022-02-20 23:52:10,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:10,498 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:10,519 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:10,541 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:10,589 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 3 [2022-02-20 23:52:10,630 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:10,631 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 22 [2022-02-20 23:52:10,665 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:52:10,670 INFO L290 TraceCheckUtils]: 0: Hoare triple {6343#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {6343#true} is VALID [2022-02-20 23:52:10,670 INFO L290 TraceCheckUtils]: 1: Hoare triple {6343#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:10,670 INFO L272 TraceCheckUtils]: 2: Hoare triple {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {6343#true} is VALID [2022-02-20 23:52:10,671 INFO L290 TraceCheckUtils]: 3: Hoare triple {6343#true} ~size := #in~size; {6343#true} is VALID [2022-02-20 23:52:10,671 INFO L290 TraceCheckUtils]: 4: Hoare triple {6343#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:10,672 INFO L290 TraceCheckUtils]: 5: Hoare triple {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:10,672 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6361#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {6351#(= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32))} #102#return; {6368#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)))} is VALID [2022-02-20 23:52:10,673 INFO L290 TraceCheckUtils]: 7: Hoare triple {6368#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,673 INFO L290 TraceCheckUtils]: 8: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,674 INFO L290 TraceCheckUtils]: 9: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,674 INFO L290 TraceCheckUtils]: 10: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:10,675 INFO L272 TraceCheckUtils]: 11: Hoare triple {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,675 INFO L290 TraceCheckUtils]: 12: Hoare triple {6386#(= |old(#valid)| |#valid|)} ~size := #in~size; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,675 INFO L290 TraceCheckUtils]: 13: Hoare triple {6386#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,676 INFO L290 TraceCheckUtils]: 14: Hoare triple {6386#(= |old(#valid)| |#valid|)} assume true; {6386#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:10,676 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {6386#(= |old(#valid)| |#valid|)} {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} #104#return; {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:10,677 INFO L290 TraceCheckUtils]: 16: Hoare triple {6382#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,678 INFO L290 TraceCheckUtils]: 17: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,678 INFO L290 TraceCheckUtils]: 18: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,678 INFO L290 TraceCheckUtils]: 19: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,679 INFO L290 TraceCheckUtils]: 20: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,679 INFO L290 TraceCheckUtils]: 21: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} assume 0bv32 != probe_unsafe_19_~ret~0#1; {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} is VALID [2022-02-20 23:52:10,679 INFO L290 TraceCheckUtils]: 22: Hoare triple {6372#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.offset| (_ bv0 32)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)))} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,680 INFO L290 TraceCheckUtils]: 23: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume 0bv32 == probe_unsafe_19_#t~mem46#1.offset; {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,680 INFO L290 TraceCheckUtils]: 24: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume ~bvult32(probe_unsafe_19_#t~mem46#1.base, #StackHeapBarrier); {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:10,680 INFO L290 TraceCheckUtils]: 25: Hoare triple {6420#(= (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~mem46#1.base|) (_ bv1 1))} assume !(0bv32 == probe_unsafe_19_#t~mem46#1.base || 1bv1 == #valid[probe_unsafe_19_#t~mem46#1.base]); {6344#false} is VALID [2022-02-20 23:52:10,680 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:10,681 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:12,796 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [86331095] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:12,796 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:52:12,796 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 8 [2022-02-20 23:52:12,796 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1634554746] [2022-02-20 23:52:12,797 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:52:12,797 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2022-02-20 23:52:12,797 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:12,797 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:12,823 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:12,823 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:52:12,823 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:12,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:52:12,823 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=83, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:52:12,823 INFO L87 Difference]: Start difference. First operand 84 states and 95 transitions. Second operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:14,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:14,003 INFO L93 Difference]: Finished difference Result 118 states and 136 transitions. [2022-02-20 23:52:14,003 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:52:14,003 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2022-02-20 23:52:14,003 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:14,003 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:14,004 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 105 transitions. [2022-02-20 23:52:14,004 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:14,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 105 transitions. [2022-02-20 23:52:14,005 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 105 transitions. [2022-02-20 23:52:14,123 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 105 edges. 105 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:14,124 INFO L225 Difference]: With dead ends: 118 [2022-02-20 23:52:14,124 INFO L226 Difference]: Without dead ends: 118 [2022-02-20 23:52:14,124 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 74 GetRequests, 62 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 2.2s TimeCoverageRelationStatistics Valid=41, Invalid=115, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:52:14,124 INFO L933 BasicCegarLoop]: 73 mSDtfsCounter, 76 mSDsluCounter, 289 mSDsCounter, 0 mSdLazyCounter, 249 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 362 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 249 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:14,125 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [82 Valid, 362 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 249 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-02-20 23:52:14,125 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2022-02-20 23:52:14,126 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 101. [2022-02-20 23:52:14,127 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:14,127 INFO L82 GeneralOperation]: Start isEquivalent. First operand 118 states. Second operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:52:14,127 INFO L74 IsIncluded]: Start isIncluded. First operand 118 states. Second operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:52:14,127 INFO L87 Difference]: Start difference. First operand 118 states. Second operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:52:14,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:14,129 INFO L93 Difference]: Finished difference Result 118 states and 136 transitions. [2022-02-20 23:52:14,129 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 136 transitions. [2022-02-20 23:52:14,129 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:14,129 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:14,130 INFO L74 IsIncluded]: Start isIncluded. First operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) Second operand 118 states. [2022-02-20 23:52:14,130 INFO L87 Difference]: Start difference. First operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) Second operand 118 states. [2022-02-20 23:52:14,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:14,131 INFO L93 Difference]: Finished difference Result 118 states and 136 transitions. [2022-02-20 23:52:14,131 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 136 transitions. [2022-02-20 23:52:14,132 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:14,132 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:14,132 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:14,132 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:14,132 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 88 states have internal predecessors, (101), 6 states have call successors, (6), 4 states have call predecessors, (6), 6 states have return successors, (9), 8 states have call predecessors, (9), 6 states have call successors, (9) [2022-02-20 23:52:14,133 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 116 transitions. [2022-02-20 23:52:14,133 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 116 transitions. Word has length 26 [2022-02-20 23:52:14,133 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:14,134 INFO L470 AbstractCegarLoop]: Abstraction has 101 states and 116 transitions. [2022-02-20 23:52:14,134 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:14,134 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 116 transitions. [2022-02-20 23:52:14,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 23:52:14,134 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:14,134 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:14,143 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Ended with exit code 0 [2022-02-20 23:52:14,337 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (18)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:14,535 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3,18 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:14,535 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr12ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:14,535 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:14,535 INFO L85 PathProgramCache]: Analyzing trace with hash 631952143, now seen corresponding path program 1 times [2022-02-20 23:52:14,536 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:14,536 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1564220780] [2022-02-20 23:52:14,536 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:14,536 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:14,536 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:14,564 INFO L229 MonitoredProcess]: Starting monitored process 19 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:14,594 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-02-20 23:52:14,620 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:14,623 INFO L263 TraceCheckSpWp]: Trace formula consists of 113 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:52:14,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:14,631 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:14,671 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:14,676 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:14,730 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2022-02-20 23:52:14,736 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 19 treesize of output 7 [2022-02-20 23:52:14,783 INFO L290 TraceCheckUtils]: 0: Hoare triple {7031#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7031#true} is VALID [2022-02-20 23:52:14,783 INFO L290 TraceCheckUtils]: 1: Hoare triple {7031#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {7031#true} is VALID [2022-02-20 23:52:14,783 INFO L272 TraceCheckUtils]: 2: Hoare triple {7031#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {7031#true} is VALID [2022-02-20 23:52:14,783 INFO L290 TraceCheckUtils]: 3: Hoare triple {7031#true} ~size := #in~size; {7031#true} is VALID [2022-02-20 23:52:14,784 INFO L290 TraceCheckUtils]: 4: Hoare triple {7031#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {7048#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:14,784 INFO L290 TraceCheckUtils]: 5: Hoare triple {7048#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {7048#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:14,785 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7048#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {7031#true} #102#return; {7055#(and (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:14,787 INFO L290 TraceCheckUtils]: 7: Hoare triple {7055#(and (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {7059#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:52:14,787 INFO L290 TraceCheckUtils]: 8: Hoare triple {7059#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {7059#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} is VALID [2022-02-20 23:52:14,787 INFO L290 TraceCheckUtils]: 9: Hoare triple {7059#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {7066#(and (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 10: Hoare triple {7066#(and (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_unsafe_19_#t~mem43#1.base| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L272 TraceCheckUtils]: 11: Hoare triple {7032#false} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 12: Hoare triple {7032#false} ~size := #in~size; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 13: Hoare triple {7032#false} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 14: Hoare triple {7032#false} assume true; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {7032#false} {7032#false} #104#return; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 16: Hoare triple {7032#false} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 17: Hoare triple {7032#false} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 18: Hoare triple {7032#false} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {7032#false} is VALID [2022-02-20 23:52:14,788 INFO L290 TraceCheckUtils]: 19: Hoare triple {7032#false} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 20: Hoare triple {7032#false} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 21: Hoare triple {7032#false} assume 0bv32 != probe_unsafe_19_~ret~0#1; {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 22: Hoare triple {7032#false} SUMMARY for call probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L786 {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 23: Hoare triple {7032#false} assume 0bv32 == probe_unsafe_19_#t~mem46#1.offset; {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 24: Hoare triple {7032#false} assume ~bvult32(probe_unsafe_19_#t~mem46#1.base, #StackHeapBarrier); {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L290 TraceCheckUtils]: 25: Hoare triple {7032#false} assume !(0bv32 == probe_unsafe_19_#t~mem46#1.base || 1bv1 == #valid[probe_unsafe_19_#t~mem46#1.base]); {7032#false} is VALID [2022-02-20 23:52:14,789 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:14,789 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:14,789 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:14,789 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1564220780] [2022-02-20 23:52:14,789 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1564220780] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:14,789 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:14,789 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:52:14,790 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1419750018] [2022-02-20 23:52:14,790 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:14,790 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2022-02-20 23:52:14,790 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:14,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:14,812 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:14,812 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:14,812 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:14,812 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:14,812 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:14,813 INFO L87 Difference]: Start difference. First operand 101 states and 116 transitions. Second operand has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:15,345 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:15,345 INFO L93 Difference]: Finished difference Result 93 states and 103 transitions. [2022-02-20 23:52:15,345 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:52:15,345 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2022-02-20 23:52:15,345 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:15,345 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:15,346 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 71 transitions. [2022-02-20 23:52:15,346 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:15,346 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 71 transitions. [2022-02-20 23:52:15,346 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 71 transitions. [2022-02-20 23:52:15,402 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 71 edges. 