./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b04cfdc033f25419ae30b8c067b1e8de34cd963e91f12bceeafd05a3d125e0b7 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:52:29,647 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:52:29,649 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:52:29,678 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:52:29,679 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:52:29,682 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:52:29,683 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:52:29,685 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:52:29,687 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:52:29,687 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:52:29,688 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:52:29,690 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:52:29,690 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:52:29,693 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:52:29,694 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:52:29,696 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:52:29,697 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:52:29,701 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:52:29,702 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:52:29,705 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:52:29,707 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:52:29,709 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:52:29,710 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:52:29,711 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:52:29,712 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:52:29,713 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:52:29,713 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:52:29,714 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:52:29,715 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:52:29,715 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:52:29,716 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:52:29,717 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:52:29,717 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:52:29,718 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:52:29,719 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:52:29,720 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:52:29,720 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:52:29,720 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:52:29,720 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:52:29,721 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:52:29,721 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:52:29,722 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:52:29,740 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:52:29,741 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:52:29,741 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:52:29,741 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:52:29,742 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:52:29,742 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:52:29,743 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:52:29,743 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:52:29,743 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:52:29,743 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:52:29,744 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:52:29,744 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:52:29,744 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:52:29,744 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:52:29,745 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:52:29,746 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:52:29,746 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:52:29,746 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:52:29,746 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:52:29,746 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:52:29,746 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:52:29,746 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:52:29,747 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:52:29,747 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:52:29,747 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b04cfdc033f25419ae30b8c067b1e8de34cd963e91f12bceeafd05a3d125e0b7 [2022-02-20 23:52:29,921 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:52:29,938 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:52:29,940 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:52:29,941 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:52:29,942 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:52:29,943 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i [2022-02-20 23:52:29,985 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/42770226d/e16d12ce48284e2aa9cf59f17f7104a5/FLAGa9c8f4f9d [2022-02-20 23:52:30,346 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:52:30,346 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i [2022-02-20 23:52:30,359 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/42770226d/e16d12ce48284e2aa9cf59f17f7104a5/FLAGa9c8f4f9d [2022-02-20 23:52:30,736 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/42770226d/e16d12ce48284e2aa9cf59f17f7104a5 [2022-02-20 23:52:30,738 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:52:30,739 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:52:30,751 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:52:30,751 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:52:30,754 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:52:30,755 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:52:30" (1/1) ... [2022-02-20 23:52:30,756 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@52dc19fa and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:30, skipping insertion in model container [2022-02-20 23:52:30,756 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:52:30" (1/1) ... [2022-02-20 23:52:30,760 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:52:30,800 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:52:31,118 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:52:31,135 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-02-20 23:52:31,137 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@3c3ba2ad and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:31, skipping insertion in model container [2022-02-20 23:52:31,138 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:52:31,138 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-02-20 23:52:31,140 INFO L158 Benchmark]: Toolchain (without parser) took 400.30ms. Allocated memory is still 130.0MB. Free memory was 92.5MB in the beginning and 98.4MB in the end (delta: -5.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 23:52:31,141 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 130.0MB. Free memory is still 111.1MB. There was no memory consumed. Max. memory is 16.1GB. [2022-02-20 23:52:31,141 INFO L158 Benchmark]: CACSL2BoogieTranslator took 387.00ms. Allocated memory is still 130.0MB. Free memory was 92.3MB in the beginning and 98.4MB in the end (delta: -6.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-02-20 23:52:31,143 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - AssertionsEnabledResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 130.0MB. Free memory is still 111.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 387.00ms. Allocated memory is still 130.0MB. Free memory was 92.3MB in the beginning and 98.4MB in the end (delta: -6.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types where the value type is smaller than the cast-to type while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b04cfdc033f25419ae30b8c067b1e8de34cd963e91f12bceeafd05a3d125e0b7 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:52:32,571 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:52:32,574 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:52:32,604 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:52:32,605 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:52:32,607 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:52:32,609 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:52:32,613 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:52:32,615 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:52:32,618 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:52:32,619 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:52:32,621 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:52:32,621 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:52:32,623 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:52:32,624 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:52:32,628 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:52:32,629 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:52:32,630 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:52:32,632 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:52:32,636 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:52:32,638 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:52:32,639 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:52:32,639 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:52:32,641 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:52:32,646 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:52:32,646 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:52:32,646 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:52:32,647 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:52:32,648 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:52:32,648 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:52:32,649 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:52:32,649 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:52:32,650 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:52:32,651 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:52:32,652 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:52:32,652 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:52:32,653 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:52:32,653 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:52:32,653 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:52:32,654 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:52:32,655 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:52:32,658 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-02-20 23:52:32,686 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:52:32,687 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:52:32,687 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:52:32,688 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:52:32,688 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:52:32,688 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:52:32,689 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:52:32,690 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:52:32,690 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:52:32,690 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:52:32,691 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-02-20 23:52:32,692 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-02-20 23:52:32,693 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:52:32,693 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:52:32,693 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:52:32,693 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:52:32,693 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:52:32,700 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:52:32,700 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:52:32,700 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:52:32,701 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-02-20 23:52:32,701 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-02-20 23:52:32,701 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-02-20 23:52:32,701 INFO L138 SettingsManager]: * Logic for external solver=AUFBV WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b04cfdc033f25419ae30b8c067b1e8de34cd963e91f12bceeafd05a3d125e0b7 [2022-02-20 23:52:32,973 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:52:32,994 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:52:32,996 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:52:32,996 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:52:32,997 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:52:32,998 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i [2022-02-20 23:52:33,045 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f3315ccc3/0e1f688724b64b02a7cdef5392fbd2e3/FLAG458a66e5d [2022-02-20 23:52:33,412 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:52:33,412 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/ldv-memsafety/memleaks_test23_3.i [2022-02-20 23:52:33,424 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f3315ccc3/0e1f688724b64b02a7cdef5392fbd2e3/FLAG458a66e5d [2022-02-20 23:52:33,801 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f3315ccc3/0e1f688724b64b02a7cdef5392fbd2e3 [2022-02-20 23:52:33,803 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:52:33,804 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:52:33,805 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:52:33,805 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:52:33,809 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:52:33,810 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:52:33" (1/1) ... [2022-02-20 23:52:33,811 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6164f6e3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:33, skipping insertion in model container [2022-02-20 23:52:33,811 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:52:33" (1/1) ... [2022-02-20 23:52:33,816 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:52:33,839 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:52:34,184 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:52:34,201 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-02-20 23:52:34,213 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:52:34,285 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:52:34,291 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:52:34,366 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:52:34,395 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:52:34,396 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34 WrapperNode [2022-02-20 23:52:34,396 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:52:34,397 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:52:34,397 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:52:34,398 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:52:34,402 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,422 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,464 INFO L137 Inliner]: procedures = 174, calls = 117, calls flagged for inlining = 29, calls inlined = 14, statements flattened = 187 [2022-02-20 23:52:34,469 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:52:34,470 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:52:34,470 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:52:34,470 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:52:34,476 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,476 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,484 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,488 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,498 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,516 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,519 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,522 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:52:34,523 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:52:34,523 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:52:34,523 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:52:34,524 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (1/1) ... [2022-02-20 23:52:34,528 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:52:34,536 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:52:34,546 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:52:34,547 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:52:34,587 INFO L130 BoogieDeclarations]: Found specification of procedure read~intINTTYPE4 [2022-02-20 23:52:34,587 INFO L130 BoogieDeclarations]: Found specification of procedure LDV_INIT_LIST_HEAD [2022-02-20 23:52:34,587 INFO L138 BoogieDeclarations]: Found implementation of procedure LDV_INIT_LIST_HEAD [2022-02-20 23:52:34,587 INFO L130 BoogieDeclarations]: Found specification of procedure __ldv_list_add [2022-02-20 23:52:34,587 INFO L138 BoogieDeclarations]: Found implementation of procedure __ldv_list_add [2022-02-20 23:52:34,587 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-02-20 23:52:34,587 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-02-20 23:52:34,588 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:52:34,589 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:52:34,589 INFO L130 BoogieDeclarations]: Found specification of procedure free_reports [2022-02-20 23:52:34,589 INFO L138 BoogieDeclarations]: Found implementation of procedure free_reports [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure write~intINTTYPE4 [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_list_del [2022-02-20 23:52:34,590 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_list_del [2022-02-20 23:52:34,590 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_zalloc [2022-02-20 23:52:34,591 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_zalloc [2022-02-20 23:52:34,591 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:52:34,591 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:52:34,779 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:52:34,780 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:52:35,426 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:52:35,436 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:52:35,437 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-02-20 23:52:35,439 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:52:35 BoogieIcfgContainer [2022-02-20 23:52:35,440 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:52:35,441 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:52:35,441 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:52:35,444 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:52:35,444 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:52:33" (1/3) ... [2022-02-20 23:52:35,445 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2f84c3f0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:52:35, skipping insertion in model container [2022-02-20 23:52:35,445 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:52:34" (2/3) ... [2022-02-20 23:52:35,445 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2f84c3f0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:52:35, skipping insertion in model container [2022-02-20 23:52:35,445 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:52:35" (3/3) ... [2022-02-20 23:52:35,447 INFO L111 eAbstractionObserver]: Analyzing ICFG memleaks_test23_3.i [2022-02-20 23:52:35,452 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:52:35,453 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 76 error locations. [2022-02-20 23:52:35,492 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:52:35,497 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:52:35,497 INFO L340 AbstractCegarLoop]: Starting to check reachability of 76 error locations. [2022-02-20 23:52:35,514 INFO L276 IsEmpty]: Start isEmpty. Operand has 199 states, 108 states have (on average 1.8425925925925926) internal successors, (199), 184 states have internal predecessors, (199), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:35,520 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-02-20 23:52:35,521 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:35,521 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:35,522 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:35,527 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:35,527 INFO L85 PathProgramCache]: Analyzing trace with hash 1617164409, now seen corresponding path program 1 times [2022-02-20 23:52:35,535 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:35,536 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1710580386] [2022-02-20 23:52:35,536 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:35,537 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:35,537 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:35,539 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:35,581 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-02-20 23:52:35,632 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:35,635 INFO L263 TraceCheckSpWp]: Trace formula consists of 61 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:52:35,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:35,650 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:35,710 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:35,770 INFO L290 TraceCheckUtils]: 0: Hoare triple {202#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {202#true} is VALID [2022-02-20 23:52:35,771 INFO L290 TraceCheckUtils]: 1: Hoare triple {202#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {202#true} is VALID [2022-02-20 23:52:35,771 INFO L272 TraceCheckUtils]: 2: Hoare triple {202#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {202#true} is VALID [2022-02-20 23:52:35,771 INFO L290 TraceCheckUtils]: 3: Hoare triple {202#true} ~size := #in~size; {202#true} is VALID [2022-02-20 23:52:35,772 INFO L290 TraceCheckUtils]: 4: Hoare triple {202#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {219#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:35,773 INFO L290 TraceCheckUtils]: 5: Hoare triple {219#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} assume true; {219#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} is VALID [2022-02-20 23:52:35,774 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {219#(= (_ bv1 1) (select |#valid| |ldv_malloc_#res.base|))} {202#true} #276#return; {226#(= (select |#valid| |ULTIMATE.start_probe_23_#t~ret59#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:35,774 INFO L290 TraceCheckUtils]: 7: Hoare triple {226#(= (select |#valid| |ULTIMATE.start_probe_23_#t~ret59#1.base|) (_ bv1 1))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {230#(= (select |#valid| |ULTIMATE.start_probe_23_~p~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:35,775 INFO L290 TraceCheckUtils]: 8: Hoare triple {230#(= (select |#valid| |ULTIMATE.start_probe_23_~p~1#1.base|) (_ bv1 1))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {230#(= (select |#valid| |ULTIMATE.start_probe_23_~p~1#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:35,776 INFO L272 TraceCheckUtils]: 9: Hoare triple {230#(= (select |#valid| |ULTIMATE.start_probe_23_~p~1#1.base|) (_ bv1 1))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {237#(= (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:35,776 INFO L290 TraceCheckUtils]: 10: Hoare triple {237#(= (select |#valid| |LDV_INIT_LIST_HEAD_#in~list.base|) (_ bv1 1))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {241#(= (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1))} is VALID [2022-02-20 23:52:35,777 INFO L290 TraceCheckUtils]: 11: Hoare triple {241#(= (select |#valid| LDV_INIT_LIST_HEAD_~list.base) (_ bv1 1))} assume !(1bv1 == #valid[~list.base]); {203#false} is VALID [2022-02-20 23:52:35,777 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:35,778 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:35,778 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:35,778 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1710580386] [2022-02-20 23:52:35,779 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1710580386] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:35,779 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:35,779 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:52:35,780 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [710984926] [2022-02-20 23:52:35,781 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:35,784 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:35,785 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:35,788 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:35,800 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:35,800 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:52:35,800 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:35,813 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:52:35,814 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:35,816 INFO L87 Difference]: Start difference. First operand has 199 states, 108 states have (on average 1.8425925925925926) internal successors, (199), 184 states have internal predecessors, (199), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Second operand has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:38,069 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,069 INFO L93 Difference]: Finished difference Result 226 states and 243 transitions. [2022-02-20 23:52:38,070 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:52:38,070 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:38,070 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:38,071 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:38,079 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 248 transitions. [2022-02-20 23:52:38,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:38,085 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 248 transitions. [2022-02-20 23:52:38,085 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 248 transitions. [2022-02-20 23:52:38,291 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 248 edges. 