71 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:15,403 INFO L225 Difference]: With dead ends: 93 [2022-02-20 23:52:15,403 INFO L226 Difference]: Without dead ends: 87 [2022-02-20 23:52:15,403 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 21 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:52:15,403 INFO L933 BasicCegarLoop]: 68 mSDtfsCounter, 2 mSDsluCounter, 248 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:15,403 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [2 Valid, 316 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:52:15,404 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2022-02-20 23:52:15,405 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 87. [2022-02-20 23:52:15,405 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:15,405 INFO L82 GeneralOperation]: Start isEquivalent. First operand 87 states. Second operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:15,405 INFO L74 IsIncluded]: Start isIncluded. First operand 87 states. Second operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:15,405 INFO L87 Difference]: Start difference. First operand 87 states. Second operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:15,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:15,406 INFO L93 Difference]: Finished difference Result 87 states and 97 transitions. [2022-02-20 23:52:15,406 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 97 transitions. [2022-02-20 23:52:15,406 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:15,406 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:15,407 INFO L74 IsIncluded]: Start isIncluded. First operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 87 states. [2022-02-20 23:52:15,408 INFO L87 Difference]: Start difference. First operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 87 states. [2022-02-20 23:52:15,409 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:15,409 INFO L93 Difference]: Finished difference Result 87 states and 97 transitions. [2022-02-20 23:52:15,409 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 97 transitions. [2022-02-20 23:52:15,409 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:15,410 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:15,410 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:15,410 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:15,410 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 63 states have (on average 1.3650793650793651) internal successors, (86), 76 states have internal predecessors, (86), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:15,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 97 transitions. [2022-02-20 23:52:15,411 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 97 transitions. Word has length 26 [2022-02-20 23:52:15,411 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:15,411 INFO L470 AbstractCegarLoop]: Abstraction has 87 states and 97 transitions. [2022-02-20 23:52:15,411 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.6666666666666665) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:15,411 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 97 transitions. [2022-02-20 23:52:15,412 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:52:15,412 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:15,412 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:15,418 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:15,618 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 19 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:15,618 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr13REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:15,618 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:15,618 INFO L85 PathProgramCache]: Analyzing trace with hash -1765464909, now seen corresponding path program 1 times [2022-02-20 23:52:15,618 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:15,619 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1597412565] [2022-02-20 23:52:15,619 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:15,619 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:15,619 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:15,620 INFO L229 MonitoredProcess]: Starting monitored process 20 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:15,621 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Waiting until timeout for monitored process [2022-02-20 23:52:15,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:15,681 INFO L263 TraceCheckSpWp]: Trace formula consists of 124 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:52:15,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:15,690 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:15,794 INFO L290 TraceCheckUtils]: 0: Hoare triple {7472#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7472#true} is VALID [2022-02-20 23:52:15,796 INFO L290 TraceCheckUtils]: 1: Hoare triple {7472#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} is VALID [2022-02-20 23:52:15,796 INFO L272 TraceCheckUtils]: 2: Hoare triple {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {7472#true} is VALID [2022-02-20 23:52:15,796 INFO L290 TraceCheckUtils]: 3: Hoare triple {7472#true} ~size := #in~size; {7472#true} is VALID [2022-02-20 23:52:15,796 INFO L290 TraceCheckUtils]: 4: Hoare triple {7472#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7472#true} is VALID [2022-02-20 23:52:15,796 INFO L290 TraceCheckUtils]: 5: Hoare triple {7472#true} assume true; {7472#true} is VALID [2022-02-20 23:52:15,797 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7472#true} {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} #102#return; {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} is VALID [2022-02-20 23:52:15,797 INFO L290 TraceCheckUtils]: 7: Hoare triple {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} is VALID [2022-02-20 23:52:15,797 INFO L290 TraceCheckUtils]: 8: Hoare triple {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} is VALID [2022-02-20 23:52:15,798 INFO L290 TraceCheckUtils]: 9: Hoare triple {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} is VALID [2022-02-20 23:52:15,798 INFO L290 TraceCheckUtils]: 10: Hoare triple {7480#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|)} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {7508#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|)} is VALID [2022-02-20 23:52:15,798 INFO L272 TraceCheckUtils]: 11: Hoare triple {7508#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|)} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {7472#true} is VALID [2022-02-20 23:52:15,798 INFO L290 TraceCheckUtils]: 12: Hoare triple {7472#true} ~size := #in~size; {7472#true} is VALID [2022-02-20 23:52:15,798 INFO L290 TraceCheckUtils]: 13: Hoare triple {7472#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7472#true} is VALID [2022-02-20 23:52:15,798 INFO L290 TraceCheckUtils]: 14: Hoare triple {7472#true} assume true; {7472#true} is VALID [2022-02-20 23:52:15,799 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {7472#true} {7508#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|)} #104#return; {7508#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|)} is VALID [2022-02-20 23:52:15,800 INFO L290 TraceCheckUtils]: 16: Hoare triple {7508#(= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|)} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,800 INFO L290 TraceCheckUtils]: 17: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,800 INFO L290 TraceCheckUtils]: 18: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,801 INFO L290 TraceCheckUtils]: 19: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,801 INFO L290 TraceCheckUtils]: 20: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,801 INFO L290 TraceCheckUtils]: 21: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,802 INFO L290 TraceCheckUtils]: 22: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,802 INFO L290 TraceCheckUtils]: 23: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,802 INFO L290 TraceCheckUtils]: 24: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,803 INFO L290 TraceCheckUtils]: 25: Hoare triple {7527#(= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {7555#(= (select |#valid| |ULTIMATE.start_disconnect_19_~a#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:15,803 INFO L290 TraceCheckUtils]: 26: Hoare triple {7555#(= (select |#valid| |ULTIMATE.start_disconnect_19_~a#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[disconnect_19_~a#1.base]); {7473#false} is VALID [2022-02-20 23:52:15,803 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:52:15,803 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:15,803 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:15,803 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1597412565] [2022-02-20 23:52:15,803 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1597412565] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:15,804 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:15,804 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:15,804 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1661518761] [2022-02-20 23:52:15,804 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:15,804 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:15,804 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:15,804 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:15,825 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:15,825 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:15,825 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:15,825 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:15,825 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:15,825 INFO L87 Difference]: Start difference. First operand 87 states and 97 transitions. Second operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:16,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:16,305 INFO L93 Difference]: Finished difference Result 98 states and 109 transitions. [2022-02-20 23:52:16,305 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:52:16,305 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:16,305 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:16,305 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:16,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 78 transitions. [2022-02-20 23:52:16,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:16,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 78 transitions. [2022-02-20 23:52:16,306 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 78 transitions. [2022-02-20 23:52:16,373 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 78 edges. 78 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:16,374 INFO L225 Difference]: With dead ends: 98 [2022-02-20 23:52:16,374 INFO L226 Difference]: Without dead ends: 98 [2022-02-20 23:52:16,374 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=70, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:52:16,374 INFO L933 BasicCegarLoop]: 48 mSDtfsCounter, 114 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 114 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:16,374 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [114 Valid, 146 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:52:16,375 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2022-02-20 23:52:16,376 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 90. [2022-02-20 23:52:16,376 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:16,376 INFO L82 GeneralOperation]: Start isEquivalent. First operand 98 states. Second operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:16,376 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:16,376 INFO L87 Difference]: Start difference. First operand 98 states. Second operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:16,377 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:16,377 INFO L93 Difference]: Finished difference Result 98 states and 109 transitions. [2022-02-20 23:52:16,377 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 109 transitions. [2022-02-20 23:52:16,378 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:16,378 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:16,378 INFO L74 IsIncluded]: Start isIncluded. First operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 98 states. [2022-02-20 23:52:16,378 INFO L87 Difference]: Start difference. First operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 98 states. [2022-02-20 23:52:16,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:16,379 INFO L93 Difference]: Finished difference Result 98 states and 109 transitions. [2022-02-20 23:52:16,380 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 109 transitions. [2022-02-20 23:52:16,380 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:16,380 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:16,380 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:16,380 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:16,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 66 states have (on average 1.378787878787879) internal successors, (91), 79 states have internal predecessors, (91), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:16,381 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 102 transitions. [2022-02-20 23:52:16,381 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 102 transitions. Word has length 27 [2022-02-20 23:52:16,381 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:16,381 INFO L470 AbstractCegarLoop]: Abstraction has 90 states and 102 transitions. [2022-02-20 23:52:16,381 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:16,382 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 102 transitions. [2022-02-20 23:52:16,382 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:52:16,382 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:16,382 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:16,394 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:16,582 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 20 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:16,582 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr14REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:16,583 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:16,583 INFO L85 PathProgramCache]: Analyzing trace with hash -1765464908, now seen corresponding path program 1 times [2022-02-20 23:52:16,583 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:16,583 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [564878306] [2022-02-20 23:52:16,583 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:16,583 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:16,583 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:16,584 INFO L229 MonitoredProcess]: Starting monitored process 21 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:16,585 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (21)] Waiting until timeout for monitored process [2022-02-20 23:52:16,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:16,660 INFO L263 TraceCheckSpWp]: Trace formula consists of 124 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:52:16,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:16,671 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:18,884 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:18,884 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 16 [2022-02-20 23:52:18,894 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:52:18,895 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 12 [2022-02-20 23:52:19,082 INFO L290 TraceCheckUtils]: 0: Hoare triple {7952#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {7952#true} is VALID [2022-02-20 23:52:19,082 INFO L290 TraceCheckUtils]: 1: Hoare triple {7952#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {7960#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,082 INFO L272 TraceCheckUtils]: 2: Hoare triple {7960#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {7952#true} is VALID [2022-02-20 23:52:19,082 INFO L290 TraceCheckUtils]: 3: Hoare triple {7952#true} ~size := #in~size; {7952#true} is VALID [2022-02-20 23:52:19,082 INFO L290 TraceCheckUtils]: 4: Hoare triple {7952#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7952#true} is VALID [2022-02-20 23:52:19,083 INFO L290 TraceCheckUtils]: 5: Hoare triple {7952#true} assume true; {7952#true} is VALID [2022-02-20 23:52:19,083 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7952#true} {7960#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {7960#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,084 INFO L290 TraceCheckUtils]: 7: Hoare triple {7960#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,084 INFO L290 TraceCheckUtils]: 8: Hoare triple {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,085 INFO L290 TraceCheckUtils]: 9: Hoare triple {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,085 INFO L290 TraceCheckUtils]: 10: Hoare triple {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,086 INFO L272 TraceCheckUtils]: 11: Hoare triple {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {7992#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:52:19,086 INFO L290 TraceCheckUtils]: 12: Hoare triple {7992#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {7992#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:52:19,087 INFO L290 TraceCheckUtils]: 13: Hoare triple {7992#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7999#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_323 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_323))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:52:19,088 INFO L290 TraceCheckUtils]: 14: Hoare triple {7999#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_323 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_323))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} assume true; {7999#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_323 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_323))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} is VALID [2022-02-20 23:52:19,089 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {7999#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_323 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_323))) (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1))))} {7979#(and (= (select |#valid| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (_ bv1 1)) (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #104#return; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,089 INFO L290 TraceCheckUtils]: 16: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,090 INFO L290 TraceCheckUtils]: 17: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,090 INFO L290 TraceCheckUtils]: 18: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,091 INFO L290 TraceCheckUtils]: 19: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,091 INFO L290 TraceCheckUtils]: 20: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,091 INFO L290 TraceCheckUtils]: 21: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,092 INFO L290 TraceCheckUtils]: 22: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,092 INFO L290 TraceCheckUtils]: 23: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,092 INFO L290 TraceCheckUtils]: 24: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,093 INFO L290 TraceCheckUtils]: 25: Hoare triple {8006#(and (bvule (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv8 32)) (select |#length| |ULTIMATE.start_entry_point_~#a19~0#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {8037#(and (bvule (bvadd (_ bv8 32) |ULTIMATE.start_disconnect_19_~a#1.offset|) (select |#length| |ULTIMATE.start_disconnect_19_~a#1.base|)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:19,093 INFO L290 TraceCheckUtils]: 26: Hoare triple {8037#(and (bvule (bvadd (_ bv8 32) |ULTIMATE.start_disconnect_19_~a#1.offset|) (select |#length| |ULTIMATE.start_disconnect_19_~a#1.base|)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, ~bvadd32(4bv32, disconnect_19_~a#1.offset)), #length[disconnect_19_~a#1.base]) && ~bvule32(~bvadd32(4bv32, disconnect_19_~a#1.offset), ~bvadd32(4bv32, ~bvadd32(4bv32, disconnect_19_~a#1.offset)))) && ~bvule32(0bv32, ~bvadd32(4bv32, disconnect_19_~a#1.offset))); {7953#false} is VALID [2022-02-20 23:52:19,093 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:19,093 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:19,094 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:19,094 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [564878306] [2022-02-20 23:52:19,094 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [564878306] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:19,094 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:19,094 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:52:19,094 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [749315650] [2022-02-20 23:52:19,094 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:19,094 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:19,094 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:19,094 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:19,121 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:19,121 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:52:19,121 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:19,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:52:19,122 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=41, Unknown=1, NotChecked=0, Total=56 [2022-02-20 23:52:19,122 INFO L87 Difference]: Start difference. First operand 90 states and 102 transitions. Second operand has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:20,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:20,411 INFO L93 Difference]: Finished difference Result 123 states and 135 transitions. [2022-02-20 23:52:20,411 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-02-20 23:52:20,411 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-02-20 23:52:20,411 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:20,412 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:20,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 117 transitions. [2022-02-20 23:52:20,413 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:20,413 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 117 transitions. [2022-02-20 23:52:20,413 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 117 transitions. [2022-02-20 23:52:20,530 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 117 edges. 117 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:20,531 INFO L225 Difference]: With dead ends: 123 [2022-02-20 23:52:20,531 INFO L226 Difference]: Without dead ends: 123 [2022-02-20 23:52:20,531 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 2.2s TimeCoverageRelationStatistics Valid=45, Invalid=110, Unknown=1, NotChecked=0, Total=156 [2022-02-20 23:52:20,532 INFO L933 BasicCegarLoop]: 61 mSDtfsCounter, 125 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 166 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 234 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 166 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 46 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:20,532 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [126 Valid, 239 Invalid, 234 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 166 Invalid, 0 Unknown, 46 Unchecked, 0.4s Time] [2022-02-20 23:52:20,532 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 123 states. [2022-02-20 23:52:20,533 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 123 to 89. [2022-02-20 23:52:20,533 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:20,534 INFO L82 GeneralOperation]: Start isEquivalent. First operand 123 states. Second operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:20,534 INFO L74 IsIncluded]: Start isIncluded. First operand 123 states. Second operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:20,534 INFO L87 Difference]: Start difference. First operand 123 states. Second operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:20,537 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:20,537 INFO L93 Difference]: Finished difference Result 123 states and 135 transitions. [2022-02-20 23:52:20,537 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 135 transitions. [2022-02-20 23:52:20,538 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:20,539 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:20,539 INFO L74 IsIncluded]: Start isIncluded. First operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 123 states. [2022-02-20 23:52:20,539 INFO L87 Difference]: Start difference. First operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 123 states. [2022-02-20 23:52:20,540 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:20,540 INFO L93 Difference]: Finished difference Result 123 states and 135 transitions. [2022-02-20 23:52:20,541 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 135 transitions. [2022-02-20 23:52:20,542 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:20,542 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:20,544 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:20,544 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:20,544 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 66 states have (on average 1.3484848484848484) internal successors, (89), 78 states have internal predecessors, (89), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:20,545 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 100 transitions. [2022-02-20 23:52:20,546 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 100 transitions. Word has length 27 [2022-02-20 23:52:20,546 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:20,546 INFO L470 AbstractCegarLoop]: Abstraction has 89 states and 100 transitions. [2022-02-20 23:52:20,546 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.2857142857142856) internal successors, (23), 8 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:20,547 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 100 transitions. [2022-02-20 23:52:20,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 23:52:20,547 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:20,547 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:20,556 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (21)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:20,754 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 21 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:20,754 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting f19_undoErr2ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:20,755 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:20,755 INFO L85 PathProgramCache]: Analyzing trace with hash 1104559937, now seen corresponding path program 1 times [2022-02-20 23:52:20,755 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:20,755 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1950767712] [2022-02-20 23:52:20,755 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:20,755 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:20,755 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:20,758 INFO L229 MonitoredProcess]: Starting monitored process 22 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:20,761 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (22)] Waiting until timeout for monitored process [2022-02-20 23:52:20,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:20,825 INFO L263 TraceCheckSpWp]: Trace formula consists of 129 conjuncts, 15 conjunts are in the unsatisfiable core [2022-02-20 23:52:20,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:20,835 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:20,954 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:52:21,057 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:21,069 INFO L290 TraceCheckUtils]: 0: Hoare triple {8508#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8508#true} is VALID [2022-02-20 23:52:21,070 INFO L290 TraceCheckUtils]: 1: Hoare triple {8508#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {8508#true} is VALID [2022-02-20 23:52:21,070 INFO L272 TraceCheckUtils]: 2: Hoare triple {8508#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {8508#true} is VALID [2022-02-20 23:52:21,070 INFO L290 TraceCheckUtils]: 3: Hoare triple {8508#true} ~size := #in~size; {8508#true} is VALID [2022-02-20 23:52:21,070 INFO L290 TraceCheckUtils]: 4: Hoare triple {8508#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8508#true} is VALID [2022-02-20 23:52:21,070 INFO L290 TraceCheckUtils]: 5: Hoare triple {8508#true} assume true; {8508#true} is VALID [2022-02-20 23:52:21,071 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8508#true} {8508#true} #102#return; {8508#true} is VALID [2022-02-20 23:52:21,071 INFO L290 TraceCheckUtils]: 7: Hoare triple {8508#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {8508#true} is VALID [2022-02-20 23:52:21,071 INFO L290 TraceCheckUtils]: 8: Hoare triple {8508#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {8508#true} is VALID [2022-02-20 23:52:21,071 INFO L290 TraceCheckUtils]: 9: Hoare triple {8508#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {8508#true} is VALID [2022-02-20 23:52:21,072 INFO L290 TraceCheckUtils]: 10: Hoare triple {8508#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {8543#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:21,072 INFO L272 TraceCheckUtils]: 11: Hoare triple {8543#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {8508#true} is VALID [2022-02-20 23:52:21,072 INFO L290 TraceCheckUtils]: 12: Hoare triple {8508#true} ~size := #in~size; {8508#true} is VALID [2022-02-20 23:52:21,072 INFO L290 TraceCheckUtils]: 13: Hoare triple {8508#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8553#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:21,073 INFO L290 TraceCheckUtils]: 14: Hoare triple {8553#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {8553#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:21,073 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {8553#(= |ldv_malloc_#res.offset| (_ bv0 32))} {8543#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} #104#return; {8560#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_f19_#t~ret38#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:21,075 INFO L290 TraceCheckUtils]: 16: Hoare triple {8560#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_f19_#t~ret38#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,075 INFO L290 TraceCheckUtils]: 17: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,076 INFO L290 TraceCheckUtils]: 18: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,076 INFO L290 TraceCheckUtils]: 19: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,076 INFO L290 TraceCheckUtils]: 20: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,077 INFO L290 TraceCheckUtils]: 21: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,077 INFO L290 TraceCheckUtils]: 22: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,077 INFO L290 TraceCheckUtils]: 23: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,078 INFO L272 TraceCheckUtils]: 24: Hoare triple {8564#(= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (_ bv0 32))} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {8589#(= (select (select |#memory_$Pointer$.offset| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|) (_ bv0 32))} is VALID [2022-02-20 23:52:21,078 INFO L290 TraceCheckUtils]: 25: Hoare triple {8589#(= (select (select |#memory_$Pointer$.offset| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|) (_ bv0 32))} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {8593#(= (select (select |#memory_$Pointer$.offset| f19_undo_~a.base) f19_undo_~a.offset) (_ bv0 32))} is VALID [2022-02-20 23:52:21,079 INFO L290 TraceCheckUtils]: 26: Hoare triple {8593#(= (select (select |#memory_$Pointer$.offset| f19_undo_~a.base) f19_undo_~a.offset) (_ bv0 32))} SUMMARY for call #t~mem40.base, #t~mem40.offset := read~$Pointer$(~a.base, ~a.offset, 4bv32); srcloc: L768 {8597#(= (_ bv0 32) |f19_undo_#t~mem40.offset|)} is VALID [2022-02-20 23:52:21,079 INFO L290 TraceCheckUtils]: 27: Hoare triple {8597#(= (_ bv0 32) |f19_undo_#t~mem40.offset|)} assume !(0bv32 == #t~mem40.offset); {8509#false} is VALID [2022-02-20 23:52:21,079 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:52:21,079 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:21,080 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:21,080 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1950767712] [2022-02-20 23:52:21,080 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1950767712] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:21,080 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:21,080 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 23:52:21,080 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [825851716] [2022-02-20 23:52:21,080 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:21,083 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 28 [2022-02-20 23:52:21,083 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:21,084 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:21,105 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:21,105 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:52:21,105 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:21,106 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:52:21,106 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:52:21,106 INFO L87 Difference]: Start difference. First operand 89 states and 100 transitions. Second operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:22,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:22,055 INFO L93 Difference]: Finished difference Result 91 states and 99 transitions. [2022-02-20 23:52:22,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:52:22,055 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 28 [2022-02-20 23:52:22,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:22,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:22,056 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 72 transitions. [2022-02-20 23:52:22,056 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:22,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 72 transitions. [2022-02-20 23:52:22,057 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 72 transitions. [2022-02-20 23:52:22,140 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 72 edges. 72 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:22,140 INFO L225 Difference]: With dead ends: 91 [2022-02-20 23:52:22,141 INFO L226 Difference]: Without dead ends: 91 [2022-02-20 23:52:22,141 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=120, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:52:22,141 INFO L933 BasicCegarLoop]: 53 mSDtfsCounter, 82 mSDsluCounter, 273 mSDsCounter, 0 mSdLazyCounter, 94 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 94 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:22,141 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [83 Valid, 326 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 94 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:52:22,141 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-02-20 23:52:22,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 89. [2022-02-20 23:52:22,142 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:22,143 INFO L82 GeneralOperation]: Start isEquivalent. First operand 91 states. Second operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:22,143 INFO L74 IsIncluded]: Start isIncluded. First operand 91 states. Second operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:22,143 INFO L87 Difference]: Start difference. First operand 91 states. Second operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:22,144 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:22,144 INFO L93 Difference]: Finished difference Result 91 states and 99 transitions. [2022-02-20 23:52:22,144 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 99 transitions. [2022-02-20 23:52:22,144 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:22,144 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:22,144 INFO L74 IsIncluded]: Start isIncluded. First operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 91 states. [2022-02-20 23:52:22,144 INFO L87 Difference]: Start difference. First operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 91 states. [2022-02-20 23:52:22,145 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:22,145 INFO L93 Difference]: Finished difference Result 91 states and 99 transitions. [2022-02-20 23:52:22,145 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 99 transitions. [2022-02-20 23:52:22,145 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:22,145 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:22,146 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:22,146 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:22,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:22,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 99 transitions. [2022-02-20 23:52:22,147 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 99 transitions. Word has length 28 [2022-02-20 23:52:22,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:22,147 INFO L470 AbstractCegarLoop]: Abstraction has 89 states and 99 transitions. [2022-02-20 23:52:22,147 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:22,147 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 99 transitions. [2022-02-20 23:52:22,148 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 23:52:22,148 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:22,148 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:22,172 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (22)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:22,354 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 22 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:22,355 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting ULTIMATE.startErr15ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:22,355 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:22,355 INFO L85 PathProgramCache]: Analyzing trace with hash 1105162709, now seen corresponding path program 1 times [2022-02-20 23:52:22,355 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:22,355 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [539279814] [2022-02-20 23:52:22,356 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:22,356 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:22,356 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:22,357 INFO L229 MonitoredProcess]: Starting monitored process 23 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:22,358 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (23)] Waiting until timeout for monitored process [2022-02-20 23:52:22,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:22,427 INFO L263 TraceCheckSpWp]: Trace formula consists of 130 conjuncts, 23 conjunts are in the unsatisfiable core [2022-02-20 23:52:22,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:22,439 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:22,512 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:22,661 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:22,662 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:52:22,776 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:22,790 INFO L290 TraceCheckUtils]: 0: Hoare triple {8970#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8970#true} is VALID [2022-02-20 23:52:22,791 INFO L290 TraceCheckUtils]: 1: Hoare triple {8970#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,791 INFO L272 TraceCheckUtils]: 2: Hoare triple {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {8970#true} is VALID [2022-02-20 23:52:22,791 INFO L290 TraceCheckUtils]: 3: Hoare triple {8970#true} ~size := #in~size; {8970#true} is VALID [2022-02-20 23:52:22,792 INFO L290 TraceCheckUtils]: 4: Hoare triple {8970#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:22,793 INFO L290 TraceCheckUtils]: 5: Hoare triple {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:22,794 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {8995#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,795 INFO L290 TraceCheckUtils]: 7: Hoare triple {8995#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,795 INFO L290 TraceCheckUtils]: 8: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,796 INFO L290 TraceCheckUtils]: 9: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,796 INFO L290 TraceCheckUtils]: 10: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,797 INFO L272 TraceCheckUtils]: 11: Hoare triple {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,798 INFO L290 TraceCheckUtils]: 12: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} ~size := #in~size; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,798 INFO L290 TraceCheckUtils]: 13: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,798 INFO L290 TraceCheckUtils]: 14: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} assume true; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,799 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} #104#return; {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,800 INFO L290 TraceCheckUtils]: 16: Hoare triple {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,800 INFO L290 TraceCheckUtils]: 17: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,801 INFO L290 TraceCheckUtils]: 18: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,801 INFO L290 TraceCheckUtils]: 19: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,801 INFO L290 TraceCheckUtils]: 20: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,802 INFO L290 TraceCheckUtils]: 21: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,802 INFO L290 TraceCheckUtils]: 22: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,803 INFO L290 TraceCheckUtils]: 23: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,803 INFO L290 TraceCheckUtils]: 24: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:22,803 INFO L290 TraceCheckUtils]: 25: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {9057#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:22,804 INFO L290 TraceCheckUtils]: 26: Hoare triple {9057#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} SUMMARY for call disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset := read~$Pointer$(disconnect_19_~a#1.base, ~bvadd32(4bv32, disconnect_19_~a#1.offset), 4bv32); srcloc: L793 {9061#(= (_ bv0 32) |ULTIMATE.start_disconnect_19_#t~mem47#1.offset|)} is VALID [2022-02-20 23:52:22,804 INFO L290 TraceCheckUtils]: 27: Hoare triple {9061#(= (_ bv0 32) |ULTIMATE.start_disconnect_19_#t~mem47#1.offset|)} assume !