248 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:38,303 INFO L225 Difference]: With dead ends: 226 [2022-02-20 23:52:38,303 INFO L226 Difference]: Without dead ends: 222 [2022-02-20 23:52:38,304 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:52:38,306 INFO L933 BasicCegarLoop]: 199 mSDtfsCounter, 28 mSDsluCounter, 626 mSDsCounter, 0 mSdLazyCounter, 459 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 29 SdHoareTripleChecker+Valid, 825 SdHoareTripleChecker+Invalid, 463 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 459 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:38,307 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [29 Valid, 825 Invalid, 463 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 459 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-02-20 23:52:38,318 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 222 states. [2022-02-20 23:52:38,331 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 222 to 206. [2022-02-20 23:52:38,332 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:38,333 INFO L82 GeneralOperation]: Start isEquivalent. First operand 222 states. Second operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:38,334 INFO L74 IsIncluded]: Start isIncluded. First operand 222 states. Second operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:38,335 INFO L87 Difference]: Start difference. First operand 222 states. Second operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:38,344 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,344 INFO L93 Difference]: Finished difference Result 222 states and 239 transitions. [2022-02-20 23:52:38,344 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 239 transitions. [2022-02-20 23:52:38,346 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,346 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,347 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) Second operand 222 states. [2022-02-20 23:52:38,347 INFO L87 Difference]: Start difference. First operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) Second operand 222 states. [2022-02-20 23:52:38,355 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:38,356 INFO L93 Difference]: Finished difference Result 222 states and 239 transitions. [2022-02-20 23:52:38,356 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 239 transitions. [2022-02-20 23:52:38,357 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:38,357 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:38,358 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:38,358 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:38,358 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 114 states have (on average 1.7894736842105263) internal successors, (204), 189 states have internal predecessors, (204), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:38,364 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 223 transitions. [2022-02-20 23:52:38,365 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 223 transitions. Word has length 12 [2022-02-20 23:52:38,365 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:38,365 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 223 transitions. [2022-02-20 23:52:38,366 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 1.5) internal successors, (9), 5 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:38,366 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 223 transitions. [2022-02-20 23:52:38,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-02-20 23:52:38,366 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:38,367 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:38,376 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:38,576 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:38,577 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting LDV_INIT_LIST_HEADErr1REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:38,577 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:38,577 INFO L85 PathProgramCache]: Analyzing trace with hash 1617164410, now seen corresponding path program 1 times [2022-02-20 23:52:38,578 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:38,578 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1074222290] [2022-02-20 23:52:38,578 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:38,578 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:38,578 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:38,590 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:38,596 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-02-20 23:52:38,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:38,664 INFO L263 TraceCheckSpWp]: Trace formula consists of 61 conjuncts, 14 conjunts are in the unsatisfiable core [2022-02-20 23:52:38,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:38,676 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:38,701 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:38,806 INFO L290 TraceCheckUtils]: 0: Hoare triple {1122#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {1122#true} is VALID [2022-02-20 23:52:38,806 INFO L290 TraceCheckUtils]: 1: Hoare triple {1122#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {1122#true} is VALID [2022-02-20 23:52:38,806 INFO L272 TraceCheckUtils]: 2: Hoare triple {1122#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {1122#true} is VALID [2022-02-20 23:52:38,807 INFO L290 TraceCheckUtils]: 3: Hoare triple {1122#true} ~size := #in~size; {1136#(= ldv_malloc_~size |ldv_malloc_#in~size|)} is VALID [2022-02-20 23:52:38,808 INFO L290 TraceCheckUtils]: 4: Hoare triple {1136#(= ldv_malloc_~size |ldv_malloc_#in~size|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {1140#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:38,808 INFO L290 TraceCheckUtils]: 5: Hoare triple {1140#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} assume true; {1140#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:38,817 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {1140#(and (= (select |#length| |ldv_malloc_#res.base|) |ldv_malloc_#in~size|) (= |ldv_malloc_#res.offset| (_ bv0 32)))} {1122#true} #276#return; {1147#(and (= |ULTIMATE.start_probe_23_#t~ret59#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_probe_23_#t~ret59#1.base|) (_ bv1036 32)))} is VALID [2022-02-20 23:52:38,818 INFO L290 TraceCheckUtils]: 7: Hoare triple {1147#(and (= |ULTIMATE.start_probe_23_#t~ret59#1.offset| (_ bv0 32)) (= (select |#length| |ULTIMATE.start_probe_23_#t~ret59#1.base|) (_ bv1036 32)))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {1151#(and (= (_ bv1036 32) (select |#length| |ULTIMATE.start_probe_23_~p~1#1.base|)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:38,818 INFO L290 TraceCheckUtils]: 8: Hoare triple {1151#(and (= (_ bv1036 32) (select |#length| |ULTIMATE.start_probe_23_~p~1#1.base|)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {1151#(and (= (_ bv1036 32) (select |#length| |ULTIMATE.start_probe_23_~p~1#1.base|)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:38,819 INFO L272 TraceCheckUtils]: 9: Hoare triple {1151#(and (= (_ bv1036 32) (select |#length| |ULTIMATE.start_probe_23_~p~1#1.base|)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {1158#(and (= (_ bv1036 32) (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|)) (= (_ bv0 32) (bvadd (_ bv4294967292 32) |LDV_INIT_LIST_HEAD_#in~list.offset|)))} is VALID [2022-02-20 23:52:38,819 INFO L290 TraceCheckUtils]: 10: Hoare triple {1158#(and (= (_ bv1036 32) (select |#length| |LDV_INIT_LIST_HEAD_#in~list.base|)) (= (_ bv0 32) (bvadd (_ bv4294967292 32) |LDV_INIT_LIST_HEAD_#in~list.offset|)))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {1162#(and (= (_ bv0 32) (bvadd (_ bv4294967292 32) LDV_INIT_LIST_HEAD_~list.offset)) (= (_ bv1036 32) (select |#length| LDV_INIT_LIST_HEAD_~list.base)))} is VALID [2022-02-20 23:52:38,820 INFO L290 TraceCheckUtils]: 11: Hoare triple {1162#(and (= (_ bv0 32) (bvadd (_ bv4294967292 32) LDV_INIT_LIST_HEAD_~list.offset)) (= (_ bv1036 32) (select |#length| LDV_INIT_LIST_HEAD_~list.base)))} assume !((~bvule32(~bvadd32(4bv32, ~list.offset), #length[~list.base]) && ~bvule32(~list.offset, ~bvadd32(4bv32, ~list.offset))) && ~bvule32(0bv32, ~list.offset)); {1123#false} is VALID [2022-02-20 23:52:38,820 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:38,820 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:38,820 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:38,821 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1074222290] [2022-02-20 23:52:38,821 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1074222290] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:38,821 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:38,821 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:52:38,821 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1545061115] [2022-02-20 23:52:38,821 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:38,822 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:38,823 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:38,823 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:38,833 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:38,834 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:52:38,834 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:38,834 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:52:38,835 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:52:38,835 INFO L87 Difference]: Start difference. First operand 206 states and 223 transitions. Second operand has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:41,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:41,601 INFO L93 Difference]: Finished difference Result 231 states and 247 transitions. [2022-02-20 23:52:41,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:52:41,601 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:41,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:41,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:41,605 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 249 transitions. [2022-02-20 23:52:41,606 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:41,610 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 249 transitions. [2022-02-20 23:52:41,610 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 249 transitions. [2022-02-20 23:52:41,847 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 249 edges. 249 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:41,850 INFO L225 Difference]: With dead ends: 231 [2022-02-20 23:52:41,850 INFO L226 Difference]: Without dead ends: 231 [2022-02-20 23:52:41,850 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:52:41,851 INFO L933 BasicCegarLoop]: 196 mSDtfsCounter, 35 mSDsluCounter, 875 mSDsCounter, 0 mSdLazyCounter, 406 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 1071 SdHoareTripleChecker+Invalid, 407 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 406 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:41,852 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 1071 Invalid, 407 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 406 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-02-20 23:52:41,852 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2022-02-20 23:52:41,858 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 206. [2022-02-20 23:52:41,858 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:41,858 INFO L82 GeneralOperation]: Start isEquivalent. First operand 231 states. Second operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:41,859 INFO L74 IsIncluded]: Start isIncluded. First operand 231 states. Second operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:41,859 INFO L87 Difference]: Start difference. First operand 231 states. Second operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:41,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:41,868 INFO L93 Difference]: Finished difference Result 231 states and 247 transitions. [2022-02-20 23:52:41,869 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 247 transitions. [2022-02-20 23:52:41,870 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:41,870 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:41,871 INFO L74 IsIncluded]: Start isIncluded. First operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) Second operand 231 states. [2022-02-20 23:52:41,871 INFO L87 Difference]: Start difference. First operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) Second operand 231 states. [2022-02-20 23:52:41,880 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:41,880 INFO L93 Difference]: Finished difference Result 231 states and 247 transitions. [2022-02-20 23:52:41,880 INFO L276 IsEmpty]: Start isEmpty. Operand 231 states and 247 transitions. [2022-02-20 23:52:41,881 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:41,881 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:41,882 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:41,882 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:41,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 206 states, 114 states have (on average 1.7719298245614035) internal successors, (202), 189 states have internal predecessors, (202), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (10), 9 states have call predecessors, (10), 9 states have call successors, (10) [2022-02-20 23:52:41,890 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 206 states to 206 states and 221 transitions. [2022-02-20 23:52:41,893 INFO L78 Accepts]: Start accepts. Automaton has 206 states and 221 transitions. Word has length 12 [2022-02-20 23:52:41,894 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:41,894 INFO L470 AbstractCegarLoop]: Abstraction has 206 states and 221 transitions. [2022-02-20 23:52:41,894 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 1.2857142857142858) internal successors, (9), 6 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:41,894 INFO L276 IsEmpty]: Start isEmpty. Operand 206 states and 221 transitions. [2022-02-20 23:52:41,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-02-20 23:52:41,895 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:41,895 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:41,903 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (3)] Ended with exit code 0 [2022-02-20 23:52:42,101 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:42,103 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting LDV_INIT_LIST_HEADErr0REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:42,103 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:42,104 INFO L85 PathProgramCache]: Analyzing trace with hash -934992552, now seen corresponding path program 1 times [2022-02-20 23:52:42,104 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:42,104 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [708129225] [2022-02-20 23:52:42,104 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:42,104 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:42,104 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:42,105 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:42,106 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-02-20 23:52:42,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:42,155 INFO L263 TraceCheckSpWp]: Trace formula consists of 55 conjuncts, 7 conjunts are in the unsatisfiable core [2022-02-20 23:52:42,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:42,166 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:42,232 INFO L290 TraceCheckUtils]: 0: Hoare triple {2068#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {2068#true} is VALID [2022-02-20 23:52:42,232 INFO L290 TraceCheckUtils]: 1: Hoare triple {2068#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {2068#true} is VALID [2022-02-20 23:52:42,233 INFO L272 TraceCheckUtils]: 2: Hoare triple {2068#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {2068#true} is VALID [2022-02-20 23:52:42,233 INFO L290 TraceCheckUtils]: 3: Hoare triple {2068#true} ~size := #in~size; {2068#true} is VALID [2022-02-20 23:52:42,233 INFO L290 TraceCheckUtils]: 4: Hoare triple {2068#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {2085#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:42,234 INFO L290 TraceCheckUtils]: 5: Hoare triple {2085#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {2085#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:42,235 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2085#(and (= |ldv_malloc_#res.offset| (_ bv0 32)) (= |ldv_malloc_#res.base| (_ bv0 32)))} {2068#true} #276#return; {2092#(and (= |ULTIMATE.start_probe_23_#t~ret59#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_23_#t~ret59#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:42,235 INFO L290 TraceCheckUtils]: 7: Hoare triple {2092#(and (= |ULTIMATE.start_probe_23_#t~ret59#1.offset| (_ bv0 32)) (= |ULTIMATE.start_probe_23_#t~ret59#1.base| (_ bv0 32)))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {2096#(and (= |ULTIMATE.start_probe_23_~p~1#1.base| (_ bv0 32)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:42,236 INFO L290 TraceCheckUtils]: 8: Hoare triple {2096#(and (= |ULTIMATE.start_probe_23_~p~1#1.base| (_ bv0 32)) (= |ULTIMATE.start_probe_23_~p~1#1.offset| (_ bv0 32)))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {2069#false} is VALID [2022-02-20 23:52:42,236 INFO L272 TraceCheckUtils]: 9: Hoare triple {2069#false} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {2069#false} is VALID [2022-02-20 23:52:42,236 INFO L290 TraceCheckUtils]: 10: Hoare triple {2069#false} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {2069#false} is VALID [2022-02-20 23:52:42,236 INFO L290 TraceCheckUtils]: 11: Hoare triple {2069#false} assume !(1bv1 == #valid[~list.base]); {2069#false} is VALID [2022-02-20 23:52:42,236 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:42,236 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:42,237 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:42,237 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [708129225] [2022-02-20 23:52:42,237 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [708129225] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:42,237 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:42,237 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:42,237 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [178384527] [2022-02-20 23:52:42,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:42,238 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:42,238 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:42,238 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:42,248 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:42,249 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:52:42,249 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:42,249 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:52:42,249 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:42,250 INFO L87 Difference]: Start difference. First operand 206 states and 221 transitions. Second operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:43,150 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:43,150 INFO L93 Difference]: Finished difference Result 218 states and 233 transitions. [2022-02-20 23:52:43,150 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:52:43,150 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:43,150 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:43,151 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:43,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 234 transitions. [2022-02-20 23:52:43,153 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:43,155 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 234 transitions. [2022-02-20 23:52:43,156 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 234 transitions. [2022-02-20 23:52:43,350 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 234 edges. 234 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:43,353 INFO L225 Difference]: With dead ends: 218 [2022-02-20 23:52:43,353 INFO L226 Difference]: Without dead ends: 218 [2022-02-20 23:52:43,353 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:43,354 INFO L933 BasicCegarLoop]: 210 mSDtfsCounter, 20 mSDsluCounter, 612 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 822 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:43,354 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [21 Valid, 822 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:52:43,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2022-02-20 23:52:43,359 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 197. [2022-02-20 23:52:43,360 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:43,360 INFO L82 GeneralOperation]: Start isEquivalent. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:43,360 INFO L74 IsIncluded]: Start isIncluded. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:43,361 INFO L87 Difference]: Start difference. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:43,365 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:43,365 INFO L93 Difference]: Finished difference Result 218 states and 233 transitions. [2022-02-20 23:52:43,365 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 233 transitions. [2022-02-20 23:52:43,366 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:43,366 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:43,367 INFO L74 IsIncluded]: Start isIncluded. First operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 218 states. [2022-02-20 23:52:43,367 INFO L87 Difference]: Start difference. First operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 218 states. [2022-02-20 23:52:43,371 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:43,372 INFO L93 Difference]: Finished difference Result 218 states and 233 transitions. [2022-02-20 23:52:43,372 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 233 transitions. [2022-02-20 23:52:43,372 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:43,372 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:43,372 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:43,373 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:43,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 197 states, 110 states have (on average 1.7636363636363637) internal successors, (194), 181 states have internal predecessors, (194), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:43,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 197 states to 197 states and 211 transitions. [2022-02-20 23:52:43,377 INFO L78 Accepts]: Start accepts. Automaton has 197 states and 211 transitions. Word has length 12 [2022-02-20 23:52:43,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:43,377 INFO L470 AbstractCegarLoop]: Abstraction has 197 states and 211 transitions. [2022-02-20 23:52:43,377 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:43,378 INFO L276 IsEmpty]: Start isEmpty. Operand 197 states and 211 transitions. [2022-02-20 23:52:43,378 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-02-20 23:52:43,378 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:43,378 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:43,386 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (4)] Ended with exit code 0 [2022-02-20 23:52:43,584 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:43,584 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:43,585 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:43,585 INFO L85 PathProgramCache]: Analyzing trace with hash 1617078937, now seen corresponding path program 1 times [2022-02-20 23:52:43,585 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:43,585 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [447280450] [2022-02-20 23:52:43,585 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:43,585 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:43,586 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:43,586 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:43,588 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-02-20 23:52:43,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:43,634 INFO L263 TraceCheckSpWp]: Trace formula consists of 63 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:52:43,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:43,641 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:43,681 INFO L290 TraceCheckUtils]: 0: Hoare triple {2959#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {2959#true} is VALID [2022-02-20 23:52:43,681 INFO L290 TraceCheckUtils]: 1: Hoare triple {2959#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {2959#true} is VALID [2022-02-20 23:52:43,681 INFO L272 TraceCheckUtils]: 2: Hoare triple {2959#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {2959#true} is VALID [2022-02-20 23:52:43,681 INFO L290 TraceCheckUtils]: 3: Hoare triple {2959#true} ~size := #in~size; {2959#true} is VALID [2022-02-20 23:52:43,682 INFO L290 TraceCheckUtils]: 4: Hoare triple {2959#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {2976#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,682 INFO L290 TraceCheckUtils]: 5: Hoare triple {2976#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} assume true; {2976#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,683 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {2976#(not (= |ldv_malloc_#res.base| (_ bv0 32)))} {2959#true} #276#return; {2983#(not (= |ULTIMATE.start_probe_23_#t~ret59#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,684 INFO L290 TraceCheckUtils]: 7: Hoare triple {2983#(not (= |ULTIMATE.start_probe_23_#t~ret59#1.base| (_ bv0 32)))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {2987#(not (= |ULTIMATE.start_probe_23_~p~1#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:52:43,684 INFO L290 TraceCheckUtils]: 8: Hoare triple {2987#(not (= |ULTIMATE.start_probe_23_~p~1#1.base| (_ bv0 32)))} assume probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32;probe_23_#res#1 := probe_23_~ret~0#1; {2960#false} is VALID [2022-02-20 23:52:43,684 INFO L290 TraceCheckUtils]: 9: Hoare triple {2960#false} entry_point_#t~ret61#1 := probe_23_#res#1;assume { :end_inline_probe_23 } true;entry_point_~ret~1#1 := entry_point_#t~ret61#1;havoc entry_point_#t~ret61#1; {2960#false} is VALID [2022-02-20 23:52:43,684 INFO L290 TraceCheckUtils]: 10: Hoare triple {2960#false} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_23 } true;disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset := disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset;assume { :begin_inline_disconnect_device } true;disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset := disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;havoc disconnect_device_#t~mem57#1.base, disconnect_device_#t~mem57#1.offset, disconnect_device_#t~mem58#1.base, disconnect_device_#t~mem58#1.offset, disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset;disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset := disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset; {2960#false} is VALID [2022-02-20 23:52:43,685 INFO L290 TraceCheckUtils]: 11: Hoare triple {2960#false} assume !