(0bv32 == disconnect_19_#t~mem47#1.offset); {8971#false} is VALID [2022-02-20 23:52:22,804 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:22,804 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:24,956 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:24,956 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [539279814] [2022-02-20 23:52:24,956 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [539279814] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:24,956 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1769482760] [2022-02-20 23:52:24,956 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:24,956 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:24,957 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:52:24,957 INFO L229 MonitoredProcess]: Starting monitored process 24 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:52:24,976 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (24)] Waiting until timeout for monitored process [2022-02-20 23:52:25,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:25,095 INFO L263 TraceCheckSpWp]: Trace formula consists of 130 conjuncts, 23 conjunts are in the unsatisfiable core [2022-02-20 23:52:25,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:25,107 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:25,167 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:25,321 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:25,322 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:52:25,410 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:25,414 INFO L290 TraceCheckUtils]: 0: Hoare triple {8970#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {8970#true} is VALID [2022-02-20 23:52:25,414 INFO L290 TraceCheckUtils]: 1: Hoare triple {8970#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,414 INFO L272 TraceCheckUtils]: 2: Hoare triple {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {8970#true} is VALID [2022-02-20 23:52:25,415 INFO L290 TraceCheckUtils]: 3: Hoare triple {8970#true} ~size := #in~size; {8970#true} is VALID [2022-02-20 23:52:25,415 INFO L290 TraceCheckUtils]: 4: Hoare triple {8970#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:25,415 INFO L290 TraceCheckUtils]: 5: Hoare triple {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} assume true; {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} is VALID [2022-02-20 23:52:25,416 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8988#(= |ldv_malloc_#res.offset| (_ bv0 32))} {8978#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {8995#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,417 INFO L290 TraceCheckUtils]: 7: Hoare triple {8995#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.offset| (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,418 INFO L290 TraceCheckUtils]: 8: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,418 INFO L290 TraceCheckUtils]: 9: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,419 INFO L290 TraceCheckUtils]: 10: Hoare triple {8999#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,420 INFO L272 TraceCheckUtils]: 11: Hoare triple {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,420 INFO L290 TraceCheckUtils]: 12: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} ~size := #in~size; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,420 INFO L290 TraceCheckUtils]: 13: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,421 INFO L290 TraceCheckUtils]: 14: Hoare triple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} assume true; {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,421 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {9013#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13| (_ BitVec 32))) (= (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_13|) (_ bv4 32)) (_ bv0 32)))} {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} #104#return; {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,422 INFO L290 TraceCheckUtils]: 16: Hoare triple {9009#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,423 INFO L290 TraceCheckUtils]: 17: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,423 INFO L290 TraceCheckUtils]: 18: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,425 INFO L290 TraceCheckUtils]: 19: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,433 INFO L290 TraceCheckUtils]: 20: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,434 INFO L290 TraceCheckUtils]: 21: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,434 INFO L290 TraceCheckUtils]: 22: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,434 INFO L290 TraceCheckUtils]: 23: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,435 INFO L290 TraceCheckUtils]: 24: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} is VALID [2022-02-20 23:52:25,435 INFO L290 TraceCheckUtils]: 25: Hoare triple {9029#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {9057#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:25,436 INFO L290 TraceCheckUtils]: 26: Hoare triple {9057#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) (_ bv0 32)) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} SUMMARY for call disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset := read~$Pointer$(disconnect_19_~a#1.base, ~bvadd32(4bv32, disconnect_19_~a#1.offset), 4bv32); srcloc: L793 {9061#(= (_ bv0 32) |ULTIMATE.start_disconnect_19_#t~mem47#1.offset|)} is VALID [2022-02-20 23:52:25,436 INFO L290 TraceCheckUtils]: 27: Hoare triple {9061#(= (_ bv0 32) |ULTIMATE.start_disconnect_19_#t~mem47#1.offset|)} assume !(0bv32 == disconnect_19_#t~mem47#1.offset); {8971#false} is VALID [2022-02-20 23:52:25,436 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:25,436 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:27,554 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1769482760] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:27,554 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:52:27,555 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10] total 10 [2022-02-20 23:52:27,555 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [468087971] [2022-02-20 23:52:27,555 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:52:27,555 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 28 [2022-02-20 23:52:27,555 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:27,555 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:27,586 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:27,587 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-02-20 23:52:27,587 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:27,587 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-02-20 23:52:27,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=39, Invalid=142, Unknown=1, NotChecked=0, Total=182 [2022-02-20 23:52:27,587 INFO L87 Difference]: Start difference. First operand 89 states and 99 transitions. Second operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:34,718 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:34,718 INFO L93 Difference]: Finished difference Result 92 states and 101 transitions. [2022-02-20 23:52:34,718 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-02-20 23:52:34,718 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 28 [2022-02-20 23:52:34,719 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:34,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:34,719 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 71 transitions. [2022-02-20 23:52:34,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:34,720 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14 states to 14 states and 71 transitions. [2022-02-20 23:52:34,720 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states and 71 transitions. [2022-02-20 23:52:34,787 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 71 edges. 71 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:34,788 INFO L225 Difference]: With dead ends: 92 [2022-02-20 23:52:34,788 INFO L226 Difference]: Without dead ends: 92 [2022-02-20 23:52:34,788 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 85 GetRequests, 64 SyntacticMatches, 4 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 4.4s TimeCoverageRelationStatistics Valid=80, Invalid=261, Unknown=1, NotChecked=0, Total=342 [2022-02-20 23:52:34,789 INFO L933 BasicCegarLoop]: 55 mSDtfsCounter, 51 mSDsluCounter, 323 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 378 SdHoareTripleChecker+Invalid, 121 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 7 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:34,789 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [53 Valid, 378 Invalid, 121 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 109 Invalid, 0 Unknown, 7 Unchecked, 0.2s Time] [2022-02-20 23:52:34,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2022-02-20 23:52:34,790 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 88. [2022-02-20 23:52:34,790 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:34,790 INFO L82 GeneralOperation]: Start isEquivalent. First operand 92 states. Second operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:34,790 INFO L74 IsIncluded]: Start isIncluded. First operand 92 states. Second operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:34,791 INFO L87 Difference]: Start difference. First operand 92 states. Second operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:34,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:34,792 INFO L93 Difference]: Finished difference Result 92 states and 101 transitions. [2022-02-20 23:52:34,792 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 101 transitions. [2022-02-20 23:52:34,792 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:34,792 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:34,792 INFO L74 IsIncluded]: Start isIncluded. First operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 92 states. [2022-02-20 23:52:34,792 INFO L87 Difference]: Start difference. First operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 92 states. [2022-02-20 23:52:34,793 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:34,793 INFO L93 Difference]: Finished difference Result 92 states and 101 transitions. [2022-02-20 23:52:34,793 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 101 transitions. [2022-02-20 23:52:34,793 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:34,793 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:34,794 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:34,794 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:34,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 77 states have internal predecessors, (87), 5 states have call successors, (5), 4 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:34,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 98 transitions. [2022-02-20 23:52:34,796 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 98 transitions. Word has length 28 [2022-02-20 23:52:34,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:34,796 INFO L470 AbstractCegarLoop]: Abstraction has 88 states and 98 transitions. [2022-02-20 23:52:34,796 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 10 states have internal predecessors, (24), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:34,796 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 98 transitions. [2022-02-20 23:52:34,796 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:52:34,796 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:34,796 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:34,809 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (24)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:35,017 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (23)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:35,206 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 24 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,23 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:35,206 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting f19_undoErr3ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:35,207 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:35,207 INFO L85 PathProgramCache]: Analyzing trace with hash -118380194, now seen corresponding path program 1 times [2022-02-20 23:52:35,208 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:35,208 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [776065967] [2022-02-20 23:52:35,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:35,208 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:35,208 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:35,209 INFO L229 MonitoredProcess]: Starting monitored process 25 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:35,243 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (25)] Waiting until timeout for monitored process [2022-02-20 23:52:35,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:35,316 INFO L263 TraceCheckSpWp]: Trace formula consists of 130 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:52:35,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:35,331 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:35,737 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:52:36,112 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:36,184 INFO L290 TraceCheckUtils]: 0: Hoare triple {9600#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:36,184 INFO L290 TraceCheckUtils]: 1: Hoare triple {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:36,185 INFO L272 TraceCheckUtils]: 2: Hoare triple {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:36,185 INFO L290 TraceCheckUtils]: 3: Hoare triple {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:36,188 INFO L290 TraceCheckUtils]: 4: Hoare triple {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,190 INFO L290 TraceCheckUtils]: 5: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,190 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {9605#(bvult (_ bv0 32) |#StackHeapBarrier|)} #102#return; {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,195 INFO L290 TraceCheckUtils]: 7: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,197 INFO L290 TraceCheckUtils]: 8: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,201 INFO L290 TraceCheckUtils]: 9: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,203 INFO L290 TraceCheckUtils]: 10: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {9637#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,204 INFO L272 TraceCheckUtils]: 11: Hoare triple {9637#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,205 INFO L290 TraceCheckUtils]: 12: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size := #in~size; {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:52:36,208 INFO L290 TraceCheckUtils]: 13: Hoare triple {9618#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9647#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,210 INFO L290 TraceCheckUtils]: 14: Hoare triple {9647#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume true; {9647#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,211 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {9647#(and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} {9637#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} #104#return; {9654#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_f19_#t~ret38#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:36,222 INFO L290 TraceCheckUtils]: 16: Hoare triple {9654#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_f19_#t~ret38#1.base| |#StackHeapBarrier|))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,225 INFO L290 TraceCheckUtils]: 17: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,229 INFO L290 TraceCheckUtils]: 18: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,232 INFO L290 TraceCheckUtils]: 19: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,234 INFO L290 TraceCheckUtils]: 20: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,236 INFO L290 TraceCheckUtils]: 21: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,239 INFO L290 TraceCheckUtils]: 22: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,241 INFO L290 TraceCheckUtils]: 23: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:52:36,241 INFO L272 TraceCheckUtils]: 24: Hoare triple {9658#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {9683#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult (select (select |#memory_$Pointer$.base| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:36,244 INFO L290 TraceCheckUtils]: 25: Hoare triple {9683#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult (select (select |#memory_$Pointer$.base| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|) |#StackHeapBarrier|))} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {9687#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult (select (select |#memory_$Pointer$.base| f19_undo_~a.base) f19_undo_~a.offset) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:36,247 INFO L290 TraceCheckUtils]: 26: Hoare triple {9687#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult (select (select |#memory_$Pointer$.base| f19_undo_~a.base) f19_undo_~a.offset) |#StackHeapBarrier|))} SUMMARY for call #t~mem40.base, #t~mem40.offset := read~$Pointer$(~a.base, ~a.offset, 4bv32); srcloc: L768 {9691#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |f19_undo_#t~mem40.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:36,249 INFO L290 TraceCheckUtils]: 27: Hoare triple {9691#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |f19_undo_#t~mem40.base| |#StackHeapBarrier|))} assume 0bv32 == #t~mem40.offset; {9691#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |f19_undo_#t~mem40.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:36,249 INFO L290 TraceCheckUtils]: 28: Hoare triple {9691#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |f19_undo_#t~mem40.base| |#StackHeapBarrier|))} assume !~bvult32(#t~mem40.base, #StackHeapBarrier); {9601#false} is VALID [2022-02-20 23:52:36,250 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:36,250 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:36,250 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:36,250 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [776065967] [2022-02-20 23:52:36,250 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [776065967] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:36,250 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:36,250 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-20 23:52:36,250 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1967212951] [2022-02-20 23:52:36,250 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:36,250 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2022-02-20 23:52:36,250 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:36,251 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:36,342 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:36,342 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-02-20 23:52:36,342 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:36,343 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-02-20 23:52:36,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:52:36,343 INFO L87 Difference]: Start difference. First operand 88 states and 98 transitions. Second operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:36,820 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:36,820 INFO L93 Difference]: Finished difference Result 103 states and 112 transitions. [2022-02-20 23:52:36,820 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:52:36,821 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2022-02-20 23:52:36,821 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:36,821 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:36,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 97 transitions. [2022-02-20 23:52:36,822 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:36,822 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 97 transitions. [2022-02-20 23:52:36,822 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 97 transitions. [2022-02-20 23:52:36,980 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 97 edges. 97 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:36,981 INFO L225 Difference]: With dead ends: 103 [2022-02-20 23:52:36,981 INFO L226 Difference]: Without dead ends: 103 [2022-02-20 23:52:36,981 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:52:36,981 INFO L933 BasicCegarLoop]: 56 mSDtfsCounter, 42 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 249 SdHoareTripleChecker+Invalid, 71 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 65 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:36,981 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [44 Valid, 249 Invalid, 71 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 65 Unchecked, 0.0s Time] [2022-02-20 23:52:36,982 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-02-20 23:52:36,983 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 92. [2022-02-20 23:52:36,983 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:36,983 INFO L82 GeneralOperation]: Start isEquivalent. First operand 103 states. Second operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:36,983 INFO L74 IsIncluded]: Start isIncluded. First operand 103 states. Second operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:36,983 INFO L87 Difference]: Start difference. First operand 103 states. Second operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:36,984 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:36,984 INFO L93 Difference]: Finished difference Result 103 states and 112 transitions. [2022-02-20 23:52:36,984 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 112 transitions. [2022-02-20 23:52:36,984 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:36,984 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:36,984 INFO L74 IsIncluded]: Start isIncluded. First operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 103 states. [2022-02-20 23:52:36,984 INFO L87 Difference]: Start difference. First operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 103 states. [2022-02-20 23:52:36,994 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:36,994 INFO L93 Difference]: Finished difference Result 103 states and 112 transitions. [2022-02-20 23:52:36,994 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 112 transitions. [2022-02-20 23:52:36,994 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:36,994 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:36,994 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:36,994 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:36,995 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 70 states have (on average 1.3) internal successors, (91), 80 states have internal predecessors, (91), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:36,995 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 102 transitions. [2022-02-20 23:52:36,995 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 102 transitions. Word has length 29 [2022-02-20 23:52:37,011 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:37,011 INFO L470 AbstractCegarLoop]: Abstraction has 92 states and 102 transitions. [2022-02-20 23:52:37,012 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 2.6666666666666665) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:37,012 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 102 transitions. [2022-02-20 23:52:37,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:52:37,013 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:37,013 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:37,022 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (25)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:37,213 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 25 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:37,214 INFO L402 AbstractCegarLoop]: === Iteration 21 === Targeting f19_undoErr3ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:37,214 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:37,214 INFO L85 PathProgramCache]: Analyzing trace with hash -628914371, now seen corresponding path program 1 times [2022-02-20 23:52:37,214 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:37,214 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1088261436] [2022-02-20 23:52:37,214 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:37,214 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:37,214 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:37,215 INFO L229 MonitoredProcess]: Starting monitored process 26 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:37,253 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (26)] Waiting until timeout for monitored process [2022-02-20 23:52:37,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:37,326 INFO L263 TraceCheckSpWp]: Trace formula consists of 124 conjuncts, 13 conjunts are in the unsatisfiable core [2022-02-20 23:52:37,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:37,336 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:37,404 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:52:37,411 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:52:37,443 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:37,448 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:37,483 INFO L290 TraceCheckUtils]: 0: Hoare triple {10098#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L290 TraceCheckUtils]: 1: Hoare triple {10098#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L272 TraceCheckUtils]: 2: Hoare triple {10098#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L290 TraceCheckUtils]: 3: Hoare triple {10098#true} ~size := #in~size; {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L290 TraceCheckUtils]: 4: Hoare triple {10098#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L290 TraceCheckUtils]: 5: Hoare triple {10098#true} assume true; {10098#true} is VALID [2022-02-20 23:52:37,483 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10098#true} {10098#true} #102#return; {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 7: Hoare triple {10098#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 8: Hoare triple {10098#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 9: Hoare triple {10098#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 10: Hoare triple {10098#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L272 TraceCheckUtils]: 11: Hoare triple {10098#true} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 12: Hoare triple {10098#true} ~size := #in~size; {10098#true} is VALID [2022-02-20 23:52:37,484 INFO L290 TraceCheckUtils]: 13: Hoare triple {10098#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {10142#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:37,485 INFO L290 TraceCheckUtils]: 14: Hoare triple {10142#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {10142#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:37,485 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {10142#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {10098#true} #104#return; {10149#(and (= |ULTIMATE.start_f19_#t~ret38#1.base| (_ bv0 32)) (= |ULTIMATE.start_f19_#t~ret38#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:37,487 INFO L290 TraceCheckUtils]: 16: Hoare triple {10149#(and (= |ULTIMATE.start_f19_#t~ret38#1.base| (_ bv0 32)) (= |ULTIMATE.start_f19_#t~ret38#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {10153#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} is VALID [2022-02-20 23:52:37,487 INFO L290 TraceCheckUtils]: 17: Hoare triple {10153#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {10153#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 18: Hoare triple {10153#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_f19_~a#1.base|) |ULTIMATE.start_f19_~a#1.offset|) (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {10160#(and (= |ULTIMATE.start_f19_#t~mem39#1.base| (_ bv0 32)) (= |ULTIMATE.start_f19_#t~mem39#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 19: Hoare triple {10160#(and (= |ULTIMATE.start_f19_#t~mem39#1.base| (_ bv0 32)) (= |ULTIMATE.start_f19_#t~mem39#1.offset| (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 20: Hoare triple {10099#false} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 21: Hoare triple {10099#false} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 22: Hoare triple {10099#false} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 23: Hoare triple {10099#false} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L272 TraceCheckUtils]: 24: Hoare triple {10099#false} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 25: Hoare triple {10099#false} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {10099#false} is VALID [2022-02-20 23:52:37,488 INFO L290 TraceCheckUtils]: 26: Hoare triple {10099#false} SUMMARY for call #t~mem40.base, #t~mem40.offset := read~$Pointer$(~a.base, ~a.offset, 4bv32); srcloc: L768 {10099#false} is VALID [2022-02-20 23:52:37,489 INFO L290 TraceCheckUtils]: 27: Hoare triple {10099#false} assume 0bv32 == #t~mem40.offset; {10099#false} is VALID [2022-02-20 23:52:37,489 INFO L290 TraceCheckUtils]: 28: Hoare triple {10099#false} assume !~bvult32(#t~mem40.base, #StackHeapBarrier); {10099#false} is VALID [2022-02-20 23:52:37,489 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:52:37,489 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:37,489 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:37,489 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1088261436] [2022-02-20 23:52:37,489 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1088261436] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:37,489 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:37,489 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:52:37,489 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1475381656] [2022-02-20 23:52:37,489 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:37,489 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:37,490 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:37,490 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:37,513 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:37,513 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:37,513 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:37,513 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:37,513 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:37,513 INFO L87 Difference]: Start difference. First operand 92 states and 102 transitions. Second operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,170 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,170 INFO L93 Difference]: Finished difference Result 114 states and 124 transitions. [2022-02-20 23:52:38,170 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:52:38,170 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:38,170 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:38,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,171 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 98 transitions. [2022-02-20 23:52:38,171 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,172 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 98 transitions. [2022-02-20 23:52:38,172 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 98 transitions. [2022-02-20 23:52:38,246 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 98 edges. 98 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:38,247 INFO L225 Difference]: With dead ends: 114 [2022-02-20 23:52:38,247 INFO L226 Difference]: Without dead ends: 114 [2022-02-20 23:52:38,247 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 24 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:52:38,248 INFO L933 BasicCegarLoop]: 84 mSDtfsCounter, 29 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 378 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:38,248 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [31 Valid, 378 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:52:38,248 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 114 states. [2022-02-20 23:52:38,249 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 114 to 90. [2022-02-20 23:52:38,249 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:38,249 INFO L82 GeneralOperation]: Start isEquivalent. First operand 114 states. Second operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:38,249 INFO L74 IsIncluded]: Start isIncluded. First operand 114 states. Second operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:38,249 INFO L87 Difference]: Start difference. First operand 114 states. Second operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:38,251 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,251 INFO L93 Difference]: Finished difference Result 114 states and 124 transitions. [2022-02-20 23:52:38,251 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 124 transitions. [2022-02-20 23:52:38,252 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,252 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,252 INFO L74 IsIncluded]: Start isIncluded. First operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 114 states. [2022-02-20 23:52:38,253 INFO L87 Difference]: Start difference. First operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) Second operand 114 states. [2022-02-20 23:52:38,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,254 INFO L93 Difference]: Finished difference Result 114 states and 124 transitions. [2022-02-20 23:52:38,255 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 124 transitions. [2022-02-20 23:52:38,255 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,255 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,255 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:38,255 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:38,255 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 78 states have internal predecessors, (88), 5 states have call successors, (5), 5 states have call predecessors, (5), 5 states have return successors, (6), 6 states have call predecessors, (6), 5 states have call successors, (6) [2022-02-20 23:52:38,257 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 99 transitions. [2022-02-20 23:52:38,257 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 99 transitions. Word has length 29 [2022-02-20 23:52:38,257 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:38,257 INFO L470 AbstractCegarLoop]: Abstraction has 90 states and 99 transitions. [2022-02-20 23:52:38,257 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,257 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 99 transitions. [2022-02-20 23:52:38,258 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:52:38,258 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:38,258 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:38,273 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (26)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:38,458 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 26 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:38,458 INFO L402 AbstractCegarLoop]: === Iteration 22 === Targeting f19_undoErr3ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:38,459 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:38,459 INFO L85 PathProgramCache]: Analyzing trace with hash -1021941381, now seen corresponding path program 1 times [2022-02-20 23:52:38,459 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:38,459 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [697944425] [2022-02-20 23:52:38,459 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:38,459 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:38,459 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:38,460 INFO L229 MonitoredProcess]: Starting monitored process 27 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:38,461 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (27)] Waiting until timeout for monitored process [2022-02-20 23:52:38,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:38,529 INFO L263 TraceCheckSpWp]: Trace formula consists of 125 conjuncts, 3 conjunts are in the unsatisfiable core [2022-02-20 23:52:38,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:38,544 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:38,603 INFO L290 TraceCheckUtils]: 0: Hoare triple {10626#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {10626#true} is VALID [2022-02-20 23:52:38,603 INFO L290 TraceCheckUtils]: 1: Hoare triple {10626#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {10626#true} is VALID [2022-02-20 23:52:38,603 INFO L272 TraceCheckUtils]: 2: Hoare triple {10626#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 3: Hoare triple {10626#true} ~size := #in~size; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 4: Hoare triple {10626#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 5: Hoare triple {10626#true} assume true; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10626#true} {10626#true} #102#return; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 7: Hoare triple {10626#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 8: Hoare triple {10626#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 9: Hoare triple {10626#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L290 TraceCheckUtils]: 10: Hoare triple {10626#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {10626#true} is VALID [2022-02-20 23:52:38,604 INFO L272 TraceCheckUtils]: 11: Hoare triple {10626#true} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 12: Hoare triple {10626#true} ~size := #in~size; {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 13: Hoare triple {10626#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 14: Hoare triple {10626#true} assume true; {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {10626#true} {10626#true} #104#return; {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 16: Hoare triple {10626#true} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 17: Hoare triple {10626#true} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 18: Hoare triple {10626#true} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {10626#true} is VALID [2022-02-20 23:52:38,605 INFO L290 TraceCheckUtils]: 19: Hoare triple {10626#true} assume !