(1bv1 == #valid[disconnect_device_~dev#1.base]); {2960#false} is VALID [2022-02-20 23:52:43,685 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:43,685 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:43,685 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:43,685 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [447280450] [2022-02-20 23:52:43,685 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [447280450] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:43,685 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:43,685 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:43,685 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [331723145] [2022-02-20 23:52:43,685 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:43,686 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:43,686 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:43,686 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:43,705 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:43,705 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:52:43,706 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:43,706 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:52:43,706 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:43,706 INFO L87 Difference]: Start difference. First operand 197 states and 211 transitions. Second operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:44,506 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:44,506 INFO L93 Difference]: Finished difference Result 218 states and 232 transitions. [2022-02-20 23:52:44,506 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:52:44,507 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:44,507 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:44,507 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:44,509 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 233 transitions. [2022-02-20 23:52:44,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:44,511 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 233 transitions. [2022-02-20 23:52:44,511 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 233 transitions. [2022-02-20 23:52:44,700 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 233 edges. 233 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:44,703 INFO L225 Difference]: With dead ends: 218 [2022-02-20 23:52:44,703 INFO L226 Difference]: Without dead ends: 218 [2022-02-20 23:52:44,703 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:44,704 INFO L933 BasicCegarLoop]: 222 mSDtfsCounter, 123 mSDsluCounter, 538 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 129 SdHoareTripleChecker+Valid, 760 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:44,704 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [129 Valid, 760 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:52:44,705 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2022-02-20 23:52:44,709 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 197. [2022-02-20 23:52:44,709 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:44,710 INFO L82 GeneralOperation]: Start isEquivalent. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:44,710 INFO L74 IsIncluded]: Start isIncluded. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:44,710 INFO L87 Difference]: Start difference. First operand 218 states. Second operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:44,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:44,715 INFO L93 Difference]: Finished difference Result 218 states and 232 transitions. [2022-02-20 23:52:44,715 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 232 transitions. [2022-02-20 23:52:44,715 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:44,715 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:44,716 INFO L74 IsIncluded]: Start isIncluded. First operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 218 states. [2022-02-20 23:52:44,716 INFO L87 Difference]: Start difference. First operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 218 states. [2022-02-20 23:52:44,720 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:44,721 INFO L93 Difference]: Finished difference Result 218 states and 232 transitions. [2022-02-20 23:52:44,721 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 232 transitions. [2022-02-20 23:52:44,721 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:44,721 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:44,721 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:44,722 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:44,722 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 197 states, 110 states have (on average 1.7545454545454546) internal successors, (193), 181 states have internal predecessors, (193), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:44,725 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 197 states to 197 states and 210 transitions. [2022-02-20 23:52:44,726 INFO L78 Accepts]: Start accepts. Automaton has 197 states and 210 transitions. Word has length 12 [2022-02-20 23:52:44,726 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:44,726 INFO L470 AbstractCegarLoop]: Abstraction has 197 states and 210 transitions. [2022-02-20 23:52:44,726 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:44,726 INFO L276 IsEmpty]: Start isEmpty. Operand 197 states and 210 transitions. [2022-02-20 23:52:44,727 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-02-20 23:52:44,727 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:44,727 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:44,733 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (5)] Ended with exit code 0 [2022-02-20 23:52:44,933 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:44,933 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:44,933 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:44,933 INFO L85 PathProgramCache]: Analyzing trace with hash -935078024, now seen corresponding path program 1 times [2022-02-20 23:52:44,934 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:44,934 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [384228653] [2022-02-20 23:52:44,934 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:44,934 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:44,934 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:44,935 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:44,935 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-02-20 23:52:44,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:44,978 INFO L263 TraceCheckSpWp]: Trace formula consists of 57 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:52:44,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:44,984 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:45,034 INFO L290 TraceCheckUtils]: 0: Hoare triple {3850#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {3850#true} is VALID [2022-02-20 23:52:45,035 INFO L290 TraceCheckUtils]: 1: Hoare triple {3850#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} is VALID [2022-02-20 23:52:45,035 INFO L272 TraceCheckUtils]: 2: Hoare triple {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {3850#true} is VALID [2022-02-20 23:52:45,036 INFO L290 TraceCheckUtils]: 3: Hoare triple {3850#true} ~size := #in~size; {3850#true} is VALID [2022-02-20 23:52:45,036 INFO L290 TraceCheckUtils]: 4: Hoare triple {3850#true} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {3850#true} is VALID [2022-02-20 23:52:45,036 INFO L290 TraceCheckUtils]: 5: Hoare triple {3850#true} assume true; {3850#true} is VALID [2022-02-20 23:52:45,040 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {3850#true} {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} #276#return; {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} is VALID [2022-02-20 23:52:45,041 INFO L290 TraceCheckUtils]: 7: Hoare triple {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} is VALID [2022-02-20 23:52:45,041 INFO L290 TraceCheckUtils]: 8: Hoare triple {3858#(= (_ bv3 32) |ULTIMATE.start_probe_23_~ret~0#1|)} assume probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32;probe_23_#res#1 := probe_23_~ret~0#1; {3880#(= |ULTIMATE.start_probe_23_#res#1| (_ bv3 32))} is VALID [2022-02-20 23:52:45,042 INFO L290 TraceCheckUtils]: 9: Hoare triple {3880#(= |ULTIMATE.start_probe_23_#res#1| (_ bv3 32))} entry_point_#t~ret61#1 := probe_23_#res#1;assume { :end_inline_probe_23 } true;entry_point_~ret~1#1 := entry_point_#t~ret61#1;havoc entry_point_#t~ret61#1; {3884#(= (_ bv3 32) |ULTIMATE.start_entry_point_~ret~1#1|)} is VALID [2022-02-20 23:52:45,042 INFO L290 TraceCheckUtils]: 10: Hoare triple {3884#(= (_ bv3 32) |ULTIMATE.start_entry_point_~ret~1#1|)} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_23 } true;disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset := disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset;assume { :begin_inline_disconnect_device } true;disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset := disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;havoc disconnect_device_#t~mem57#1.base, disconnect_device_#t~mem57#1.offset, disconnect_device_#t~mem58#1.base, disconnect_device_#t~mem58#1.offset, disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset;disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset := disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset; {3851#false} is VALID [2022-02-20 23:52:45,042 INFO L290 TraceCheckUtils]: 11: Hoare triple {3851#false} assume !(1bv1 == #valid[disconnect_device_~dev#1.base]); {3851#false} is VALID [2022-02-20 23:52:45,042 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:45,043 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:45,043 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:45,043 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [384228653] [2022-02-20 23:52:45,043 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [384228653] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:45,043 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:45,043 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:45,043 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1741701316] [2022-02-20 23:52:45,044 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:45,044 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:45,044 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:45,044 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:45,054 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:45,054 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:52:45,054 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:45,054 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:52:45,054 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:52:45,054 INFO L87 Difference]: Start difference. First operand 197 states and 210 transitions. Second operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:45,785 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:45,785 INFO L93 Difference]: Finished difference Result 202 states and 214 transitions. [2022-02-20 23:52:45,786 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:52:45,786 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-02-20 23:52:45,786 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:45,786 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:45,788 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 212 transitions. [2022-02-20 23:52:45,788 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:45,790 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 212 transitions. [2022-02-20 23:52:45,790 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 212 transitions. [2022-02-20 23:52:45,972 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 212 edges. 212 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:45,974 INFO L225 Difference]: With dead ends: 202 [2022-02-20 23:52:45,974 INFO L226 Difference]: Without dead ends: 202 [2022-02-20 23:52:45,975 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:45,975 INFO L933 BasicCegarLoop]: 204 mSDtfsCounter, 106 mSDsluCounter, 504 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 111 SdHoareTripleChecker+Valid, 708 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:45,975 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [111 Valid, 708 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:52:45,976 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 202 states. [2022-02-20 23:52:45,980 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 202 to 199. [2022-02-20 23:52:45,980 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:45,980 INFO L82 GeneralOperation]: Start isEquivalent. First operand 202 states. Second operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:45,981 INFO L74 IsIncluded]: Start isIncluded. First operand 202 states. Second operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:45,981 INFO L87 Difference]: Start difference. First operand 202 states. Second operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:45,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:45,985 INFO L93 Difference]: Finished difference Result 202 states and 214 transitions. [2022-02-20 23:52:45,985 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 214 transitions. [2022-02-20 23:52:45,986 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:45,986 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:45,986 INFO L74 IsIncluded]: Start isIncluded. First operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 202 states. [2022-02-20 23:52:45,987 INFO L87 Difference]: Start difference. First operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) Second operand 202 states. [2022-02-20 23:52:45,991 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:45,991 INFO L93 Difference]: Finished difference Result 202 states and 214 transitions. [2022-02-20 23:52:45,991 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 214 transitions. [2022-02-20 23:52:45,992 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:45,992 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:45,992 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:45,992 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:45,993 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 199 states, 112 states have (on average 1.7410714285714286) internal successors, (195), 183 states have internal predecessors, (195), 8 states have call successors, (8), 6 states have call predecessors, (8), 7 states have return successors, (9), 9 states have call predecessors, (9), 8 states have call successors, (9) [2022-02-20 23:52:45,996 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 199 states to 199 states and 212 transitions. [2022-02-20 23:52:45,996 INFO L78 Accepts]: Start accepts. Automaton has 199 states and 212 transitions. Word has length 12 [2022-02-20 23:52:45,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:45,996 INFO L470 AbstractCegarLoop]: Abstraction has 199 states and 212 transitions. [2022-02-20 23:52:45,997 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:45,997 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 212 transitions. [2022-02-20 23:52:45,997 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 23:52:45,997 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:45,997 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:46,003 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (6)] Ended with exit code 0 [2022-02-20 23:52:46,203 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:46,204 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr46ASSERT_VIOLATIONMEMORY_LEAK === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:46,204 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:46,204 INFO L85 PathProgramCache]: Analyzing trace with hash 1077372438, now seen corresponding path program 1 times [2022-02-20 23:52:46,204 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:46,205 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [987114284] [2022-02-20 23:52:46,205 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:46,205 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:46,205 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:46,206 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:46,207 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Waiting until timeout for monitored process [2022-02-20 23:52:46,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:46,248 INFO L263 TraceCheckSpWp]: Trace formula consists of 50 conjuncts, 4 conjunts are in the unsatisfiable core [2022-02-20 23:52:46,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:46,259 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:46,305 INFO L290 TraceCheckUtils]: 0: Hoare triple {4699#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {4699#true} is VALID [2022-02-20 23:52:46,306 INFO L290 TraceCheckUtils]: 1: Hoare triple {4699#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,306 INFO L272 TraceCheckUtils]: 2: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {4711#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:46,307 INFO L290 TraceCheckUtils]: 3: Hoare triple {4711#(= |old(#valid)| |#valid|)} ~size := #in~size; {4711#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:46,307 INFO L290 TraceCheckUtils]: 4: Hoare triple {4711#(= |old(#valid)| |#valid|)} assume !(0bv32 != #t~nondet11);havoc #t~nondet11;#res.base, #res.offset := 0bv32, 0bv32; {4711#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:46,308 INFO L290 TraceCheckUtils]: 5: Hoare triple {4711#(= |old(#valid)| |#valid|)} assume true; {4711#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:46,308 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {4711#(= |old(#valid)| |#valid|)} {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} #276#return; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,309 INFO L290 TraceCheckUtils]: 7: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,309 INFO L290 TraceCheckUtils]: 8: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32;probe_23_#res#1 := probe_23_~ret~0#1; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,310 INFO L290 TraceCheckUtils]: 9: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} entry_point_#t~ret61#1 := probe_23_#res#1;assume { :end_inline_probe_23 } true;entry_point_~ret~1#1 := entry_point_#t~ret61#1;havoc entry_point_#t~ret61#1; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,310 INFO L290 TraceCheckUtils]: 10: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(0bv32 == entry_point_~ret~1#1); {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,310 INFO L290 TraceCheckUtils]: 11: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume { :end_inline_entry_point } true; {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} is VALID [2022-02-20 23:52:46,311 INFO L290 TraceCheckUtils]: 12: Hoare triple {4707#(= |#valid| |ULTIMATE.start_main_old_#valid#1|)} assume !(#valid == main_old_#valid#1); {4700#false} is VALID [2022-02-20 23:52:46,311 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:46,311 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:46,312 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:46,312 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [987114284] [2022-02-20 23:52:46,312 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [987114284] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:46,312 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:46,312 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:52:46,312 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1088462105] [2022-02-20 23:52:46,312 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:46,313 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:52:46,313 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:46,313 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:46,322 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:46,322 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:52:46,322 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:46,324 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:52:46,324 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:52:46,324 INFO L87 Difference]: Start difference. First operand 199 states and 212 transitions. Second operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:47,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,183 INFO L93 Difference]: Finished difference Result 211 states and 226 transitions. [2022-02-20 23:52:47,183 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:52:47,183 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:52:47,183 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:47,183 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:47,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 227 transitions. [2022-02-20 23:52:47,185 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:47,187 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 227 transitions. [2022-02-20 23:52:47,187 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 227 transitions. [2022-02-20 23:52:47,382 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 227 edges. 227 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:47,384 INFO L225 Difference]: With dead ends: 211 [2022-02-20 23:52:47,385 INFO L226 Difference]: Without dead ends: 203 [2022-02-20 23:52:47,385 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:52:47,385 INFO L933 BasicCegarLoop]: 183 mSDtfsCounter, 51 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 186 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 388 SdHoareTripleChecker+Invalid, 194 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 186 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:47,385 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [52 Valid, 388 Invalid, 194 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 186 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:52:47,386 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2022-02-20 23:52:47,389 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 193. [2022-02-20 23:52:47,389 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:47,389 INFO L82 GeneralOperation]: Start isEquivalent. First operand 203 states. Second operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:47,390 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:47,390 INFO L87 Difference]: Start difference. First operand 203 states. Second operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:47,394 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,394 INFO L93 Difference]: Finished difference Result 203 states and 218 transitions. [2022-02-20 23:52:47,394 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 218 transitions. [2022-02-20 23:52:47,395 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:47,395 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:47,395 INFO L74 IsIncluded]: Start isIncluded. First operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Second operand 203 states. [2022-02-20 23:52:47,396 INFO L87 Difference]: Start difference. First operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Second operand 203 states. [2022-02-20 23:52:47,399 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:47,400 INFO L93 Difference]: Finished difference Result 203 states and 218 transitions. [2022-02-20 23:52:47,400 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 218 transitions. [2022-02-20 23:52:47,400 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:47,400 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:47,400 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:47,400 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:47,401 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 107 states have (on average 1.766355140186916) internal successors, (189), 178 states have internal predecessors, (189), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:47,404 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 205 transitions. [2022-02-20 23:52:47,404 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 205 transitions. Word has length 13 [2022-02-20 23:52:47,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:47,404 INFO L470 AbstractCegarLoop]: Abstraction has 193 states and 205 transitions. [2022-02-20 23:52:47,404 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:52:47,405 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 205 transitions. [2022-02-20 23:52:47,405 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-02-20 23:52:47,405 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:47,405 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:47,413 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (7)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:47,611 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:47,611 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:47,612 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:47,612 INFO L85 PathProgramCache]: Analyzing trace with hash 609549957, now seen corresponding path program 1 times [2022-02-20 23:52:47,612 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:47,612 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [139774556] [2022-02-20 23:52:47,612 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:47,612 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:47,612 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:47,613 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:47,614 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-02-20 23:52:47,667 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:47,669 INFO L263 TraceCheckSpWp]: Trace formula consists of 89 conjuncts, 15 conjunts are in the unsatisfiable core [2022-02-20 23:52:47,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:47,676 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:49,851 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:52:49,852 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:52:49,957 INFO L290 TraceCheckUtils]: 0: Hoare triple {5551#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {5556#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:52:49,957 INFO L290 TraceCheckUtils]: 1: Hoare triple {5556#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {5560#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:49,958 