(f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32);havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 3bv32; {10688#(= (_ bv3 32) |ULTIMATE.start_f19_#res#1|)} is VALID [2022-02-20 23:52:38,606 INFO L290 TraceCheckUtils]: 20: Hoare triple {10688#(= (_ bv3 32) |ULTIMATE.start_f19_#res#1|)} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {10692#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} is VALID [2022-02-20 23:52:38,606 INFO L290 TraceCheckUtils]: 21: Hoare triple {10692#(= |ULTIMATE.start_probe_unsafe_19_~ret~0#1| (_ bv3 32))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {10627#false} is VALID [2022-02-20 23:52:38,606 INFO L290 TraceCheckUtils]: 22: Hoare triple {10627#false} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {10627#false} is VALID [2022-02-20 23:52:38,606 INFO L290 TraceCheckUtils]: 23: Hoare triple {10627#false} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {10627#false} is VALID [2022-02-20 23:52:38,606 INFO L272 TraceCheckUtils]: 24: Hoare triple {10627#false} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {10627#false} is VALID [2022-02-20 23:52:38,607 INFO L290 TraceCheckUtils]: 25: Hoare triple {10627#false} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {10627#false} is VALID [2022-02-20 23:52:38,607 INFO L290 TraceCheckUtils]: 26: Hoare triple {10627#false} SUMMARY for call #t~mem40.base, #t~mem40.offset := read~$Pointer$(~a.base, ~a.offset, 4bv32); srcloc: L768 {10627#false} is VALID [2022-02-20 23:52:38,607 INFO L290 TraceCheckUtils]: 27: Hoare triple {10627#false} assume 0bv32 == #t~mem40.offset; {10627#false} is VALID [2022-02-20 23:52:38,607 INFO L290 TraceCheckUtils]: 28: Hoare triple {10627#false} assume !~bvult32(#t~mem40.base, #StackHeapBarrier); {10627#false} is VALID [2022-02-20 23:52:38,607 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:52:38,607 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:38,607 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:38,607 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [697944425] [2022-02-20 23:52:38,607 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [697944425] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:38,608 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:38,608 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:52:38,608 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [828992248] [2022-02-20 23:52:38,608 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:38,608 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:38,608 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:38,608 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,630 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:38,630 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:52:38,630 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:38,631 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:52:38,631 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:52:38,631 INFO L87 Difference]: Start difference. First operand 90 states and 99 transitions. Second operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,885 INFO L93 Difference]: Finished difference Result 98 states and 103 transitions. [2022-02-20 23:52:38,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:52:38,885 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:38,886 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:38,886 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,886 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 85 transitions. [2022-02-20 23:52:38,886 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,887 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 85 transitions. [2022-02-20 23:52:38,887 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 85 transitions. [2022-02-20 23:52:38,979 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 85 edges. 85 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:38,981 INFO L225 Difference]: With dead ends: 98 [2022-02-20 23:52:38,981 INFO L226 Difference]: Without dead ends: 98 [2022-02-20 23:52:38,981 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:38,981 INFO L933 BasicCegarLoop]: 75 mSDtfsCounter, 49 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:38,981 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [51 Valid, 180 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:52:38,982 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2022-02-20 23:52:38,983 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 82. [2022-02-20 23:52:38,983 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:38,983 INFO L82 GeneralOperation]: Start isEquivalent. First operand 98 states. Second operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:38,983 INFO L74 IsIncluded]: Start isIncluded. First operand 98 states. Second operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:38,983 INFO L87 Difference]: Start difference. First operand 98 states. Second operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:38,984 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,984 INFO L93 Difference]: Finished difference Result 98 states and 103 transitions. [2022-02-20 23:52:38,984 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 103 transitions. [2022-02-20 23:52:38,985 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,985 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,985 INFO L74 IsIncluded]: Start isIncluded. First operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 98 states. [2022-02-20 23:52:38,987 INFO L87 Difference]: Start difference. First operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 98 states. [2022-02-20 23:52:38,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,988 INFO L93 Difference]: Finished difference Result 98 states and 103 transitions. [2022-02-20 23:52:38,988 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 103 transitions. [2022-02-20 23:52:38,989 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,989 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,989 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:38,989 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:38,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 61 states have (on average 1.2622950819672132) internal successors, (77), 72 states have internal predecessors, (77), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:38,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 86 transitions. [2022-02-20 23:52:38,991 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 86 transitions. Word has length 29 [2022-02-20 23:52:38,991 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:38,991 INFO L470 AbstractCegarLoop]: Abstraction has 82 states and 86 transitions. [2022-02-20 23:52:38,991 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:38,991 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 86 transitions. [2022-02-20 23:52:38,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:52:38,991 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:38,992 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:39,011 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (27)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:39,198 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 27 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:39,199 INFO L402 AbstractCegarLoop]: === Iteration 23 === Targeting ULTIMATE.startErr18ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:39,199 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:39,200 INFO L85 PathProgramCache]: Analyzing trace with hash -99262379, now seen corresponding path program 1 times [2022-02-20 23:52:39,200 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:39,200 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1005019277] [2022-02-20 23:52:39,200 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:39,201 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:39,201 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:39,202 INFO L229 MonitoredProcess]: Starting monitored process 28 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:39,203 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (28)] Waiting until timeout for monitored process [2022-02-20 23:52:39,266 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:39,269 INFO L263 TraceCheckSpWp]: Trace formula consists of 123 conjuncts, 3 conjunts are in the unsatisfiable core [2022-02-20 23:52:39,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:39,278 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:39,342 INFO L290 TraceCheckUtils]: 0: Hoare triple {11094#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L290 TraceCheckUtils]: 1: Hoare triple {11094#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L272 TraceCheckUtils]: 2: Hoare triple {11094#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L290 TraceCheckUtils]: 3: Hoare triple {11094#true} ~size := #in~size; {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L290 TraceCheckUtils]: 4: Hoare triple {11094#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L290 TraceCheckUtils]: 5: Hoare triple {11094#true} assume true; {11094#true} is VALID [2022-02-20 23:52:39,342 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {11094#true} {11094#true} #102#return; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 7: Hoare triple {11094#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 8: Hoare triple {11094#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 9: Hoare triple {11094#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 10: Hoare triple {11094#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L272 TraceCheckUtils]: 11: Hoare triple {11094#true} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 12: Hoare triple {11094#true} ~size := #in~size; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 13: Hoare triple {11094#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L290 TraceCheckUtils]: 14: Hoare triple {11094#true} assume true; {11094#true} is VALID [2022-02-20 23:52:39,343 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {11094#true} {11094#true} #104#return; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 16: Hoare triple {11094#true} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 17: Hoare triple {11094#true} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 18: Hoare triple {11094#true} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 19: Hoare triple {11094#true} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 20: Hoare triple {11094#true} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 21: Hoare triple {11094#true} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 22: Hoare triple {11094#true} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {11094#true} is VALID [2022-02-20 23:52:39,344 INFO L290 TraceCheckUtils]: 23: Hoare triple {11094#true} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {11168#(= |ULTIMATE.start_probe_unsafe_19_#res#1| (_ bv0 32))} is VALID [2022-02-20 23:52:39,345 INFO L290 TraceCheckUtils]: 24: Hoare triple {11168#(= |ULTIMATE.start_probe_unsafe_19_#res#1| (_ bv0 32))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {11172#(= |ULTIMATE.start_entry_point_~ret~1#1| (_ bv0 32))} is VALID [2022-02-20 23:52:39,345 INFO L290 TraceCheckUtils]: 25: Hoare triple {11172#(= |ULTIMATE.start_entry_point_~ret~1#1| (_ bv0 32))} assume !(0bv32 == entry_point_~ret~1#1); {11095#false} is VALID [2022-02-20 23:52:39,345 INFO L290 TraceCheckUtils]: 26: Hoare triple {11095#false} call ULTIMATE.dealloc(entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset);havoc entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset; {11095#false} is VALID [2022-02-20 23:52:39,345 INFO L290 TraceCheckUtils]: 27: Hoare triple {11095#false} assume { :end_inline_entry_point } true; {11095#false} is VALID [2022-02-20 23:52:39,345 INFO L290 TraceCheckUtils]: 28: Hoare triple {11095#false} assume !(#valid == main_old_#valid#1); {11095#false} is VALID [2022-02-20 23:52:39,346 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:52:39,346 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:39,346 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:39,346 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1005019277] [2022-02-20 23:52:39,346 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1005019277] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:39,346 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:39,346 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:52:39,346 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [230710270] [2022-02-20 23:52:39,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:39,347 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:39,348 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:39,348 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:39,366 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:39,366 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:52:39,366 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:39,366 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:52:39,366 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:52:39,367 INFO L87 Difference]: Start difference. First operand 82 states and 86 transitions. Second operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:39,587 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:39,588 INFO L93 Difference]: Finished difference Result 97 states and 99 transitions. [2022-02-20 23:52:39,588 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:52:39,588 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-02-20 23:52:39,588 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:39,588 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:39,589 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 80 transitions. [2022-02-20 23:52:39,600 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:39,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 80 transitions. [2022-02-20 23:52:39,601 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 80 transitions. [2022-02-20 23:52:39,658 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 80 edges. 80 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:39,659 INFO L225 Difference]: With dead ends: 97 [2022-02-20 23:52:39,659 INFO L226 Difference]: Without dead ends: 97 [2022-02-20 23:52:39,659 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:39,659 INFO L933 BasicCegarLoop]: 64 mSDtfsCounter, 34 mSDsluCounter, 110 mSDsCounter, 0 mSdLazyCounter, 8 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 174 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 8 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:39,660 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [35 Valid, 174 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 8 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:52:39,660 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2022-02-20 23:52:39,661 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 82. [2022-02-20 23:52:39,661 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:39,661 INFO L82 GeneralOperation]: Start isEquivalent. First operand 97 states. Second operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:39,661 INFO L74 IsIncluded]: Start isIncluded. First operand 97 states. Second operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:39,661 INFO L87 Difference]: Start difference. First operand 97 states. Second operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:39,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:39,662 INFO L93 Difference]: Finished difference Result 97 states and 99 transitions. [2022-02-20 23:52:39,662 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 99 transitions. [2022-02-20 23:52:39,663 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:39,663 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:39,663 INFO L74 IsIncluded]: Start isIncluded. First operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 97 states. [2022-02-20 23:52:39,666 INFO L87 Difference]: Start difference. First operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 97 states. [2022-02-20 23:52:39,668 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:39,668 INFO L93 Difference]: Finished difference Result 97 states and 99 transitions. [2022-02-20 23:52:39,668 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 99 transitions. [2022-02-20 23:52:39,668 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:39,668 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:39,668 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:39,668 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:39,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 61 states have (on average 1.2459016393442623) internal successors, (76), 72 states have internal predecessors, (76), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:39,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 85 transitions. [2022-02-20 23:52:39,669 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 85 transitions. Word has length 29 [2022-02-20 23:52:39,669 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:39,670 INFO L470 AbstractCegarLoop]: Abstraction has 82 states and 85 transitions. [2022-02-20 23:52:39,673 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.5) internal successors, (22), 4 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:39,673 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 85 transitions. [2022-02-20 23:52:39,674 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:52:39,674 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:39,674 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:39,695 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (28)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:39,881 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 28 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:39,881 INFO L402 AbstractCegarLoop]: === Iteration 24 === Targeting ULTIMATE.startErr16ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:39,881 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:39,881 INFO L85 PathProgramCache]: Analyzing trace with hash -99694285, now seen corresponding path program 1 times [2022-02-20 23:52:39,882 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:39,882 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [88481666] [2022-02-20 23:52:39,882 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:39,882 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:39,882 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:39,883 INFO L229 MonitoredProcess]: Starting monitored process 29 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:39,885 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (29)] Waiting until timeout for monitored process [2022-02-20 23:52:39,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:39,963 INFO L263 TraceCheckSpWp]: Trace formula consists of 131 conjuncts, 23 conjunts are in the unsatisfiable core [2022-02-20 23:52:39,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:39,980 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:40,066 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:40,310 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:40,311 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:52:40,456 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:40,481 INFO L290 TraceCheckUtils]: 0: Hoare triple {11559#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {11559#true} is VALID [2022-02-20 23:52:40,482 INFO L290 TraceCheckUtils]: 1: Hoare triple {11559#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,482 INFO L272 TraceCheckUtils]: 2: Hoare triple {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {11559#true} is VALID [2022-02-20 23:52:40,482 INFO L290 TraceCheckUtils]: 3: Hoare triple {11559#true} ~size := #in~size; {11559#true} is VALID [2022-02-20 23:52:40,482 INFO L290 TraceCheckUtils]: 4: Hoare triple {11559#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:40,483 INFO L290 TraceCheckUtils]: 5: Hoare triple {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:40,483 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {11584#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,492 INFO L290 TraceCheckUtils]: 7: Hoare triple {11584#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,492 INFO L290 TraceCheckUtils]: 8: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,493 INFO L290 TraceCheckUtils]: 9: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,493 INFO L290 TraceCheckUtils]: 10: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,495 INFO L272 TraceCheckUtils]: 11: Hoare triple {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:40,495 INFO L290 TraceCheckUtils]: 12: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} ~size := #in~size; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:40,495 INFO L290 TraceCheckUtils]: 13: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:40,496 INFO L290 TraceCheckUtils]: 14: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} assume true; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:40,496 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #104#return; {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,504 INFO L290 TraceCheckUtils]: 16: Hoare triple {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,505 INFO L290 TraceCheckUtils]: 17: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,505 INFO L290 TraceCheckUtils]: 18: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,506 INFO L290 TraceCheckUtils]: 19: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,506 INFO L290 TraceCheckUtils]: 20: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,507 INFO L290 TraceCheckUtils]: 21: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,507 INFO L290 TraceCheckUtils]: 22: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,507 INFO L290 TraceCheckUtils]: 23: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,508 INFO L290 TraceCheckUtils]: 24: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,508 INFO L290 TraceCheckUtils]: 25: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {11646#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:40,509 INFO L290 TraceCheckUtils]: 26: Hoare triple {11646#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} SUMMARY for call disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset := read~$Pointer$(disconnect_19_~a#1.base, ~bvadd32(4bv32, disconnect_19_~a#1.offset), 4bv32); srcloc: L793 {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:40,509 INFO L290 TraceCheckUtils]: 27: Hoare triple {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} assume 0bv32 == disconnect_19_#t~mem47#1.offset; {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:40,509 INFO L290 TraceCheckUtils]: 28: Hoare triple {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} assume !~bvult32(disconnect_19_#t~mem47#1.base, #StackHeapBarrier); {11560#false} is VALID [2022-02-20 23:52:40,510 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:40,510 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:43,168 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:43,168 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [88481666] [2022-02-20 23:52:43,168 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [88481666] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:43,168 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [445768638] [2022-02-20 23:52:43,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:43,168 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:43,168 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 [2022-02-20 23:52:43,169 INFO L229 MonitoredProcess]: Starting monitored process 30 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-02-20 23:52:43,171 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (30)] Waiting until timeout for monitored process [2022-02-20 23:52:43,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:43,299 INFO L263 TraceCheckSpWp]: Trace formula consists of 131 conjuncts, 23 conjunts are in the unsatisfiable core [2022-02-20 23:52:43,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:43,316 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:43,378 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:43,538 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:43,539 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 20 [2022-02-20 23:52:43,632 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 7 [2022-02-20 23:52:43,639 INFO L290 TraceCheckUtils]: 0: Hoare triple {11559#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {11559#true} is VALID [2022-02-20 23:52:43,640 INFO L290 TraceCheckUtils]: 1: Hoare triple {11559#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,640 INFO L272 TraceCheckUtils]: 2: Hoare triple {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {11559#true} is VALID [2022-02-20 23:52:43,640 INFO L290 TraceCheckUtils]: 3: Hoare triple {11559#true} ~size := #in~size; {11559#true} is VALID [2022-02-20 23:52:43,640 INFO L290 TraceCheckUtils]: 4: Hoare triple {11559#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:43,640 INFO L290 TraceCheckUtils]: 5: Hoare triple {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} assume true; {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:43,641 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {11577#(bvult |ldv_malloc_#res.base| |#StackHeapBarrier|)} {11567#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {11584#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,649 INFO L290 TraceCheckUtils]: 7: Hoare triple {11584#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base| |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,649 INFO L290 TraceCheckUtils]: 8: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,650 INFO L290 TraceCheckUtils]: 9: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,650 INFO L290 TraceCheckUtils]: 10: Hoare triple {11588#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,652 INFO L272 TraceCheckUtils]: 11: Hoare triple {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:43,652 INFO L290 TraceCheckUtils]: 12: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} ~size := #in~size; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:43,652 INFO L290 TraceCheckUtils]: 13: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:43,652 INFO L290 TraceCheckUtils]: 14: Hoare triple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} assume true; {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} is VALID [2022-02-20 23:52:43,653 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {11602#(exists ((|v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16| (_ BitVec 32))) (bvult (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_f19_~a#1.base_BEFORE_CALL_16|) (_ bv4 32)) |#StackHeapBarrier|))} {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #104#return; {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,666 INFO L290 TraceCheckUtils]: 16: Hoare triple {11598#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,667 INFO L290 TraceCheckUtils]: 17: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,667 INFO L290 TraceCheckUtils]: 18: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,668 INFO L290 TraceCheckUtils]: 19: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,668 INFO L290 TraceCheckUtils]: 20: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,668 INFO L290 TraceCheckUtils]: 21: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,669 INFO L290 TraceCheckUtils]: 22: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,669 INFO L290 TraceCheckUtils]: 23: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,670 INFO L290 TraceCheckUtils]: 24: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,670 INFO L290 TraceCheckUtils]: 25: Hoare triple {11618#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32))) |#StackHeapBarrier|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {11646#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,671 INFO L290 TraceCheckUtils]: 26: Hoare triple {11646#(and (bvult (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)) |#StackHeapBarrier|) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} SUMMARY for call disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset := read~$Pointer$(disconnect_19_~a#1.base, ~bvadd32(4bv32, disconnect_19_~a#1.offset), 4bv32); srcloc: L793 {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:43,671 INFO L290 TraceCheckUtils]: 27: Hoare triple {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} assume 0bv32 == disconnect_19_#t~mem47#1.offset; {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} is VALID [2022-02-20 23:52:43,671 INFO L290 TraceCheckUtils]: 28: Hoare triple {11650#(bvult |ULTIMATE.start_disconnect_19_#t~mem47#1.base| |#StackHeapBarrier|)} assume !~bvult32(disconnect_19_#t~mem47#1.base, #StackHeapBarrier); {11560#false} is VALID [2022-02-20 23:52:43,671 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:43,671 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:52:45,813 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [445768638] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:52:45,814 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:52:45,814 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10] total 10 [2022-02-20 23:52:45,814 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1162295252] [2022-02-20 23:52:45,814 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:52:45,814 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2022-02-20 23:52:45,814 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:45,815 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:45,853 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:45,854 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-02-20 23:52:45,854 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:45,854 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-02-20 23:52:45,854 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=39, Invalid=142, Unknown=1, NotChecked=0, Total=182 [2022-02-20 23:52:45,854 INFO L87 Difference]: Start difference. First operand 82 states and 85 transitions. Second operand has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:47,245 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,245 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:47,245 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-02-20 23:52:47,246 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2022-02-20 23:52:47,246 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:47,246 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:47,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 70 transitions. [2022-02-20 23:52:47,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:47,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 70 transitions. [2022-02-20 23:52:47,247 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 15 states and 70 transitions. [2022-02-20 23:52:47,331 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 70 edges. 70 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:47,332 INFO L225 Difference]: With dead ends: 85 [2022-02-20 23:52:47,332 INFO L226 Difference]: Without dead ends: 85 [2022-02-20 23:52:47,332 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 89 GetRequests, 68 SyntacticMatches, 4 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 72 ImplicationChecksByTransitivity, 5.0s TimeCoverageRelationStatistics Valid=76, Invalid=265, Unknown=1, NotChecked=0, Total=342 [2022-02-20 23:52:47,332 INFO L933 BasicCegarLoop]: 50 mSDtfsCounter, 45 mSDsluCounter, 256 mSDsCounter, 0 mSdLazyCounter, 162 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 182 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 162 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 14 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:47,332 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [47 Valid, 306 Invalid, 182 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 162 Invalid, 0 Unknown, 14 Unchecked, 0.3s Time] [2022-02-20 23:52:47,333 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-02-20 23:52:47,334 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 81. [2022-02-20 23:52:47,334 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:47,334 INFO L82 GeneralOperation]: Start isEquivalent. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:47,334 INFO L74 IsIncluded]: Start isIncluded. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:47,334 INFO L87 Difference]: Start difference. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:47,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,335 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:47,335 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 87 transitions. [2022-02-20 23:52:47,335 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:47,335 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:47,335 INFO L74 IsIncluded]: Start isIncluded. First operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 85 states. [2022-02-20 23:52:47,335 INFO L87 Difference]: Start difference. First operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 85 states. [2022-02-20 23:52:47,336 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,336 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:47,336 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 87 transitions. [2022-02-20 23:52:47,336 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:47,336 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:47,337 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:47,337 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:47,337 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 61 states have (on average 1.2295081967213115) internal successors, (75), 71 states have internal predecessors, (75), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:47,338 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 84 transitions. [2022-02-20 23:52:47,338 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 84 transitions. Word has length 29 [2022-02-20 23:52:47,338 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:47,338 INFO L470 AbstractCegarLoop]: Abstraction has 81 states and 84 transitions. [2022-02-20 23:52:47,338 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 2.7777777777777777) internal successors, (25), 10 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:47,338 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 84 transitions. [2022-02-20 23:52:47,338 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:52:47,338 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:47,339 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:47,344 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt (30)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:47,549 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (29)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:47,742 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 30 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/cvc4 --incremental --print-success --lang smt,29 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:47,742 INFO L402 AbstractCegarLoop]: === Iteration 25 === Targeting f19_undoErr4ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:47,742 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:47,742 INFO L85 PathProgramCache]: Analyzing trace with hash 625181411, now seen corresponding path program 1 times [2022-02-20 23:52:47,742 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:47,742 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1513112776] [2022-02-20 23:52:47,742 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:47,742 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:47,743 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:47,744 INFO L229 MonitoredProcess]: Starting monitored process 31 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:47,745 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (31)] Waiting until timeout for monitored process [2022-02-20 23:52:47,815 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:47,818 INFO L263 TraceCheckSpWp]: Trace formula consists of 132 conjuncts, 18 conjunts are in the unsatisfiable core [2022-02-20 23:52:47,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:47,830 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:47,877 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:47,927 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2022-02-20 23:52:48,037 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 0: Hoare triple {12173#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 1: Hoare triple {12173#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L272 TraceCheckUtils]: 2: Hoare triple {12173#true} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 3: Hoare triple {12173#true} ~size := #in~size; {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 4: Hoare triple {12173#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 5: Hoare triple {12173#true} assume true; {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12173#true} {12173#true} #102#return; {12173#true} is VALID [2022-02-20 23:52:48,056 INFO L290 TraceCheckUtils]: 7: Hoare triple {12173#true} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {12173#true} is VALID [2022-02-20 23:52:48,057 INFO L290 TraceCheckUtils]: 8: Hoare triple {12173#true} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {12173#true} is VALID [2022-02-20 23:52:48,057 INFO L290 TraceCheckUtils]: 9: Hoare triple {12173#true} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {12173#true} is VALID [2022-02-20 23:52:48,057 INFO L290 TraceCheckUtils]: 10: Hoare triple {12173#true} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {12208#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} is VALID [2022-02-20 23:52:48,057 INFO L272 TraceCheckUtils]: 11: Hoare triple {12208#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {12173#true} is VALID [2022-02-20 23:52:48,057 INFO L290 TraceCheckUtils]: 12: Hoare triple {12173#true} ~size := #in~size; {12173#true} is VALID [2022-02-20 23:52:48,058 INFO L290 TraceCheckUtils]: 13: Hoare triple {12173#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12218#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:48,058 INFO L290 TraceCheckUtils]: 14: Hoare triple {12218#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {12218#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:48,059 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {12218#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {12208#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))} #104#return; {12225#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select |#valid| |ULTIMATE.start_f19_#t~ret38#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:52:48,061 INFO L290 TraceCheckUtils]: 16: Hoare triple {12225#(and (= |ULTIMATE.start_probe_unsafe_19_~a#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_f19_~a#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= (select |#valid| |ULTIMATE.start_f19_#t~ret38#1.base|) (_ bv1 1)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,061 INFO L290 TraceCheckUtils]: 17: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,061 INFO L290 TraceCheckUtils]: 18: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,061 INFO L290 TraceCheckUtils]: 19: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,062 INFO L290 TraceCheckUtils]: 20: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,062 INFO L290 TraceCheckUtils]: 21: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,062 INFO L290 TraceCheckUtils]: 22: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,063 INFO L290 TraceCheckUtils]: 23: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} assume 0bv32 == probe_unsafe_19_#t~ret45#1;havoc probe_unsafe_19_#t~ret45#1; {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,063 INFO L272 TraceCheckUtils]: 24: Hoare triple {12229#(= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|)) (_ bv1 1))} call f19_undo(probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset); {12254#(= (select |#valid| (select (select |#memory_$Pointer$.base| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,064 INFO L290 TraceCheckUtils]: 25: Hoare triple {12254#(= (select |#valid| (select (select |#memory_$Pointer$.base| |f19_undo_#in~a.base|) |f19_undo_#in~a.offset|)) (_ bv1 1))} ~a.base, ~a.offset := #in~a.base, #in~a.offset; {12258#(= (select |#valid| (select (select |#memory_$Pointer$.base| f19_undo_~a.base) f19_undo_~a.offset)) (_ bv1 1))} is VALID [2022-02-20 23:52:48,064 INFO L290 TraceCheckUtils]: 26: Hoare triple {12258#(= (select |#valid| (select (select |#memory_$Pointer$.base| f19_undo_~a.base) f19_undo_~a.offset)) (_ bv1 1))} SUMMARY for call #t~mem40.base, #t~mem40.offset := read~$Pointer$(~a.base, ~a.offset, 4bv32); srcloc: L768 {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:48,064 INFO L290 TraceCheckUtils]: 27: Hoare triple {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} assume 0bv32 == #t~mem40.offset; {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:48,065 INFO L290 TraceCheckUtils]: 28: Hoare triple {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} assume ~bvult32(#t~mem40.base, #StackHeapBarrier); {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:48,065 INFO L290 TraceCheckUtils]: 29: Hoare triple {12262#(= (select |#valid| |f19_undo_#t~mem40.base|) (_ bv1 1))} assume !