INFO L272 TraceCheckUtils]: 2: Hoare triple {5560#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {5564#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:52:49,958 INFO L290 TraceCheckUtils]: 3: Hoare triple {5564#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size := #in~size; {5564#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:52:49,960 INFO L290 TraceCheckUtils]: 4: Hoare triple {5564#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {5571#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} is VALID [2022-02-20 23:52:49,960 INFO L290 TraceCheckUtils]: 5: Hoare triple {5571#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} assume true; {5571#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} is VALID [2022-02-20 23:52:49,962 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {5571#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_23 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_23))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} {5560#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} #276#return; {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:49,962 INFO L290 TraceCheckUtils]: 7: Hoare triple {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:49,963 INFO L290 TraceCheckUtils]: 8: Hoare triple {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:49,964 INFO L272 TraceCheckUtils]: 9: Hoare triple {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} is VALID [2022-02-20 23:52:49,964 INFO L290 TraceCheckUtils]: 10: Hoare triple {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} is VALID [2022-02-20 23:52:49,964 INFO L290 TraceCheckUtils]: 11: Hoare triple {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} is VALID [2022-02-20 23:52:49,965 INFO L290 TraceCheckUtils]: 12: Hoare triple {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} is VALID [2022-02-20 23:52:49,965 INFO L290 TraceCheckUtils]: 13: Hoare triple {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} assume true; {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} is VALID [2022-02-20 23:52:49,965 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {5588#(= (_ bv8 32) (select |#length| (_ bv2 32)))} {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} #278#return; {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:49,966 INFO L290 TraceCheckUtils]: 15: Hoare triple {5578#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_probe_23_~dev#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, probe_23_~dev#1.offset), #length[probe_23_~dev#1.base]) && ~bvule32(probe_23_~dev#1.offset, ~bvadd32(4bv32, probe_23_~dev#1.offset))) && ~bvule32(0bv32, probe_23_~dev#1.offset)); {5552#false} is VALID [2022-02-20 23:52:49,966 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:49,966 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:49,966 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:49,967 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [139774556] [2022-02-20 23:52:49,967 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [139774556] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:49,967 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:49,967 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:52:49,967 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [532970615] [2022-02-20 23:52:49,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:49,968 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 16 [2022-02-20 23:52:49,968 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:49,968 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:49,985 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:49,985 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:52:49,985 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:49,985 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:52:49,985 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=38, Unknown=1, NotChecked=0, Total=56 [2022-02-20 23:52:49,986 INFO L87 Difference]: Start difference. First operand 193 states and 205 transitions. Second operand has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:51,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:51,627 INFO L93 Difference]: Finished difference Result 203 states and 218 transitions. [2022-02-20 23:52:51,627 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:52:51,627 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 16 [2022-02-20 23:52:51,627 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:51,627 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:51,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 219 transitions. [2022-02-20 23:52:51,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:51,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 219 transitions. [2022-02-20 23:52:51,632 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 219 transitions. [2022-02-20 23:52:51,840 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 219 edges. 219 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:51,842 INFO L225 Difference]: With dead ends: 203 [2022-02-20 23:52:51,842 INFO L226 Difference]: Without dead ends: 203 [2022-02-20 23:52:51,842 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 2.2s TimeCoverageRelationStatistics Valid=38, Invalid=93, Unknown=1, NotChecked=0, Total=132 [2022-02-20 23:52:51,843 INFO L933 BasicCegarLoop]: 162 mSDtfsCounter, 63 mSDsluCounter, 263 mSDsCounter, 0 mSdLazyCounter, 236 mSolverCounterSat, 20 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 425 SdHoareTripleChecker+Invalid, 366 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 236 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 110 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:51,843 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [64 Valid, 425 Invalid, 366 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 236 Invalid, 0 Unknown, 110 Unchecked, 0.4s Time] [2022-02-20 23:52:51,843 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2022-02-20 23:52:51,845 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 192. [2022-02-20 23:52:51,845 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:51,846 INFO L82 GeneralOperation]: Start isEquivalent. First operand 203 states. Second operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:51,846 INFO L74 IsIncluded]: Start isIncluded. First operand 203 states. Second operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:51,846 INFO L87 Difference]: Start difference. First operand 203 states. Second operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:51,849 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:51,849 INFO L93 Difference]: Finished difference Result 203 states and 218 transitions. [2022-02-20 23:52:51,849 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 218 transitions. [2022-02-20 23:52:51,850 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:51,850 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:51,850 INFO L74 IsIncluded]: Start isIncluded. First operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Second operand 203 states. [2022-02-20 23:52:51,851 INFO L87 Difference]: Start difference. First operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Second operand 203 states. [2022-02-20 23:52:51,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:51,854 INFO L93 Difference]: Finished difference Result 203 states and 218 transitions. [2022-02-20 23:52:51,854 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 218 transitions. [2022-02-20 23:52:51,854 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:51,854 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:51,855 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:51,855 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:51,855 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 107 states have (on average 1.7570093457943925) internal successors, (188), 177 states have internal predecessors, (188), 8 states have call successors, (8), 6 states have call predecessors, (8), 6 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:52:51,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 204 transitions. [2022-02-20 23:52:51,857 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 204 transitions. Word has length 16 [2022-02-20 23:52:51,857 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:51,858 INFO L470 AbstractCegarLoop]: Abstraction has 192 states and 204 transitions. [2022-02-20 23:52:51,858 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 6 states have (on average 2.0) internal successors, (12), 7 states have internal predecessors, (12), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:52:51,858 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 204 transitions. [2022-02-20 23:52:51,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-02-20 23:52:51,858 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:51,858 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:51,865 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (8)] Ended with exit code 0 [2022-02-20 23:52:52,065 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:52,066 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:52,066 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:52,066 INFO L85 PathProgramCache]: Analyzing trace with hash 609549956, now seen corresponding path program 1 times [2022-02-20 23:52:52,066 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:52,066 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [315621166] [2022-02-20 23:52:52,067 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:52,067 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:52,067 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:52,068 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:52,069 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-02-20 23:52:52,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:52,135 INFO L263 TraceCheckSpWp]: Trace formula consists of 89 conjuncts, 9 conjunts are in the unsatisfiable core [2022-02-20 23:52:52,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:52,144 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:52,247 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:52:52,247 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 17 treesize of output 24 [2022-02-20 23:52:52,308 INFO L290 TraceCheckUtils]: 0: Hoare triple {6415#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {6420#(and (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:52:52,309 INFO L290 TraceCheckUtils]: 1: Hoare triple {6420#(and (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,309 INFO L272 TraceCheckUtils]: 2: Hoare triple {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {6428#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:52,310 INFO L290 TraceCheckUtils]: 3: Hoare triple {6428#(= |old(#valid)| |#valid|)} ~size := #in~size; {6428#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:52:52,313 INFO L290 TraceCheckUtils]: 4: Hoare triple {6428#(= |old(#valid)| |#valid|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {6435#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_38 (_ BitVec 1))) (= |#valid| (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_38))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} is VALID [2022-02-20 23:52:52,314 INFO L290 TraceCheckUtils]: 5: Hoare triple {6435#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_38 (_ BitVec 1))) (= |#valid| (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_38))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} assume true; {6435#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_38 (_ BitVec 1))) (= |#valid| (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_38))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} is VALID [2022-02-20 23:52:52,315 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {6435#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_38 (_ BitVec 1))) (= |#valid| (store |old(#valid)| |ldv_malloc_#res.base| v_ArrVal_38))) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|))))} {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} #276#return; {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,316 INFO L290 TraceCheckUtils]: 7: Hoare triple {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,316 INFO L290 TraceCheckUtils]: 8: Hoare triple {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,317 INFO L272 TraceCheckUtils]: 9: Hoare triple {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,318 INFO L290 TraceCheckUtils]: 10: Hoare triple {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,318 INFO L290 TraceCheckUtils]: 11: Hoare triple {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,319 INFO L290 TraceCheckUtils]: 12: Hoare triple {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,319 INFO L290 TraceCheckUtils]: 13: Hoare triple {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} assume true; {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,322 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {6451#(= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1)))} {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} #278#return; {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} is VALID [2022-02-20 23:52:52,322 INFO L290 TraceCheckUtils]: 15: Hoare triple {6424#(and (= |ULTIMATE.start_probe_23_~dev#1.base| (_ bv2 32)) (= (select |#valid| (_ bv2 32)) (_ bv1 1)))} assume !(1bv1 == #valid[probe_23_~dev#1.base]); {6416#false} is VALID [2022-02-20 23:52:52,322 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:52,322 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:52,323 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:52,323 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [315621166] [2022-02-20 23:52:52,323 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [315621166] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:52,323 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:52,323 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:52,324 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1635091010] [2022-02-20 23:52:52,324 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:52,324 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 16 [2022-02-20 23:52:52,324 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:52,324 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:52,341 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:52,341 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:52:52,342 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:52,342 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:52:52,342 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:52,343 INFO L87 Difference]: Start difference. First operand 192 states and 204 transitions. Second operand has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:54,174 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:54,174 INFO L93 Difference]: Finished difference Result 244 states and 259 transitions. [2022-02-20 23:52:54,175 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:52:54,175 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 16 [2022-02-20 23:52:54,175 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:54,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:54,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 260 transitions. [2022-02-20 23:52:54,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:54,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 260 transitions. [2022-02-20 23:52:54,178 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 260 transitions. [2022-02-20 23:52:54,425 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 260 edges. 260 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:54,428 INFO L225 Difference]: With dead ends: 244 [2022-02-20 23:52:54,428 INFO L226 Difference]: Without dead ends: 244 [2022-02-20 23:52:54,429 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 8 SyntacticMatches, 2 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:52:54,429 INFO L933 BasicCegarLoop]: 158 mSDtfsCounter, 281 mSDsluCounter, 364 mSDsCounter, 0 mSdLazyCounter, 359 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 283 SdHoareTripleChecker+Valid, 522 SdHoareTripleChecker+Invalid, 516 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 359 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 130 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:54,429 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [283 Valid, 522 Invalid, 516 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 359 Invalid, 0 Unknown, 130 Unchecked, 0.5s Time] [2022-02-20 23:52:54,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 244 states. [2022-02-20 23:52:54,432 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 244 to 202. [2022-02-20 23:52:54,432 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:54,433 INFO L82 GeneralOperation]: Start isEquivalent. First operand 244 states. Second operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:54,433 INFO L74 IsIncluded]: Start isIncluded. First operand 244 states. Second operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:54,433 INFO L87 Difference]: Start difference. First operand 244 states. Second operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:54,437 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:54,437 INFO L93 Difference]: Finished difference Result 244 states and 259 transitions. [2022-02-20 23:52:54,437 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 259 transitions. [2022-02-20 23:52:54,438 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:54,438 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:54,438 INFO L74 IsIncluded]: Start isIncluded. First operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) Second operand 244 states. [2022-02-20 23:52:54,438 INFO L87 Difference]: Start difference. First operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) Second operand 244 states. [2022-02-20 23:52:54,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:54,442 INFO L93 Difference]: Finished difference Result 244 states and 259 transitions. [2022-02-20 23:52:54,442 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 259 transitions. [2022-02-20 23:52:54,443 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:54,443 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:54,443 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:54,443 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:54,443 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 202 states, 116 states have (on average 1.7413793103448276) internal successors, (202), 186 states have internal predecessors, (202), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:54,446 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 202 states to 202 states and 220 transitions. [2022-02-20 23:52:54,446 INFO L78 Accepts]: Start accepts. Automaton has 202 states and 220 transitions. Word has length 16 [2022-02-20 23:52:54,446 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:54,446 INFO L470 AbstractCegarLoop]: Abstraction has 202 states and 220 transitions. [2022-02-20 23:52:54,446 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 2.0) internal successors, (12), 6 states have internal predecessors, (12), 1 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-02-20 23:52:54,447 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 220 transitions. [2022-02-20 23:52:54,447 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:52:54,447 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:54,447 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:54,455 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:54,654 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:54,654 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:54,655 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:54,655 INFO L85 PathProgramCache]: Analyzing trace with hash -1600340348, now seen corresponding path program 1 times [2022-02-20 23:52:54,655 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:54,655 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1284649902] [2022-02-20 23:52:54,655 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:54,655 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:54,655 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:54,656 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:54,657 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-02-20 23:52:54,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:54,737 INFO L263 TraceCheckSpWp]: Trace formula consists of 145 conjuncts, 6 conjunts are in the unsatisfiable core [2022-02-20 23:52:54,751 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:54,752 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:54,795 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:54,838 INFO L290 TraceCheckUtils]: 0: Hoare triple {7411#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {7411#true} is VALID [2022-02-20 23:52:54,838 INFO L290 TraceCheckUtils]: 1: Hoare triple {7411#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {7411#true} is VALID [2022-02-20 23:52:54,838 INFO L272 TraceCheckUtils]: 2: Hoare triple {7411#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 3: Hoare triple {7411#true} ~size := #in~size; {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 4: Hoare triple {7411#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 5: Hoare triple {7411#true} assume true; {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {7411#true} {7411#true} #276#return; {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 7: Hoare triple {7411#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 8: Hoare triple {7411#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L272 TraceCheckUtils]: 9: Hoare triple {7411#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {7411#true} is VALID [2022-02-20 23:52:54,839 INFO L290 TraceCheckUtils]: 10: Hoare triple {7411#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L290 TraceCheckUtils]: 11: Hoare triple {7411#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L290 TraceCheckUtils]: 12: Hoare triple {7411#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L290 TraceCheckUtils]: 13: Hoare triple {7411#true} assume true; {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {7411#true} {7411#true} #278#return; {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L290 TraceCheckUtils]: 15: Hoare triple {7411#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {7411#true} is VALID [2022-02-20 23:52:54,840 INFO L290 TraceCheckUtils]: 16: Hoare triple {7411#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {7411#true} is VALID [2022-02-20 23:52:54,841 INFO L272 TraceCheckUtils]: 17: Hoare triple {7411#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {7411#true} is VALID [2022-02-20 23:52:54,842 INFO L290 TraceCheckUtils]: 18: Hoare triple {7411#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {7470#(= (select |#valid| |ldv_zalloc_#t~malloc13#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,843 INFO L290 TraceCheckUtils]: 19: Hoare triple {7470#(= (select |#valid| |ldv_zalloc_#t~malloc13#1.base|) (_ bv1 1))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {7474#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,843 INFO L290 TraceCheckUtils]: 20: Hoare triple {7474#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} assume true; {7474#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,844 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {7474#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} {7411#true} #280#return; {7481#(= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,844 INFO L290 TraceCheckUtils]: 22: Hoare triple {7481#(= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {7485#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,845 INFO L290 TraceCheckUtils]: 23: Hoare triple {7485#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {7485#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:52:54,845 INFO L290 TraceCheckUtils]: 24: Hoare triple {7485#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[hid_open_report_~parser~0#1.base]); {7412#false} is VALID [2022-02-20 23:52:54,845 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:54,845 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:54,845 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:54,846 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1284649902] [2022-02-20 23:52:54,846 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1284649902] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:54,846 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:54,846 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:54,846 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1198446311] [2022-02-20 23:52:54,846 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:54,847 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 25 [2022-02-20 23:52:54,847 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:54,847 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:54,870 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:54,870 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:54,870 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:54,870 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:54,870 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:54,871 INFO L87 Difference]: Start difference. First operand 202 states and 220 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:56,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:56,599 INFO L93 Difference]: Finished difference Result 252 states and 278 transitions. [2022-02-20 23:52:56,600 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:52:56,600 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 25 [2022-02-20 23:52:56,600 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:56,600 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:56,602 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 263 transitions. [2022-02-20 23:52:56,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:56,603 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 263 transitions. [2022-02-20 23:52:56,603 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 263 transitions. [2022-02-20 23:52:56,832 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 263 edges. 263 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:56,835 INFO L225 Difference]: With dead ends: 252 [2022-02-20 23:52:56,835 INFO L226 Difference]: Without dead ends: 252 [2022-02-20 23:52:56,835 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:56,835 INFO L933 BasicCegarLoop]: 171 mSDtfsCounter, 65 mSDsluCounter, 462 mSDsCounter, 0 mSdLazyCounter, 365 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 633 SdHoareTripleChecker+Invalid, 367 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 365 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:56,835 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [65 Valid, 633 Invalid, 367 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 365 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-02-20 23:52:56,836 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 252 states. [2022-02-20 23:52:56,839 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 252 to 227. [2022-02-20 23:52:56,839 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:56,839 INFO L82 GeneralOperation]: Start isEquivalent. First operand 252 states. Second operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:56,840 INFO L74 IsIncluded]: Start isIncluded. First operand 252 states. Second operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:56,840 INFO L87 Difference]: Start difference. First operand 252 states. Second operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:56,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:56,844 INFO L93 Difference]: Finished difference Result 252 states and 278 transitions. [2022-02-20 23:52:56,844 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 278 transitions. [2022-02-20 23:52:56,845 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:56,845 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:56,846 INFO L74 IsIncluded]: Start isIncluded. First operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) Second operand 252 states. [2022-02-20 23:52:56,846 INFO L87 Difference]: Start difference. First operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) Second operand 252 states. [2022-02-20 23:52:56,850 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:56,850 INFO L93 Difference]: Finished difference Result 252 states and 278 transitions. [2022-02-20 23:52:56,850 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 278 transitions. [2022-02-20 23:52:56,851 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:56,851 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:56,851 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:56,851 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:56,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 143 states have (on average 1.7622377622377623) internal successors, (252), 211 states have internal predecessors, (252), 8 states have call successors, (8), 7 states have call predecessors, (8), 8 states have return successors, (10), 8 states have call predecessors, (10), 8 states have call successors, (10) [2022-02-20 23:52:56,854 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 270 transitions. [2022-02-20 23:52:56,854 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 270 transitions. Word has length 25 [2022-02-20 23:52:56,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:56,855 INFO L470 AbstractCegarLoop]: Abstraction has 227 states and 270 transitions. [2022-02-20 23:52:56,855 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:56,855 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 270 transitions. [2022-02-20 23:52:56,855 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:52:56,855 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:56,856 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:56,862 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-02-20 23:52:57,062 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:52:57,063 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:52:57,063 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:52:57,063 INFO L85 PathProgramCache]: Analyzing trace with hash -1600340347, now seen corresponding path program 1 times [2022-02-20 23:52:57,063 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:52:57,063 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1171616254] [2022-02-20 23:52:57,063 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:52:57,063 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:52:57,064 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:52:57,064 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:52:57,068 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Waiting until timeout for monitored process [2022-02-20 23:52:57,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:57,139 INFO L263 TraceCheckSpWp]: Trace formula consists of 145 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:52:57,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:52:57,150 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:52:57,206 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:52:57,299 INFO L290 TraceCheckUtils]: 0: Hoare triple {8476#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {8476#true} is VALID [2022-02-20 23:52:57,299 INFO L290 TraceCheckUtils]: 1: Hoare triple {8476#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L272 TraceCheckUtils]: 2: Hoare triple {8476#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L290 TraceCheckUtils]: 3: Hoare triple {8476#true} ~size := #in~size; {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L290 TraceCheckUtils]: 4: Hoare triple {8476#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L290 TraceCheckUtils]: 5: Hoare triple {8476#true} assume true; {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {8476#true} {8476#true} #276#return; {8476#true} is VALID [2022-02-20 23:52:57,300 INFO L290 TraceCheckUtils]: 7: Hoare triple {8476#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L290 TraceCheckUtils]: 8: Hoare triple {8476#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L272 TraceCheckUtils]: 9: Hoare triple {8476#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L290 TraceCheckUtils]: 10: Hoare triple {8476#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L290 TraceCheckUtils]: 11: Hoare triple {8476#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L290 TraceCheckUtils]: 12: Hoare triple {8476#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L290 TraceCheckUtils]: 13: Hoare triple {8476#true} assume true; {8476#true} is VALID [2022-02-20 23:52:57,301 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {8476#true} {8476#true} #278#return; {8476#true} is VALID [2022-02-20 23:52:57,302 INFO L290 TraceCheckUtils]: 15: Hoare triple {8476#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {8476#true} is VALID [2022-02-20 23:52:57,302 INFO L290 TraceCheckUtils]: 16: Hoare triple {8476#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {8476#true} is VALID [2022-02-20 23:52:57,302 INFO L272 TraceCheckUtils]: 17: Hoare triple {8476#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {8476#true} is VALID [2022-02-20 23:52:57,303 INFO L290 TraceCheckUtils]: 18: Hoare triple {8476#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {8535#(and (= |ldv_zalloc_#in~size#1| (select |#length| |ldv_zalloc_#t~malloc13#1.base|)) (= |ldv_zalloc_#t~malloc13#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:57,304 INFO L290 TraceCheckUtils]: 19: Hoare triple {8535#(and (= |ldv_zalloc_#in~size#1| (select |#length| |ldv_zalloc_#t~malloc13#1.base|)) (= |ldv_zalloc_#t~malloc13#1.offset| (_ bv0 32)))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {8539#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:57,304 INFO L290 TraceCheckUtils]: 20: Hoare triple {8539#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} assume true; {8539#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:57,305 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {8539#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} {8476#true} #280#return; {8546#(and (= |ULTIMATE.start_hid_open_report_#t~ret52#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)))} is VALID [2022-02-20 23:52:57,305 INFO L290 TraceCheckUtils]: 22: Hoare triple {8546#(and (= |ULTIMATE.start_hid_open_report_#t~ret52#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {8550#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:57,306 INFO L290 TraceCheckUtils]: 23: Hoare triple {8550#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {8550#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:52:57,306 INFO L290 TraceCheckUtils]: 24: Hoare triple {8550#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), #length[hid_open_report_~parser~0#1.base]) && ~bvule32(hid_open_report_~parser~0#1.offset, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset))) && ~bvule32(0bv32, hid_open_report_~parser~0#1.offset)); {8477#false} is VALID [2022-02-20 23:52:57,307 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:52:57,307 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:52:57,307 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:52:57,307 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1171616254] [2022-02-20 23:52:57,307 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1171616254] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:52:57,307 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:52:57,307 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:52:57,308 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [471036980] [2022-02-20 23:52:57,308 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:52:57,308 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 25 [2022-02-20 23:52:57,308 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:52:57,308 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:57,332 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:57,332 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:52:57,332 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:52:57,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:52:57,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:52:57,333 INFO L87 Difference]: Start difference. First operand 227 states and 270 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:59,609 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:59,609 INFO L93 Difference]: Finished difference Result 284 states and 313 transitions. [2022-02-20 23:52:59,609 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:52:59,609 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 25 [2022-02-20 23:52:59,609 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:52:59,609 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:59,611 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 298 transitions. [2022-02-20 23:52:59,611 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:59,612 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 298 transitions. [2022-02-20 23:52:59,612 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 298 transitions. [2022-02-20 23:52:59,860 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 298 edges. 298 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:52:59,863 INFO L225 Difference]: With dead ends: 284 [2022-02-20 23:52:59,863 INFO L226 Difference]: Without dead ends: 284 [2022-02-20 23:52:59,864 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:52:59,864 INFO L933 BasicCegarLoop]: 159 mSDtfsCounter, 99 mSDsluCounter, 472 mSDsCounter, 0 mSdLazyCounter, 361 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 101 SdHoareTripleChecker+Valid, 631 SdHoareTripleChecker+Invalid, 364 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 361 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-02-20 23:52:59,864 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [101 Valid, 631 Invalid, 364 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 361 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-02-20 23:52:59,865 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 284 states. [2022-02-20 23:52:59,867 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 284 to 229. [2022-02-20 23:52:59,868 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:52:59,868 INFO L82 GeneralOperation]: Start isEquivalent. First operand 284 states. Second operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:52:59,868 INFO L74 IsIncluded]: Start isIncluded. First operand 284 states. Second operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:52:59,869 INFO L87 Difference]: Start difference. First operand 284 states. Second operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:52:59,873 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:59,873 INFO L93 Difference]: Finished difference Result 284 states and 313 transitions. [2022-02-20 23:52:59,873 INFO L276 IsEmpty]: Start isEmpty. Operand 284 states and 313 transitions. [2022-02-20 23:52:59,873 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:59,873 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:59,874 INFO L74 IsIncluded]: Start isIncluded. First operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 284 states. [2022-02-20 23:52:59,874 INFO L87 Difference]: Start difference. First operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 284 states. [2022-02-20 23:52:59,878 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:52:59,878 INFO L93 Difference]: Finished difference Result 284 states and 313 transitions. [2022-02-20 23:52:59,878 INFO L276 IsEmpty]: Start isEmpty. Operand 284 states and 313 transitions. [2022-02-20 23:52:59,879 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:52:59,879 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:52:59,879 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:52:59,879 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:52:59,880 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 229 states, 146 states have (on average 1.7397260273972603) internal successors, (254), 212 states have internal predecessors, (254), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:52:59,882 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 229 states to 229 states and 275 transitions. [2022-02-20 23:52:59,883 INFO L78 Accepts]: Start accepts. Automaton has 229 states and 275 transitions. Word has length 25 [2022-02-20 23:52:59,883 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:52:59,883 INFO L470 AbstractCegarLoop]: Abstraction has 229 states and 275 transitions. [2022-02-20 23:52:59,883 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:52:59,883 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 275 transitions. [2022-02-20 23:52:59,884 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:52:59,884 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:52:59,884 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:52:59,892 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (11)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:00,090 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:00,091 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr36ASSERT_VIOLATIONMEMORY_FREE === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:00,091 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:00,091 INFO L85 PathProgramCache]: Analyzing trace with hash -328716411, now seen corresponding path program 1 times [2022-02-20 23:53:00,091 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:00,091 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [571903949] [2022-02-20 23:53:00,091 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:00,091 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:00,091 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:00,093 INFO L229 MonitoredProcess]: Starting monitored process 12 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:00,094 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-02-20 23:53:00,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:00,172 INFO L263 TraceCheckSpWp]: Trace formula consists of 151 conjuncts, 5 conjunts are in the unsatisfiable core [2022-02-20 23:53:00,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:00,184 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:00,263 INFO L290 TraceCheckUtils]: 0: Hoare triple {9639#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {9639#true} is VALID [2022-02-20 23:53:00,263 INFO L290 TraceCheckUtils]: 1: Hoare triple {9639#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L272 TraceCheckUtils]: 2: Hoare triple {9639#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L290 TraceCheckUtils]: 3: Hoare triple {9639#true} ~size := #in~size; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L290 TraceCheckUtils]: 4: Hoare triple {9639#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L290 TraceCheckUtils]: 5: Hoare triple {9639#true} assume true; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {9639#true} {9639#true} #276#return; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L290 TraceCheckUtils]: 7: Hoare triple {9639#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {9639#true} is VALID [2022-02-20 23:53:00,264 INFO L290 TraceCheckUtils]: 8: Hoare triple {9639#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L272 TraceCheckUtils]: 9: Hoare triple {9639#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L290 TraceCheckUtils]: 10: Hoare triple {9639#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L290 TraceCheckUtils]: 11: Hoare triple {9639#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L290 TraceCheckUtils]: 12: Hoare triple {9639#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L290 TraceCheckUtils]: 13: Hoare triple {9639#true} assume true; {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {9639#true} {9639#true} #278#return; {9639#true} is VALID [2022-02-20 23:53:00,265 INFO L290 TraceCheckUtils]: 15: Hoare triple {9639#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {9639#true} is VALID [2022-02-20 23:53:00,266 INFO L290 TraceCheckUtils]: 16: Hoare triple {9639#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {9639#true} is VALID [2022-02-20 23:53:00,266 INFO L272 TraceCheckUtils]: 17: Hoare triple {9639#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {9639#true} is VALID [2022-02-20 23:53:00,266 INFO L290 TraceCheckUtils]: 18: Hoare triple {9639#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {9698#(not (= |ldv_zalloc_#t~malloc13#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:53:00,267 INFO L290 TraceCheckUtils]: 19: Hoare triple {9698#(not (= |ldv_zalloc_#t~malloc13#1.base| (_ bv0 32)))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {9702#(not (= |ldv_zalloc_#res#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:53:00,267 INFO L290 TraceCheckUtils]: 20: Hoare triple {9702#(not (= |ldv_zalloc_#res#1.base| (_ bv0 32)))} assume true; {9702#(not (= |ldv_zalloc_#res#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:53:00,268 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {9702#(not (= |ldv_zalloc_#res#1.base| (_ bv0 32)))} {9639#true} #280#return; {9709#(not (= (_ bv0 32) |ULTIMATE.start_hid_open_report_#t~ret52#1.base|))} is VALID [2022-02-20 23:53:00,268 INFO L290 TraceCheckUtils]: 22: Hoare triple {9709#(not (= (_ bv0 32) |ULTIMATE.start_hid_open_report_#t~ret52#1.base|))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {9713#(not (= |ULTIMATE.start_hid_open_report_~parser~0#1.base| (_ bv0 32)))} is VALID [2022-02-20 23:53:00,273 INFO L290 TraceCheckUtils]: 23: Hoare triple {9713#(not (= |ULTIMATE.start_hid_open_report_~parser~0#1.base| (_ bv0 32)))} assume hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32;hid_open_report_#res#1 := 3bv32;call ULTIMATE.dealloc(hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset);havoc hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset; {9640#false} is VALID [2022-02-20 23:53:00,273 INFO L290 TraceCheckUtils]: 24: Hoare triple {9640#false} probe_23_#t~ret60#1 := hid_open_report_#res#1;assume { :end_inline_hid_open_report } true;probe_23_~ret~0#1 := probe_23_#t~ret60#1;havoc probe_23_#t~ret60#1; {9640#false} is VALID [2022-02-20 23:53:00,273 INFO L290 TraceCheckUtils]: 25: Hoare triple {9640#false} assume ~bvslt32(probe_23_~ret~0#1, 0bv32); {9640#false} is VALID [2022-02-20 23:53:00,274 INFO L290 TraceCheckUtils]: 26: Hoare triple {9640#false} assume !(0bv32 == probe_23_~p~1#1.offset); {9640#false} is VALID [2022-02-20 23:53:00,274 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:00,274 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:00,274 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:00,274 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [571903949] [2022-02-20 23:53:00,274 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [571903949] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:00,274 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:00,275 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:53:00,275 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [490710257] [2022-02-20 23:53:00,275 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:00,275 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:53:00,275 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:00,276 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:00,300 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:00,300 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:53:00,300 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:00,300 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:53:00,301 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:53:00,301 INFO L87 Difference]: Start difference. First operand 229 states and 275 transitions. Second operand has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:01,387 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:01,387 INFO L93 Difference]: Finished difference Result 229 states and 274 transitions. [2022-02-20 23:53:01,387 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:53:01,387 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 27 [2022-02-20 23:53:01,387 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:01,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:01,389 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 199 transitions. [2022-02-20 23:53:01,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:01,390 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 199 transitions. [2022-02-20 23:53:01,390 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 199 transitions. [2022-02-20 23:53:01,591 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 199 edges. 199 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:01,594 INFO L225 Difference]: With dead ends: 229 [2022-02-20 23:53:01,594 INFO L226 Difference]: Without dead ends: 229 [2022-02-20 23:53:01,594 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:53:01,594 INFO L933 BasicCegarLoop]: 184 mSDtfsCounter, 114 mSDsluCounter, 626 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 810 SdHoareTripleChecker+Invalid, 57 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:01,595 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [118 Valid, 810 Invalid, 57 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:53:01,595 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 229 states. [2022-02-20 23:53:01,598 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 229 to 229. [2022-02-20 23:53:01,599 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:01,599 INFO L82 GeneralOperation]: Start isEquivalent. First operand 229 states. Second operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:01,601 INFO L74 IsIncluded]: Start isIncluded. First operand 229 states. Second operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:01,603 INFO L87 Difference]: Start difference. First operand 229 states. Second operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:01,606 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:01,606 INFO L93 Difference]: Finished difference Result 229 states and 274 transitions. [2022-02-20 23:53:01,606 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 274 transitions. [2022-02-20 23:53:01,606 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:01,606 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:01,607 INFO L74 IsIncluded]: Start isIncluded. First operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 229 states. [2022-02-20 23:53:01,607 INFO L87 Difference]: Start difference. First operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 229 states. [2022-02-20 23:53:01,612 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:01,612 INFO L93 Difference]: Finished difference Result 229 states and 274 transitions. [2022-02-20 23:53:01,612 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 274 transitions. [2022-02-20 23:53:01,613 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:01,613 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:01,613 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:01,613 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:01,614 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 229 states, 146 states have (on average 1.7328767123287672) internal successors, (253), 212 states have internal predecessors, (253), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:01,616 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 229 states to 229 states and 274 transitions. [2022-02-20 23:53:01,617 INFO L78 Accepts]: Start accepts. Automaton has 229 states and 274 transitions. Word has length 27 [2022-02-20 23:53:01,617 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:01,617 INFO L470 AbstractCegarLoop]: Abstraction has 229 states and 274 transitions. [2022-02-20 23:53:01,617 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.5) internal successors, (21), 5 states have internal predecessors, (21), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:01,617 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 274 transitions. [2022-02-20 23:53:01,619 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 23:53:01,620 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:01,620 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:01,640 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (12)] Ended with exit code 0 [2022-02-20 23:53:01,826 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:01,827 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr6REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:01,827 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:01,827 INFO L85 PathProgramCache]: Analyzing trace with hash -444952336, now seen corresponding path program 1 times [2022-02-20 23:53:01,827 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:01,827 