(0bv32 == #t~mem40.base || 1bv1 == #valid[#t~mem40.base]); {12174#false} is VALID [2022-02-20 23:52:48,065 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:52:48,065 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:48,065 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:48,065 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1513112776] [2022-02-20 23:52:48,065 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1513112776] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:48,065 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:48,065 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 23:52:48,065 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [589999603] [2022-02-20 23:52:48,065 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:48,066 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 30 [2022-02-20 23:52:48,066 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:48,066 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:48,093 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:48,094 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:52:48,094 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:48,094 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:52:48,094 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:52:48,094 INFO L87 Difference]: Start difference. First operand 81 states and 84 transitions. Second operand has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:49,160 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:49,160 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:49,160 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:52:49,160 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 30 [2022-02-20 23:52:49,160 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:49,160 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:49,161 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 80 transitions. [2022-02-20 23:52:49,162 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:49,162 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 80 transitions. [2022-02-20 23:52:49,162 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 80 transitions. [2022-02-20 23:52:49,235 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 80 edges. 80 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:49,235 INFO L225 Difference]: With dead ends: 85 [2022-02-20 23:52:49,236 INFO L226 Difference]: Without dead ends: 85 [2022-02-20 23:52:49,236 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=120, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:52:49,236 INFO L933 BasicCegarLoop]: 49 mSDtfsCounter, 56 mSDsluCounter, 206 mSDsCounter, 0 mSdLazyCounter, 190 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 255 SdHoareTripleChecker+Invalid, 192 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:49,236 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [59 Valid, 255 Invalid, 192 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 190 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:52:49,236 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-02-20 23:52:49,237 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 81. [2022-02-20 23:52:49,237 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:49,238 INFO L82 GeneralOperation]: Start isEquivalent. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:49,238 INFO L74 IsIncluded]: Start isIncluded. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:49,238 INFO L87 Difference]: Start difference. First operand 85 states. Second operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:49,239 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:49,239 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:49,239 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 87 transitions. [2022-02-20 23:52:49,239 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:49,239 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:49,239 INFO L74 IsIncluded]: Start isIncluded. First operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 85 states. [2022-02-20 23:52:49,239 INFO L87 Difference]: Start difference. First operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) Second operand 85 states. [2022-02-20 23:52:49,241 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:49,241 INFO L93 Difference]: Finished difference Result 85 states and 87 transitions. [2022-02-20 23:52:49,241 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 87 transitions. [2022-02-20 23:52:49,241 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:49,241 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:49,241 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:49,241 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:49,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 61 states have (on average 1.2131147540983607) internal successors, (74), 71 states have internal predecessors, (74), 4 states have call successors, (4), 4 states have call predecessors, (4), 5 states have return successors, (5), 5 states have call predecessors, (5), 4 states have call successors, (5) [2022-02-20 23:52:49,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 83 transitions. [2022-02-20 23:52:49,243 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 83 transitions. Word has length 30 [2022-02-20 23:52:49,243 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:49,243 INFO L470 AbstractCegarLoop]: Abstraction has 81 states and 83 transitions. [2022-02-20 23:52:49,243 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:49,243 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 83 transitions. [2022-02-20 23:52:49,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:52:49,243 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:49,243 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:49,252 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (31)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:49,450 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 31 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:49,450 INFO L402 AbstractCegarLoop]: === Iteration 26 === Targeting ULTIMATE.startErr17ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 20 more)] === [2022-02-20 23:52:49,451 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:49,451 INFO L85 PathProgramCache]: Analyzing trace with hash 1204444567, now seen corresponding path program 1 times [2022-02-20 23:52:49,451 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:49,451 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [993752861] [2022-02-20 23:52:49,451 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:49,451 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:49,451 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:49,460 INFO L229 MonitoredProcess]: Starting monitored process 32 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:49,466 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (32)] Waiting until timeout for monitored process [2022-02-20 23:52:49,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:49,548 INFO L263 TraceCheckSpWp]: Trace formula consists of 133 conjuncts, 28 conjunts are in the unsatisfiable core [2022-02-20 23:52:49,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:49,561 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:49,599 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:49,664 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:52:49,765 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 9 treesize of output 3 [2022-02-20 23:52:49,855 INFO L356 Elim1Store]: treesize reduction 33, result has 43.1 percent of original size [2022-02-20 23:52:49,855 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 24 treesize of output 37 [2022-02-20 23:52:49,897 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:49,898 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 23 treesize of output 22 [2022-02-20 23:52:50,044 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2022-02-20 23:52:50,073 INFO L290 TraceCheckUtils]: 0: Hoare triple {12615#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32); {12615#true} is VALID [2022-02-20 23:52:50,074 INFO L290 TraceCheckUtils]: 1: Hoare triple {12615#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret48#1, entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset, entry_point_~ret~1#1;call entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset := #Ultimate.allocOnStack(8bv32);assume { :begin_inline_probe_unsafe_19 } true;probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc probe_unsafe_19_#res#1;havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset, probe_unsafe_19_#t~ret44#1, probe_unsafe_19_#t~ret45#1, probe_unsafe_19_#t~mem46#1.base, probe_unsafe_19_#t~mem46#1.offset, probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset, probe_unsafe_19_~ret~0#1;probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset := probe_unsafe_19_#in~a#1.base, probe_unsafe_19_#in~a#1.offset;probe_unsafe_19_~ret~0#1 := 3bv32; {12623#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,074 INFO L272 TraceCheckUtils]: 2: Hoare triple {12623#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset := ldv_malloc(4bv32); {12615#true} is VALID [2022-02-20 23:52:50,074 INFO L290 TraceCheckUtils]: 3: Hoare triple {12615#true} ~size := #in~size; {12615#true} is VALID [2022-02-20 23:52:50,075 INFO L290 TraceCheckUtils]: 4: Hoare triple {12615#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12633#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:50,075 INFO L290 TraceCheckUtils]: 5: Hoare triple {12633#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {12633#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:50,076 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12633#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {12623#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #102#return; {12640#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,077 INFO L290 TraceCheckUtils]: 7: Hoare triple {12640#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (_ bv1 1) (select |#valid| |ULTIMATE.start_probe_unsafe_19_#t~ret42#1.base|)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset, probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L775-1 {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,077 INFO L290 TraceCheckUtils]: 8: Hoare triple {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc probe_unsafe_19_#t~ret42#1.base, probe_unsafe_19_#t~ret42#1.offset; {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,078 INFO L290 TraceCheckUtils]: 9: Hoare triple {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset := read~$Pointer$(probe_unsafe_19_~a#1.base, ~bvadd32(4bv32, probe_unsafe_19_~a#1.offset), 4bv32); srcloc: L776 {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,079 INFO L290 TraceCheckUtils]: 10: Hoare triple {12644#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_probe_unsafe_19_~a#1.offset|) (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_probe_unsafe_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_probe_unsafe_19_~a#1.offset|))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(probe_unsafe_19_#t~mem43#1.base == 0bv32 && probe_unsafe_19_#t~mem43#1.offset == 0bv32);havoc probe_unsafe_19_#t~mem43#1.base, probe_unsafe_19_#t~mem43#1.offset;assume { :begin_inline_f19 } true;f19_#in~a#1.base, f19_#in~a#1.offset := probe_unsafe_19_~a#1.base, probe_unsafe_19_~a#1.offset;havoc f19_#res#1;havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_#t~mem39#1.base, f19_#t~mem39#1.offset, f19_~a#1.base, f19_~a#1.offset;f19_~a#1.base, f19_~a#1.offset := f19_#in~a#1.base, f19_#in~a#1.offset; {12654#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,079 INFO L272 TraceCheckUtils]: 11: Hoare triple {12654#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} call f19_#t~ret38#1.base, f19_#t~ret38#1.offset := ldv_malloc(4bv32); {12658#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:50,080 INFO L290 TraceCheckUtils]: 12: Hoare triple {12658#(= |old(#valid)| |#valid|)} ~size := #in~size; {12658#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:50,080 INFO L290 TraceCheckUtils]: 13: Hoare triple {12658#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12665#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_549 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_549) |#valid|))))} is VALID [2022-02-20 23:52:50,081 INFO L290 TraceCheckUtils]: 14: Hoare triple {12665#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_549 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_549) |#valid|))))} assume true; {12665#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_549 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_549) |#valid|))))} is VALID [2022-02-20 23:52:50,083 INFO L284 TraceCheckUtils]: 15: Hoare quadruple {12665#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (bvneg (select |old(#valid)| |ldv_malloc_#res.base|)) (_ bv0 1)) (exists ((v_ArrVal_549 (_ BitVec 1))) (= (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_549) |#valid|))))} {12654#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} #104#return; {12654#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,084 INFO L290 TraceCheckUtils]: 16: Hoare triple {12654#(and (= |ULTIMATE.start_entry_point_~#a19~0#1.base| |ULTIMATE.start_f19_~a#1.base|) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| |ULTIMATE.start_f19_~a#1.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(f19_#t~ret38#1.base, f19_#t~ret38#1.offset, f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L762-1 {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,084 INFO L290 TraceCheckUtils]: 17: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} havoc f19_#t~ret38#1.base, f19_#t~ret38#1.offset; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,085 INFO L290 TraceCheckUtils]: 18: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} SUMMARY for call f19_#t~mem39#1.base, f19_#t~mem39#1.offset := read~$Pointer$(f19_~a#1.base, f19_~a#1.offset, 4bv32); srcloc: L763 {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,085 INFO L290 TraceCheckUtils]: 19: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume f19_#t~mem39#1.base != 0bv32 || f19_#t~mem39#1.offset != 0bv32;havoc f19_#t~mem39#1.base, f19_#t~mem39#1.offset;f19_#res#1 := 0bv32; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,086 INFO L290 TraceCheckUtils]: 20: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret44#1 := f19_#res#1;assume { :end_inline_f19 } true;probe_unsafe_19_~ret~0#1 := probe_unsafe_19_#t~ret44#1;havoc probe_unsafe_19_#t~ret44#1; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,086 INFO L290 TraceCheckUtils]: 21: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 != probe_unsafe_19_~ret~0#1);assume { :begin_inline_g19 } true;havoc g19_#res#1;havoc g19_#t~nondet41#1;g19_#res#1 := g19_#t~nondet41#1;havoc g19_#t~nondet41#1; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,087 INFO L290 TraceCheckUtils]: 22: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} probe_unsafe_19_#t~ret45#1 := g19_#res#1;assume { :end_inline_g19 } true; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,087 INFO L290 TraceCheckUtils]: 23: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume !(0bv32 == probe_unsafe_19_#t~ret45#1);havoc probe_unsafe_19_#t~ret45#1;probe_unsafe_19_#res#1 := 0bv32; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,087 INFO L290 TraceCheckUtils]: 24: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} entry_point_#t~ret48#1 := probe_unsafe_19_#res#1;assume { :end_inline_probe_unsafe_19 } true;entry_point_~ret~1#1 := entry_point_#t~ret48#1;havoc entry_point_#t~ret48#1; {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,088 INFO L290 TraceCheckUtils]: 25: Hoare triple {12675#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_entry_point_~#a19~0#1.base|) (bvadd |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv4 32)))) (_ bv1 1)) (= |ULTIMATE.start_entry_point_~#a19~0#1.offset| (_ bv0 32)))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_19 } true;disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset := entry_point_~#a19~0#1.base, entry_point_~#a19~0#1.offset;havoc disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset, disconnect_19_~a#1.base, disconnect_19_~a#1.offset;disconnect_19_~a#1.base, disconnect_19_~a#1.offset := disconnect_19_#in~a#1.base, disconnect_19_#in~a#1.offset; {12703#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)))) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:50,088 INFO L290 TraceCheckUtils]: 26: Hoare triple {12703#(and (= (_ bv1 1) (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_disconnect_19_~a#1.base|) (bvadd (_ bv4 32) |ULTIMATE.start_disconnect_19_~a#1.offset|)))) (= |ULTIMATE.start_disconnect_19_~a#1.offset| (_ bv0 32)))} SUMMARY for call disconnect_19_#t~mem47#1.base, disconnect_19_#t~mem47#1.offset := read~$Pointer$(disconnect_19_~a#1.base, ~bvadd32(4bv32, disconnect_19_~a#1.offset), 4bv32); srcloc: L793 {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:50,089 INFO L290 TraceCheckUtils]: 27: Hoare triple {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} assume 0bv32 == disconnect_19_#t~mem47#1.offset; {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:50,089 INFO L290 TraceCheckUtils]: 28: Hoare triple {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} assume ~bvult32(disconnect_19_#t~mem47#1.base, #StackHeapBarrier); {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:50,089 INFO L290 TraceCheckUtils]: 29: Hoare triple {12707#(= (select |#valid| |ULTIMATE.start_disconnect_19_#t~mem47#1.base|) (_ bv1 1))} assume !(0bv32 == disconnect_19_#t~mem47#1.base || 1bv1 == #valid[disconnect_19_#t~mem47#1.base]); {12616#false} is VALID [2022-02-20 23:52:50,089 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:50,090 INFO L328 TraceCheckSpWp]: Computing backward predicates...