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1941742448] [2022-02-20 23:53:01,827 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:01,827 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:01,828 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:01,828 INFO L229 MonitoredProcess]: Starting monitored process 13 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:01,829 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Waiting until timeout for monitored process [2022-02-20 23:53:01,941 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:01,947 INFO L263 TraceCheckSpWp]: Trace formula consists of 190 conjuncts, 12 conjunts are in the unsatisfiable core [2022-02-20 23:53:01,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:01,965 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:01,996 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:53:02,044 INFO L356 Elim1Store]: treesize reduction 12, result has 40.0 percent of original size [2022-02-20 23:53:02,044 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 17 [2022-02-20 23:53:02,103 INFO L290 TraceCheckUtils]: 0: Hoare triple {10643#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {10643#true} is VALID [2022-02-20 23:53:02,103 INFO L290 TraceCheckUtils]: 1: Hoare triple {10643#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L272 TraceCheckUtils]: 2: Hoare triple {10643#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L290 TraceCheckUtils]: 3: Hoare triple {10643#true} ~size := #in~size; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L290 TraceCheckUtils]: 4: Hoare triple {10643#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L290 TraceCheckUtils]: 5: Hoare triple {10643#true} assume true; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {10643#true} {10643#true} #276#return; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L290 TraceCheckUtils]: 7: Hoare triple {10643#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L290 TraceCheckUtils]: 8: Hoare triple {10643#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {10643#true} is VALID [2022-02-20 23:53:02,104 INFO L272 TraceCheckUtils]: 9: Hoare triple {10643#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L290 TraceCheckUtils]: 10: Hoare triple {10643#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L290 TraceCheckUtils]: 11: Hoare triple {10643#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L290 TraceCheckUtils]: 12: Hoare triple {10643#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L290 TraceCheckUtils]: 13: Hoare triple {10643#true} assume true; {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {10643#true} {10643#true} #278#return; {10643#true} is VALID [2022-02-20 23:53:02,105 INFO L290 TraceCheckUtils]: 15: Hoare triple {10643#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {10643#true} is VALID [2022-02-20 23:53:02,107 INFO L290 TraceCheckUtils]: 16: Hoare triple {10643#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,108 INFO L272 TraceCheckUtils]: 17: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {10700#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:53:02,111 INFO L290 TraceCheckUtils]: 18: Hoare triple {10700#(= |old(#valid)| |#valid|)} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {10704#(= (store |old(#valid)| |ldv_zalloc_#t~malloc13#1.base| (_ bv1 1)) |#valid|)} is VALID [2022-02-20 23:53:02,111 INFO L290 TraceCheckUtils]: 19: Hoare triple {10704#(= (store |old(#valid)| |ldv_zalloc_#t~malloc13#1.base| (_ bv1 1)) |#valid|)} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {10708#(= (store |old(#valid)| |ldv_zalloc_#res#1.base| (_ bv1 1)) |#valid|)} is VALID [2022-02-20 23:53:02,112 INFO L290 TraceCheckUtils]: 20: Hoare triple {10708#(= (store |old(#valid)| |ldv_zalloc_#res#1.base| (_ bv1 1)) |#valid|)} assume true; {10708#(= (store |old(#valid)| |ldv_zalloc_#res#1.base| (_ bv1 1)) |#valid|)} is VALID [2022-02-20 23:53:02,113 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {10708#(= (store |old(#valid)| |ldv_zalloc_#res#1.base| (_ bv1 1)) |#valid|)} {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} #280#return; {10715#(and (= (_ bv0 1) (bvadd (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))) (= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:53:02,113 INFO L290 TraceCheckUtils]: 22: Hoare triple {10715#(and (= (_ bv0 1) (bvadd (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))) (= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1)))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,113 INFO L290 TraceCheckUtils]: 23: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,113 INFO L290 TraceCheckUtils]: 24: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,114 INFO L290 TraceCheckUtils]: 25: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,114 INFO L290 TraceCheckUtils]: 26: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,114 INFO L290 TraceCheckUtils]: 27: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,115 INFO L290 TraceCheckUtils]: 28: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,115 INFO L290 TraceCheckUtils]: 29: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} havoc hid_open_report_#t~ret53#1; {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:02,115 INFO L290 TraceCheckUtils]: 30: Hoare triple {10696#(= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {10743#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_fetch_item_~item#1.base|))} is VALID [2022-02-20 23:53:02,116 INFO L290 TraceCheckUtils]: 31: Hoare triple {10743#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_fetch_item_~item#1.base|))} assume !(0bv32 != fetch_item_#t~nondet38#1);havoc fetch_item_#t~nondet38#1; {10743#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_fetch_item_~item#1.base|))} is VALID [2022-02-20 23:53:02,116 INFO L290 TraceCheckUtils]: 32: Hoare triple {10743#(= (_ bv1 1) (select |#valid| |ULTIMATE.start_fetch_item_~item#1.base|))} assume !(1bv1 == #valid[fetch_item_~item#1.base]); {10644#false} is VALID [2022-02-20 23:53:02,116 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:02,116 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:02,117 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:02,117 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1941742448] [2022-02-20 23:53:02,117 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1941742448] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:02,117 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:02,117 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:53:02,117 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [712663729] [2022-02-20 23:53:02,117 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:02,118 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2022-02-20 23:53:02,118 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:02,118 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:02,147 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:02,147 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:53:02,147 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:02,148 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:53:02,148 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:53:02,148 INFO L87 Difference]: Start difference. First operand 229 states and 274 transitions. Second operand has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:04,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:04,436 INFO L93 Difference]: Finished difference Result 242 states and 284 transitions. [2022-02-20 23:53:04,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:53:04,436 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2022-02-20 23:53:04,436 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:04,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:04,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 219 transitions. [2022-02-20 23:53:04,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:04,439 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 219 transitions. [2022-02-20 23:53:04,439 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 219 transitions. [2022-02-20 23:53:04,624 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 219 edges. 219 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:04,627 INFO L225 Difference]: With dead ends: 242 [2022-02-20 23:53:04,627 INFO L226 Difference]: Without dead ends: 242 [2022-02-20 23:53:04,627 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 25 SyntacticMatches, 1 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=68, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:53:04,627 INFO L933 BasicCegarLoop]: 130 mSDtfsCounter, 191 mSDsluCounter, 407 mSDsCounter, 0 mSdLazyCounter, 521 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 192 SdHoareTripleChecker+Valid, 537 SdHoareTripleChecker+Invalid, 539 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 521 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:04,628 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [192 Valid, 537 Invalid, 539 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 521 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-02-20 23:53:04,628 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 242 states. [2022-02-20 23:53:04,631 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 242 to 225. [2022-02-20 23:53:04,631 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:04,631 INFO L82 GeneralOperation]: Start isEquivalent. First operand 242 states. Second operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:04,631 INFO L74 IsIncluded]: Start isIncluded. First operand 242 states. Second operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:04,632 INFO L87 Difference]: Start difference. First operand 242 states. Second operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:04,635 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:04,635 INFO L93 Difference]: Finished difference Result 242 states and 284 transitions. [2022-02-20 23:53:04,635 INFO L276 IsEmpty]: Start isEmpty. Operand 242 states and 284 transitions. [2022-02-20 23:53:04,636 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:04,636 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:04,636 INFO L74 IsIncluded]: Start isIncluded. First operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 242 states. [2022-02-20 23:53:04,636 INFO L87 Difference]: Start difference. First operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 242 states. [2022-02-20 23:53:04,640 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:04,640 INFO L93 Difference]: Finished difference Result 242 states and 284 transitions. [2022-02-20 23:53:04,640 INFO L276 IsEmpty]: Start isEmpty. Operand 242 states and 284 transitions. [2022-02-20 23:53:04,640 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:04,640 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:04,641 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:04,641 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:04,641 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 225 states, 146 states have (on average 1.678082191780822) internal successors, (245), 208 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:04,644 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 225 states to 225 states and 266 transitions. [2022-02-20 23:53:04,644 INFO L78 Accepts]: Start accepts. Automaton has 225 states and 266 transitions. Word has length 33 [2022-02-20 23:53:04,644 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:04,644 INFO L470 AbstractCegarLoop]: Abstraction has 225 states and 266 transitions. [2022-02-20 23:53:04,644 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:04,644 INFO L276 IsEmpty]: Start isEmpty. Operand 225 states and 266 transitions. [2022-02-20 23:53:04,645 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-02-20 23:53:04,645 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:04,645 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:04,654 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (13)] Ended with exit code 0 [2022-02-20 23:53:04,852 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:04,853 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr7REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:04,853 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:04,853 INFO L85 PathProgramCache]: Analyzing trace with hash -444952335, now seen corresponding path program 1 times [2022-02-20 23:53:04,854 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:04,854 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1744606303] [2022-02-20 23:53:04,854 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:04,854 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:04,854 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:04,855 INFO L229 MonitoredProcess]: Starting monitored process 14 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:04,857 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2022-02-20 23:53:04,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:04,983 INFO L263 TraceCheckSpWp]: Trace formula consists of 190 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:53:04,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:04,997 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:05,040 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:53:05,048 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:53:07,167 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:53:07,168 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:53:07,176 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:53:07,177 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2022-02-20 23:53:07,280 INFO L290 TraceCheckUtils]: 0: Hoare triple {11704#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {11704#true} is VALID [2022-02-20 23:53:07,280 INFO L290 TraceCheckUtils]: 1: Hoare triple {11704#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {11704#true} is VALID [2022-02-20 23:53:07,280 INFO L272 TraceCheckUtils]: 2: Hoare triple {11704#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {11704#true} is VALID [2022-02-20 23:53:07,280 INFO L290 TraceCheckUtils]: 3: Hoare triple {11704#true} ~size := #in~size; {11704#true} is VALID [2022-02-20 23:53:07,280 INFO L290 TraceCheckUtils]: 4: Hoare triple {11704#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 5: Hoare triple {11704#true} assume true; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {11704#true} {11704#true} #276#return; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 7: Hoare triple {11704#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 8: Hoare triple {11704#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L272 TraceCheckUtils]: 9: Hoare triple {11704#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 10: Hoare triple {11704#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 11: Hoare triple {11704#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 12: Hoare triple {11704#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 13: Hoare triple {11704#true} assume true; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {11704#true} {11704#true} #278#return; {11704#true} is VALID [2022-02-20 23:53:07,281 INFO L290 TraceCheckUtils]: 15: Hoare triple {11704#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {11704#true} is VALID [2022-02-20 23:53:07,282 INFO L290 TraceCheckUtils]: 16: Hoare triple {11704#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {11757#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1)))} is VALID [2022-02-20 23:53:07,283 INFO L272 TraceCheckUtils]: 17: Hoare triple {11757#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1)))} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {11761#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} is VALID [2022-02-20 23:53:07,284 INFO L290 TraceCheckUtils]: 18: Hoare triple {11761#(and (= |old(#valid)| |#valid|) (= |#length| |old(#length)|))} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} is VALID [2022-02-20 23:53:07,285 INFO L290 TraceCheckUtils]: 19: Hoare triple {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} is VALID [2022-02-20 23:53:07,285 INFO L290 TraceCheckUtils]: 20: Hoare triple {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} assume true; {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} is VALID [2022-02-20 23:53:07,287 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {11765#(exists ((|ldv_zalloc_#t~malloc13#1.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_213 (_ BitVec 32))) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_213)))))} {11757#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)) (= (select |#valid| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (_ bv1 1)))} #280#return; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,287 INFO L290 TraceCheckUtils]: 22: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,288 INFO L290 TraceCheckUtils]: 23: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,288 INFO L290 TraceCheckUtils]: 24: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,288 INFO L290 TraceCheckUtils]: 25: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,289 INFO L290 TraceCheckUtils]: 26: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,289 INFO L290 TraceCheckUtils]: 27: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,290 INFO L290 TraceCheckUtils]: 28: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,290 INFO L290 TraceCheckUtils]: 29: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} havoc hid_open_report_#t~ret53#1; {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,291 INFO L290 TraceCheckUtils]: 30: Hoare triple {11775#(and (= (_ bv16 32) (select |#length| |ULTIMATE.start_hid_open_report_~#item~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~#item~0#1.offset| (_ bv0 32)))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {11803#(and (= (select |#length| |ULTIMATE.start_fetch_item_~item#1.base|) (_ bv16 32)) (= |ULTIMATE.start_fetch_item_~item#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,291 INFO L290 TraceCheckUtils]: 31: Hoare triple {11803#(and (= (select |#length| |ULTIMATE.start_fetch_item_~item#1.base|) (_ bv16 32)) (= |ULTIMATE.start_fetch_item_~item#1.offset| (_ bv0 32)))} assume !(0bv32 != fetch_item_#t~nondet38#1);havoc fetch_item_#t~nondet38#1; {11803#(and (= (select |#length| |ULTIMATE.start_fetch_item_~item#1.base|) (_ bv16 32)) (= |ULTIMATE.start_fetch_item_~item#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:07,292 INFO L290 TraceCheckUtils]: 32: Hoare triple {11803#(and (= (select |#length| |ULTIMATE.start_fetch_item_~item#1.base|) (_ bv16 32)) (= |ULTIMATE.start_fetch_item_~item#1.offset| (_ bv0 32)))} assume !((~bvule32(~bvadd32(4bv32, fetch_item_~item#1.offset), #length[fetch_item_~item#1.base]) && ~bvule32(fetch_item_~item#1.offset, ~bvadd32(4bv32, fetch_item_~item#1.offset))) && ~bvule32(0bv32, fetch_item_~item#1.offset)); {11705#false} is VALID [2022-02-20 23:53:07,292 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:07,292 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:07,292 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:07,292 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1744606303] [2022-02-20 23:53:07,292 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1744606303] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:07,293 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:07,293 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:53:07,293 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [617172656] [2022-02-20 23:53:07,293 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:07,293 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2022-02-20 23:53:07,293 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:07,293 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:07,327 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 33 edges. 33 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:07,327 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:53:07,327 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:07,327 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:53:07,328 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=29, Unknown=1, NotChecked=0, Total=42 [2022-02-20 23:53:07,328 INFO L87 Difference]: Start difference. First operand 225 states and 266 transitions. Second operand has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:09,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:09,951 INFO L93 Difference]: Finished difference Result 280 states and 309 transitions. [2022-02-20 23:53:09,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:53:09,951 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2022-02-20 23:53:09,951 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:09,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:09,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 301 transitions. [2022-02-20 23:53:09,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:09,955 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 301 transitions. [2022-02-20 23:53:09,955 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 301 transitions. [2022-02-20 23:53:10,245 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 301 edges. 301 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:10,248 INFO L225 Difference]: With dead ends: 280 [2022-02-20 23:53:10,248 INFO L226 Difference]: Without dead ends: 280 [2022-02-20 23:53:10,249 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 2.1s TimeCoverageRelationStatistics Valid=16, Invalid=39, Unknown=1, NotChecked=0, Total=56 [2022-02-20 23:53:10,249 INFO L933 BasicCegarLoop]: 131 mSDtfsCounter, 180 mSDsluCounter, 394 mSDsCounter, 0 mSdLazyCounter, 473 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 183 SdHoareTripleChecker+Valid, 525 SdHoareTripleChecker+Invalid, 644 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 473 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 150 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:10,249 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [183 Valid, 525 Invalid, 644 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 473 Invalid, 0 Unknown, 150 Unchecked, 0.9s Time] [2022-02-20 23:53:10,250 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2022-02-20 23:53:10,252 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 225. [2022-02-20 23:53:10,252 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:10,253 INFO L82 GeneralOperation]: Start isEquivalent. First operand 280 states. Second operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:10,253 INFO L74 IsIncluded]: Start isIncluded. First operand 280 states. Second operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:10,253 INFO L87 Difference]: Start difference. First operand 280 states. Second operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:10,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:10,257 INFO L93 Difference]: Finished difference Result 280 states and 309 transitions. [2022-02-20 23:53:10,257 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 309 transitions. [2022-02-20 23:53:10,258 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:10,258 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:10,258 INFO L74 IsIncluded]: Start isIncluded. First operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 280 states. [2022-02-20 23:53:10,259 INFO L87 Difference]: Start difference. First operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 280 states. [2022-02-20 23:53:10,263 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:10,263 INFO L93 Difference]: Finished difference Result 280 states and 309 transitions. [2022-02-20 23:53:10,263 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 309 transitions. [2022-02-20 23:53:10,264 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:10,264 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:10,264 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:10,264 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:10,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 225 states, 146 states have (on average 1.6506849315068493) internal successors, (241), 208 states have internal predecessors, (241), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:10,267 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 225 states to 225 states and 262 transitions. [2022-02-20 23:53:10,267 INFO L78 Accepts]: Start accepts. Automaton has 225 states and 262 transitions. Word has length 33 [2022-02-20 23:53:10,267 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:10,268 INFO L470 AbstractCegarLoop]: Abstraction has 225 states and 262 transitions. [2022-02-20 23:53:10,268 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 5 states have (on average 5.4) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:10,268 INFO L276 IsEmpty]: Start isEmpty. Operand 225 states and 262 transitions. [2022-02-20 23:53:10,269 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-02-20 23:53:10,269 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:10,269 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:10,279 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (14)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:10,475 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:10,475 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr14REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:10,476 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:10,476 INFO L85 PathProgramCache]: Analyzing trace with hash 1897494371, now seen corresponding path program 1 times [2022-02-20 23:53:10,476 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:10,476 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1010544249] [2022-02-20 23:53:10,476 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:10,476 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:10,477 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:10,477 INFO L229 MonitoredProcess]: Starting monitored process 15 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:10,479 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Waiting until timeout for monitored process [2022-02-20 23:53:10,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:10,592 INFO L263 TraceCheckSpWp]: Trace formula consists of 201 conjuncts, 3 conjunts are in the unsatisfiable core [2022-02-20 23:53:10,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:10,603 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:10,697 INFO L290 TraceCheckUtils]: 0: Hoare triple {12876#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {12876#true} is VALID [2022-02-20 23:53:10,697 INFO L290 TraceCheckUtils]: 1: Hoare triple {12876#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L272 TraceCheckUtils]: 2: Hoare triple {12876#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L290 TraceCheckUtils]: 3: Hoare triple {12876#true} ~size := #in~size; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L290 TraceCheckUtils]: 4: Hoare triple {12876#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L290 TraceCheckUtils]: 5: Hoare triple {12876#true} assume true; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {12876#true} {12876#true} #276#return; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L290 TraceCheckUtils]: 7: Hoare triple {12876#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {12876#true} is VALID [2022-02-20 23:53:10,698 INFO L290 TraceCheckUtils]: 8: Hoare triple {12876#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L272 TraceCheckUtils]: 9: Hoare triple {12876#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L290 TraceCheckUtils]: 10: Hoare triple {12876#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L290 TraceCheckUtils]: 11: Hoare triple {12876#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L290 TraceCheckUtils]: 12: Hoare triple {12876#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L290 TraceCheckUtils]: 13: Hoare triple {12876#true} assume true; {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {12876#true} {12876#true} #278#return; {12876#true} is VALID [2022-02-20 23:53:10,699 INFO L290 TraceCheckUtils]: 15: Hoare triple {12876#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L290 TraceCheckUtils]: 16: Hoare triple {12876#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L272 TraceCheckUtils]: 17: Hoare triple {12876#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L290 TraceCheckUtils]: 18: Hoare triple {12876#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L290 TraceCheckUtils]: 19: Hoare triple {12876#true} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L290 TraceCheckUtils]: 20: Hoare triple {12876#true} assume true; {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {12876#true} {12876#true} #280#return; {12876#true} is VALID [2022-02-20 23:53:10,700 INFO L290 TraceCheckUtils]: 22: Hoare triple {12876#true} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 23: Hoare triple {12876#true} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 24: Hoare triple {12876#true} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 25: Hoare triple {12876#true} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 26: Hoare triple {12876#true} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 27: Hoare triple {12876#true} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 28: Hoare triple {12876#true} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 29: Hoare triple {12876#true} havoc hid_open_report_#t~ret53#1; {12876#true} is VALID [2022-02-20 23:53:10,701 INFO L290 TraceCheckUtils]: 30: Hoare triple {12876#true} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {12876#true} is VALID [2022-02-20 23:53:10,707 INFO L290 TraceCheckUtils]: 31: Hoare triple {12876#true} assume 0bv32 != fetch_item_#t~nondet38#1;havoc fetch_item_#t~nondet38#1;fetch_item_#res#1 := 4294967295bv32; {12974#(= (_ bv4294967295 32) |ULTIMATE.start_fetch_item_#res#1|)} is VALID [2022-02-20 23:53:10,708 INFO L290 TraceCheckUtils]: 32: Hoare triple {12974#(= (_ bv4294967295 32) |ULTIMATE.start_fetch_item_#res#1|)} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {12978#(= (_ bv4294967295 32) |ULTIMATE.start_hid_open_report_#t~ret54#1|)} is VALID [2022-02-20 23:53:10,709 INFO L290 TraceCheckUtils]: 33: Hoare triple {12978#(= (_ bv4294967295 32) |ULTIMATE.start_hid_open_report_#t~ret54#1|)} assume !!(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1;assume { :begin_inline_hid_parser_main } true;hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset, hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset := hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc hid_parser_main_#res#1;havoc hid_parser_main_#t~mem46#1.base, hid_parser_main_#t~mem46#1.offset, hid_parser_main_#t~mem47#1, hid_parser_main_#t~ret48#1.base, hid_parser_main_#t~ret48#1.offset, hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset, hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset, hid_parser_main_~report~1#1.base, hid_parser_main_~report~1#1.offset;hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset := hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset;hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset := hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset; {12877#false} is VALID [2022-02-20 23:53:10,709 INFO L290 TraceCheckUtils]: 34: Hoare triple {12877#false} assume !(1bv1 == #valid[hid_parser_main_~parser#1.base]); {12877#false} is VALID [2022-02-20 23:53:10,709 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:10,709 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:10,709 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:10,709 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1010544249] [2022-02-20 23:53:10,710 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1010544249] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:10,710 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:10,710 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:53:10,710 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [430163841] [2022-02-20 23:53:10,710 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:10,711 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 35 [2022-02-20 23:53:10,711 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:10,711 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:10,745 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 35 edges. 35 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:10,746 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:53:10,746 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:10,746 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:53:10,746 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:53:10,746 INFO L87 Difference]: Start difference. First operand 225 states and 262 transitions. Second operand has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:11,409 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:11,409 INFO L93 Difference]: Finished difference Result 267 states and 308 transitions. [2022-02-20 23:53:11,409 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:53:11,410 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 35 [2022-02-20 23:53:11,410 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:11,410 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:11,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 234 transitions. [2022-02-20 23:53:11,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:11,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 234 transitions. [2022-02-20 23:53:11,413 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 234 transitions. [2022-02-20 23:53:11,609 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 234 edges. 234 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:11,612 INFO L225 Difference]: With dead ends: 267 [2022-02-20 23:53:11,612 INFO L226 Difference]: Without dead ends: 267 [2022-02-20 23:53:11,612 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 32 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:53:11,612 INFO L933 BasicCegarLoop]: 193 mSDtfsCounter, 36 mSDsluCounter, 381 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 574 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:11,613 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 574 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:53:11,613 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 267 states. [2022-02-20 23:53:11,616 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 267 to 229. [2022-02-20 23:53:11,616 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:11,616 INFO L82 GeneralOperation]: Start isEquivalent. First operand 267 states. Second operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:11,617 INFO L74 IsIncluded]: Start isIncluded. First operand 267 states. Second operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:11,617 INFO L87 Difference]: Start difference. First operand 267 states. Second operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:11,621 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:11,621 INFO L93 Difference]: Finished difference Result 267 states and 308 transitions. [2022-02-20 23:53:11,621 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 308 transitions. [2022-02-20 23:53:11,622 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:11,622 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:11,622 INFO L74 IsIncluded]: Start isIncluded. First operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 267 states. [2022-02-20 23:53:11,622 INFO L87 Difference]: Start difference. First operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 267 states. [2022-02-20 23:53:11,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:11,626 INFO L93 Difference]: Finished difference Result 267 states and 308 transitions. [2022-02-20 23:53:11,626 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 308 transitions. [2022-02-20 23:53:11,626 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:11,626 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:11,626 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:11,626 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:11,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 229 states, 150 states have (on average 1.6333333333333333) internal successors, (245), 212 states have internal predecessors, (245), 9 states have call successors, (9), 7 states have call predecessors, (9), 8 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:11,629 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 229 states to 229 states and 266 transitions. [2022-02-20 23:53:11,629 INFO L78 Accepts]: Start accepts. Automaton has 229 states and 266 transitions. Word has length 35 [2022-02-20 23:53:11,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:11,629 INFO L470 AbstractCegarLoop]: Abstraction has 229 states and 266 transitions. [2022-02-20 23:53:11,630 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.25) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:11,630 INFO L276 IsEmpty]: Start isEmpty. Operand 229 states and 266 transitions. [2022-02-20 23:53:11,630 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-02-20 23:53:11,630 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:11,630 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:11,640 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (15)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:11,837 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:11,838 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr29ASSERT_VIOLATIONMEMORY_FREE === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:11,838 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:11,838 INFO L85 PathProgramCache]: Analyzing trace with hash -1307216555, now seen corresponding path program 1 times [2022-02-20 23:53:11,838 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:11,838 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [958851765] [2022-02-20 23:53:11,838 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:11,839 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:11,839 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:11,839 INFO L229 MonitoredProcess]: Starting monitored process 16 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:11,842 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-02-20 23:53:11,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:11,940 INFO L263 TraceCheckSpWp]: Trace formula consists of 194 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:53:11,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:11,951 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:12,821 INFO L290 TraceCheckUtils]: 0: Hoare triple {14016#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:53:12,821 INFO L290 TraceCheckUtils]: 1: Hoare triple {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:53:12,822 INFO L272 TraceCheckUtils]: 2: Hoare triple {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:53:12,822 INFO L290 TraceCheckUtils]: 3: Hoare triple {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} ~size := #in~size; {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} is VALID [2022-02-20 23:53:12,824 INFO L290 TraceCheckUtils]: 4: Hoare triple {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,825 INFO L290 TraceCheckUtils]: 5: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,825 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {14021#(bvult (_ bv0 32) |#StackHeapBarrier|)} #276#return; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,827 INFO L290 TraceCheckUtils]: 7: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,828 INFO L290 TraceCheckUtils]: 8: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,829 INFO L272 TraceCheckUtils]: 9: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,830 INFO L290 TraceCheckUtils]: 10: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,833 INFO L290 TraceCheckUtils]: 11: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,836 INFO L290 TraceCheckUtils]: 12: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,837 INFO L290 TraceCheckUtils]: 13: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume true; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,838 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} #278#return; {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,841 INFO L290 TraceCheckUtils]: 15: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,843 INFO L290 TraceCheckUtils]: 16: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,843 INFO L272 TraceCheckUtils]: 17: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} is VALID [2022-02-20 23:53:12,846 INFO L290 TraceCheckUtils]: 18: Hoare triple {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {14077#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ldv_zalloc_#t~malloc13#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:53:12,847 INFO L290 TraceCheckUtils]: 19: Hoare triple {14077#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ldv_zalloc_#t~malloc13#1.base| |#StackHeapBarrier|))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {14081#(and (bvult |ldv_zalloc_#res#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,849 INFO L290 TraceCheckUtils]: 20: Hoare triple {14081#(and (bvult |ldv_zalloc_#res#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume true; {14081#(and (bvult |ldv_zalloc_#res#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,850 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {14081#(and (bvult |ldv_zalloc_#res#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} {14034#(exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32)))))} #280#return; {14088#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_hid_open_report_#t~ret52#1.base| |#StackHeapBarrier|))} is VALID [2022-02-20 23:53:12,852 INFO L290 TraceCheckUtils]: 22: Hoare triple {14088#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (bvult |ULTIMATE.start_hid_open_report_#t~ret52#1.base| |#StackHeapBarrier|))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,854 INFO L290 TraceCheckUtils]: 23: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,859 INFO L290 TraceCheckUtils]: 24: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,862 INFO L290 TraceCheckUtils]: 25: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,864 INFO L290 TraceCheckUtils]: 26: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,865 INFO L290 TraceCheckUtils]: 27: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,872 INFO L290 TraceCheckUtils]: 28: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,874 INFO L290 TraceCheckUtils]: 29: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} havoc hid_open_report_#t~ret53#1; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,876 INFO L290 TraceCheckUtils]: 30: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,878 INFO L290 TraceCheckUtils]: 31: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume 0bv32 != fetch_item_#t~nondet38#1;havoc fetch_item_#t~nondet38#1;fetch_item_#res#1 := 4294967295bv32; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,879 INFO L290 TraceCheckUtils]: 32: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,881 INFO L290 TraceCheckUtils]: 33: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,883 INFO L290 TraceCheckUtils]: 34: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume 0bv32 == hid_open_report_~parser~0#1.offset; {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} is VALID [2022-02-20 23:53:12,883 INFO L290 TraceCheckUtils]: 35: Hoare triple {14092#(and (bvult |ULTIMATE.start_hid_open_report_~parser~0#1.base| |#StackHeapBarrier|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv0 32))))))} assume !~bvult32(hid_open_report_~parser~0#1.base, #StackHeapBarrier); {14017#false} is VALID [2022-02-20 23:53:12,883 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:12,883 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:12,883 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:12,883 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [958851765] [2022-02-20 23:53:12,883 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [958851765] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:12,883 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:12,884 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:53:12,884 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [172809556] [2022-02-20 23:53:12,884 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:12,884 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 36 [2022-02-20 23:53:12,884 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:12,884 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:12,980 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 36 edges. 36 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:12,980 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:53:12,980 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:12,980 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:53:12,980 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:53:12,980 INFO L87 Difference]: Start difference. First operand 229 states and 266 transitions. Second operand has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:14,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:14,051 INFO L93 Difference]: Finished difference Result 248 states and 286 transitions. [2022-02-20 23:53:14,051 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:53:14,051 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 36 [2022-02-20 23:53:14,051 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:14,051 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:14,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 213 transitions. [2022-02-20 23:53:14,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:14,053 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 213 transitions. [2022-02-20 23:53:14,053 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 213 transitions. [2022-02-20 23:53:14,339 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 213 edges. 213 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:14,341 INFO L225 Difference]: With dead ends: 248 [2022-02-20 23:53:14,342 INFO L226 Difference]: Without dead ends: 248 [2022-02-20 23:53:14,342 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:53:14,342 INFO L933 BasicCegarLoop]: 184 mSDtfsCounter, 36 mSDsluCounter, 397 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 581 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 38 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:14,342 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [37 Valid, 581 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 38 Unchecked, 0.0s Time] [2022-02-20 23:53:14,343 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 248 states. [2022-02-20 23:53:14,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 248 to 248. [2022-02-20 23:53:14,346 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:14,346 INFO L82 GeneralOperation]: Start isEquivalent. First operand 248 states. Second operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:14,346 INFO L74 IsIncluded]: Start isIncluded. First operand 248 states. Second operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:14,346 INFO L87 Difference]: Start difference. First operand 248 states. Second operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:14,350 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:14,350 INFO L93 Difference]: Finished difference Result 248 states and 286 transitions. [2022-02-20 23:53:14,350 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 286 transitions. [2022-02-20 23:53:14,350 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:14,350 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:14,351 INFO L74 IsIncluded]: Start isIncluded. First operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 248 states. [2022-02-20 23:53:14,351 INFO L87 Difference]: Start difference. First operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 248 states. [2022-02-20 23:53:14,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:14,354 INFO L93 Difference]: Finished difference Result 248 states and 286 transitions. [2022-02-20 23:53:14,354 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 286 transitions. [2022-02-20 23:53:14,355 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:14,355 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:14,355 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:14,355 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:14,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 168 states have (on average 1.5773809523809523) internal successors, (265), 230 states have internal predecessors, (265), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:14,358 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 286 transitions. [2022-02-20 23:53:14,358 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 286 transitions. Word has length 36 [2022-02-20 23:53:14,359 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:14,359 INFO L470 AbstractCegarLoop]: Abstraction has 248 states and 286 transitions. [2022-02-20 23:53:14,359 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-02-20 23:53:14,359 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 286 transitions. [2022-02-20 23:53:14,359 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 23:53:14,359 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:14,360 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:14,368 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (16)] Ended with exit code 0 [2022-02-20 23:53:14,567 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:14,567 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr36ASSERT_VIOLATIONMEMORY_FREE === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:14,568 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:14,568 INFO L85 PathProgramCache]: Analyzing trace with hash 359927496, now seen corresponding path program 1 times [2022-02-20 23:53:14,568 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:14,568 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1827913061] [2022-02-20 23:53:14,568 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:14,568 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:14,569 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:14,570 INFO L229 MonitoredProcess]: Starting monitored process 17 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:14,576 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-02-20 23:53:14,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:14,676 INFO L263 TraceCheckSpWp]: Trace formula consists of 202 conjuncts, 3 conjunts are in the unsatisfiable core [2022-02-20 23:53:14,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:14,686 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:14,754 INFO L290 TraceCheckUtils]: 0: Hoare triple {15123#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {15123#true} is VALID [2022-02-20 23:53:14,754 INFO L290 TraceCheckUtils]: 1: Hoare triple {15123#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {15123#true} is VALID [2022-02-20 23:53:14,754 INFO L272 TraceCheckUtils]: 2: Hoare triple {15123#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {15123#true} is VALID [2022-02-20 23:53:14,754 INFO L290 TraceCheckUtils]: 3: Hoare triple {15123#true} ~size := #in~size; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 4: Hoare triple {15123#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 5: Hoare triple {15123#true} assume true; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {15123#true} {15123#true} #276#return; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 7: Hoare triple {15123#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 8: Hoare triple {15123#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L272 TraceCheckUtils]: 9: Hoare triple {15123#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 10: Hoare triple {15123#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 11: Hoare triple {15123#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 12: Hoare triple {15123#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 13: Hoare triple {15123#true} assume true; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {15123#true} {15123#true} #278#return; {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 15: Hoare triple {15123#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L290 TraceCheckUtils]: 16: Hoare triple {15123#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {15123#true} is VALID [2022-02-20 23:53:14,755 INFO L272 TraceCheckUtils]: 17: Hoare triple {15123#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 18: Hoare triple {15123#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 19: Hoare triple {15123#true} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 20: Hoare triple {15123#true} assume true; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {15123#true} {15123#true} #280#return; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 22: Hoare triple {15123#true} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 23: Hoare triple {15123#true} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 24: Hoare triple {15123#true} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 25: Hoare triple {15123#true} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 26: Hoare triple {15123#true} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 27: Hoare triple {15123#true} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 28: Hoare triple {15123#true} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 29: Hoare triple {15123#true} havoc hid_open_report_#t~ret53#1; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 30: Hoare triple {15123#true} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {15123#true} is VALID [2022-02-20 23:53:14,756 INFO L290 TraceCheckUtils]: 31: Hoare triple {15123#true} assume 0bv32 != fetch_item_#t~nondet38#1;havoc fetch_item_#t~nondet38#1;fetch_item_#res#1 := 4294967295bv32; {15123#true} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 32: Hoare triple {15123#true} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {15123#true} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 33: Hoare triple {15123#true} assume !(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1; {15123#true} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 34: Hoare triple {15123#true} assume 0bv32 == hid_open_report_~parser~0#1.offset; {15123#true} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 35: Hoare triple {15123#true} assume ~bvult32(hid_open_report_~parser~0#1.base, #StackHeapBarrier); {15123#true} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 36: Hoare triple {15123#true} assume 0bv32 == hid_open_report_~parser~0#1.base || 1bv1 == #valid[hid_open_report_~parser~0#1.base];call ULTIMATE.dealloc(hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset);hid_open_report_#res#1 := 0bv32;call ULTIMATE.dealloc(hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset);havoc hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset; {15236#(= |ULTIMATE.start_hid_open_report_#res#1| (_ bv0 32))} is VALID [2022-02-20 23:53:14,757 INFO L290 TraceCheckUtils]: 37: Hoare triple {15236#(= |ULTIMATE.start_hid_open_report_#res#1| (_ bv0 32))} probe_23_#t~ret60#1 := hid_open_report_#res#1;assume { :end_inline_hid_open_report } true;probe_23_~ret~0#1 := probe_23_#t~ret60#1;havoc probe_23_#t~ret60#1; {15240#(= |ULTIMATE.start_probe_23_~ret~0#1| (_ bv0 32))} is VALID [2022-02-20 23:53:14,758 INFO L290 TraceCheckUtils]: 38: Hoare triple {15240#(= |ULTIMATE.start_probe_23_~ret~0#1| (_ bv0 32))} assume ~bvslt32(probe_23_~ret~0#1, 0bv32); {15124#false} is VALID [2022-02-20 23:53:14,758 INFO L290 TraceCheckUtils]: 39: Hoare triple {15124#false} assume !(0bv32 == probe_23_~p~1#1.offset); {15124#false} is VALID [2022-02-20 23:53:14,758 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:14,758 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:14,758 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:14,758 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1827913061] [2022-02-20 23:53:14,758 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1827913061] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:14,758 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:14,758 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:53:14,758 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2067638406] [2022-02-20 23:53:14,758 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:14,759 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 23:53:14,759 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:14,759 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:14,789 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:14,789 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:53:14,789 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:14,790 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:53:14,790 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:53:14,790 INFO L87 Difference]: Start difference. First operand 248 states and 286 transitions. Second operand has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:15,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:15,435 INFO L93 Difference]: Finished difference Result 271 states and 311 transitions. [2022-02-20 23:53:15,435 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:53:15,435 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 40 [2022-02-20 23:53:15,436 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:15,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:15,437 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 219 transitions. [2022-02-20 23:53:15,437 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:15,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 219 transitions. [2022-02-20 23:53:15,438 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 219 transitions. [2022-02-20 23:53:15,613 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 219 edges. 219 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:15,616 INFO L225 Difference]: With dead ends: 271 [2022-02-20 23:53:15,616 INFO L226 Difference]: Without dead ends: 271 [2022-02-20 23:53:15,616 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 37 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:53:15,616 INFO L933 BasicCegarLoop]: 193 mSDtfsCounter, 43 mSDsluCounter, 379 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 572 SdHoareTripleChecker+Invalid, 12 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:15,616 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [43 Valid, 572 Invalid, 12 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:53:15,617 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 271 states. [2022-02-20 23:53:15,619 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 271 to 250. [2022-02-20 23:53:15,620 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:15,620 INFO L82 GeneralOperation]: Start isEquivalent. First operand 271 states. Second operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:15,620 INFO L74 IsIncluded]: Start isIncluded. First operand 271 states. Second operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:15,621 INFO L87 Difference]: Start difference. First operand 271 states. Second operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:15,624 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:15,624 INFO L93 Difference]: Finished difference Result 271 states and 311 transitions. [2022-02-20 23:53:15,624 INFO L276 IsEmpty]: Start isEmpty. Operand 271 states and 311 transitions. [2022-02-20 23:53:15,625 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:15,625 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:15,625 INFO L74 IsIncluded]: Start isIncluded. First operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 271 states. [2022-02-20 23:53:15,626 INFO L87 Difference]: Start difference. First operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 271 states. [2022-02-20 23:53:15,629 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:15,629 INFO L93 Difference]: Finished difference Result 271 states and 311 transitions. [2022-02-20 23:53:15,629 INFO L276 IsEmpty]: Start isEmpty. Operand 271 states and 311 transitions. [2022-02-20 23:53:15,630 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:15,630 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:15,630 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:15,630 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:15,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 250 states, 170 states have (on average 1.5705882352941176) internal successors, (267), 232 states have internal predecessors, (267), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:15,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 250 states to 250 states and 288 transitions. [2022-02-20 23:53:15,633 INFO L78 Accepts]: Start accepts. Automaton has 250 states and 288 transitions. Word has length 40 [2022-02-20 23:53:15,634 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:15,634 INFO L470 AbstractCegarLoop]: Abstraction has 250 states and 288 transitions. [2022-02-20 23:53:15,634 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 4 states have internal predecessors, (34), 1 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:15,634 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 288 transitions. [2022-02-20 23:53:15,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 23:53:15,634 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:15,635 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:15,642 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (17)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:15,842 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:15,842 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr14REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:15,842 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:15,842 INFO L85 PathProgramCache]: Analyzing trace with hash -2125965028, now seen corresponding path program 1 times [2022-02-20 23:53:15,843 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:15,843 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [824637927] [2022-02-20 23:53:15,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:15,843 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:15,843 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:15,844 INFO L229 MonitoredProcess]: Starting monitored process 18 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:15,844 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Waiting until timeout for monitored process [2022-02-20 23:53:15,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:15,982 INFO L263 TraceCheckSpWp]: Trace formula consists of 291 conjuncts, 8 conjunts are in the unsatisfiable core [2022-02-20 23:53:16,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:16,001 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:16,031 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:53:16,120 INFO L290 TraceCheckUtils]: 0: Hoare triple {16311#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {16311#true} is VALID [2022-02-20 23:53:16,120 INFO L290 TraceCheckUtils]: 1: Hoare triple {16311#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {16311#true} is VALID [2022-02-20 23:53:16,120 INFO L272 TraceCheckUtils]: 2: Hoare triple {16311#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {16311#true} is VALID [2022-02-20 23:53:16,120 INFO L290 TraceCheckUtils]: 3: Hoare triple {16311#true} ~size := #in~size; {16311#true} is VALID [2022-02-20 23:53:16,120 INFO L290 TraceCheckUtils]: 4: Hoare triple {16311#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {16311#true} is VALID [2022-02-20 23:53:16,120 INFO L290 TraceCheckUtils]: 5: Hoare triple {16311#true} assume true; {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {16311#true} {16311#true} #276#return; {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 7: Hoare triple {16311#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 8: Hoare triple {16311#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L272 TraceCheckUtils]: 9: Hoare triple {16311#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 10: Hoare triple {16311#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 11: Hoare triple {16311#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 12: Hoare triple {16311#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {16311#true} is VALID [2022-02-20 23:53:16,121 INFO L290 TraceCheckUtils]: 13: Hoare triple {16311#true} assume true; {16311#true} is VALID [2022-02-20 23:53:16,122 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {16311#true} {16311#true} #278#return; {16311#true} is VALID [2022-02-20 23:53:16,122 INFO L290 TraceCheckUtils]: 15: Hoare triple {16311#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {16311#true} is VALID [2022-02-20 23:53:16,122 INFO L290 TraceCheckUtils]: 16: Hoare triple {16311#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {16311#true} is VALID [2022-02-20 23:53:16,122 INFO L272 TraceCheckUtils]: 17: Hoare triple {16311#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {16311#true} is VALID [2022-02-20 23:53:16,126 INFO L290 TraceCheckUtils]: 18: Hoare triple {16311#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {16370#(= (select |#valid| |ldv_zalloc_#t~malloc13#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,127 INFO L290 TraceCheckUtils]: 19: Hoare triple {16370#(= (select |#valid| |ldv_zalloc_#t~malloc13#1.base|) (_ bv1 1))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {16374#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,127 INFO L290 TraceCheckUtils]: 20: Hoare triple {16374#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} assume true; {16374#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,128 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {16374#(= (select |#valid| |ldv_zalloc_#res#1.base|) (_ bv1 1))} {16311#true} #280#return; {16381#(= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,128 INFO L290 TraceCheckUtils]: 22: Hoare triple {16381#(= (select |#valid| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|) (_ bv1 1))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,128 INFO L290 TraceCheckUtils]: 23: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,129 INFO L290 TraceCheckUtils]: 24: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,129 INFO L290 TraceCheckUtils]: 25: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,129 INFO L290 TraceCheckUtils]: 26: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,130 INFO L290 TraceCheckUtils]: 27: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,130 INFO L290 TraceCheckUtils]: 28: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,130 INFO L290 TraceCheckUtils]: 29: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} havoc hid_open_report_#t~ret53#1; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,131 INFO L290 TraceCheckUtils]: 30: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,131 INFO L290 TraceCheckUtils]: 31: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !(0bv32 != fetch_item_#t~nondet38#1);havoc fetch_item_#t~nondet38#1; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,131 INFO L290 TraceCheckUtils]: 32: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(0bv32, fetch_item_~item#1.base, fetch_item_~item#1.offset, 4bv32); srcloc: L781 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,132 INFO L290 TraceCheckUtils]: 33: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet39#1, fetch_item_~item#1.base, ~bvadd32(4bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L781-1 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,132 INFO L290 TraceCheckUtils]: 34: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} havoc fetch_item_#t~nondet39#1; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,132 INFO L290 TraceCheckUtils]: 35: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet40#1, fetch_item_~item#1.base, ~bvadd32(8bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L783 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,132 INFO L290 TraceCheckUtils]: 36: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} havoc fetch_item_#t~nondet40#1; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,133 INFO L290 TraceCheckUtils]: 37: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet41#1, fetch_item_~item#1.base, ~bvadd32(12bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L784 {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,133 INFO L290 TraceCheckUtils]: 38: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} havoc fetch_item_#t~nondet41#1;fetch_item_#res#1 := 0bv32; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,133 INFO L290 TraceCheckUtils]: 39: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,134 INFO L290 TraceCheckUtils]: 40: Hoare triple {16385#(= (select |#valid| |ULTIMATE.start_hid_open_report_~parser~0#1.base|) (_ bv1 1))} assume !!(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1;assume { :begin_inline_hid_parser_main } true;hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset, hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset := hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc hid_parser_main_#res#1;havoc hid_parser_main_#t~mem46#1.base, hid_parser_main_#t~mem46#1.offset, hid_parser_main_#t~mem47#1, hid_parser_main_#t~ret48#1.base, hid_parser_main_#t~ret48#1.offset, hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset, hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset, hid_parser_main_~report~1#1.base, hid_parser_main_~report~1#1.offset;hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset := hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset;hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset := hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset; {16440#(= (select |#valid| |ULTIMATE.start_hid_parser_main_~parser#1.base|) (_ bv1 1))} is VALID [2022-02-20 23:53:16,134 INFO L290 TraceCheckUtils]: 41: Hoare triple {16440#(= (select |#valid| |ULTIMATE.start_hid_parser_main_~parser#1.base|) (_ bv1 1))} assume !(1bv1 == #valid[hid_parser_main_~parser#1.base]); {16312#false} is VALID [2022-02-20 23:53:16,134 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:16,134 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:16,134 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:16,134 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [824637927] [2022-02-20 23:53:16,135 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [824637927] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:16,135 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:16,135 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:53:16,135 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1256909005] [2022-02-20 23:53:16,135 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:16,135 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 23:53:16,135 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:16,135 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:16,174 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:16,174 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:53:16,174 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:16,175 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:53:16,175 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:53:16,175 INFO L87 Difference]: Start difference. First operand 250 states and 288 transitions. Second operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:18,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:18,468 INFO L93 Difference]: Finished difference Result 292 states and 323 transitions. [2022-02-20 23:53:18,468 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:53:18,468 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 23:53:18,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:18,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:18,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 292 transitions. [2022-02-20 23:53:18,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:18,471 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 292 transitions. [2022-02-20 23:53:18,471 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 292 transitions. [2022-02-20 23:53:18,720 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 292 edges. 292 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:18,724 INFO L225 Difference]: With dead ends: 292 [2022-02-20 23:53:18,724 INFO L226 Difference]: Without dead ends: 292 [2022-02-20 23:53:18,724 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:53:18,724 INFO L933 BasicCegarLoop]: 185 mSDtfsCounter, 124 mSDsluCounter, 626 mSDsCounter, 0 mSdLazyCounter, 451 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 811 SdHoareTripleChecker+Invalid, 454 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 451 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:18,725 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [124 Valid, 811 Invalid, 454 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 451 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-02-20 23:53:18,725 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 292 states. [2022-02-20 23:53:18,728 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 292 to 249. [2022-02-20 23:53:18,728 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:18,728 INFO L82 GeneralOperation]: Start isEquivalent. First operand 292 states. Second operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:18,729 INFO L74 IsIncluded]: Start isIncluded. First operand 292 states. Second operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:18,729 INFO L87 Difference]: Start difference. First operand 292 states. Second operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:18,732 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:18,732 INFO L93 Difference]: Finished difference Result 292 states and 323 transitions. [2022-02-20 23:53:18,733 INFO L276 IsEmpty]: Start isEmpty. Operand 292 states and 323 transitions. [2022-02-20 23:53:18,733 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:18,733 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:18,734 INFO L74 IsIncluded]: Start isIncluded. First operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 292 states. [2022-02-20 23:53:18,734 INFO L87 Difference]: Start difference. First operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 292 states. [2022-02-20 23:53:18,737 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:18,738 INFO L93 Difference]: Finished difference Result 292 states and 323 transitions. [2022-02-20 23:53:18,738 INFO L276 IsEmpty]: Start isEmpty. Operand 292 states and 323 transitions. [2022-02-20 23:53:18,738 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:18,738 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:18,738 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:18,739 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:18,739 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 249 states, 170 states have (on average 1.5529411764705883) internal successors, (264), 231 states have internal predecessors, (264), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:18,741 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 249 states to 249 states and 285 transitions. [2022-02-20 23:53:18,742 INFO L78 Accepts]: Start accepts. Automaton has 249 states and 285 transitions. Word has length 42 [2022-02-20 23:53:18,742 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:18,742 INFO L470 AbstractCegarLoop]: Abstraction has 249 states and 285 transitions. [2022-02-20 23:53:18,742 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:18,742 INFO L276 IsEmpty]: Start isEmpty. Operand 249 states and 285 transitions. [2022-02-20 23:53:18,743 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 23:53:18,743 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:18,743 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:18,754 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (18)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:18,951 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 18 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:18,952 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr15REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:18,952 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:18,952 INFO L85 PathProgramCache]: Analyzing trace with hash -2125965027, now seen corresponding path program 1 times [2022-02-20 23:53:18,952 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:18,952 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1532980183] [2022-02-20 23:53:18,952 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:18,952 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:18,952 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:18,953 INFO L229 MonitoredProcess]: Starting monitored process 19 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:18,955 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-02-20 23:53:19,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:19,101 INFO L263 TraceCheckSpWp]: Trace formula consists of 291 conjuncts, 16 conjunts are in the unsatisfiable core [2022-02-20 23:53:19,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:19,114 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:19,155 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:53:19,331 INFO L290 TraceCheckUtils]: 0: Hoare triple {17572#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 1: Hoare triple {17572#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L272 TraceCheckUtils]: 2: Hoare triple {17572#true} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 3: Hoare triple {17572#true} ~size := #in~size; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 4: Hoare triple {17572#true} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 5: Hoare triple {17572#true} assume true; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {17572#true} {17572#true} #276#return; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 7: Hoare triple {17572#true} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 8: Hoare triple {17572#true} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L272 TraceCheckUtils]: 9: Hoare triple {17572#true} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 10: Hoare triple {17572#true} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 11: Hoare triple {17572#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 12: Hoare triple {17572#true} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L290 TraceCheckUtils]: 13: Hoare triple {17572#true} assume true; {17572#true} is VALID [2022-02-20 23:53:19,332 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {17572#true} {17572#true} #278#return; {17572#true} is VALID [2022-02-20 23:53:19,333 INFO L290 TraceCheckUtils]: 15: Hoare triple {17572#true} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {17572#true} is VALID [2022-02-20 23:53:19,333 INFO L290 TraceCheckUtils]: 16: Hoare triple {17572#true} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {17572#true} is VALID [2022-02-20 23:53:19,333 INFO L272 TraceCheckUtils]: 17: Hoare triple {17572#true} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {17572#true} is VALID [2022-02-20 23:53:19,334 INFO L290 TraceCheckUtils]: 18: Hoare triple {17572#true} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {17631#(and (= |ldv_zalloc_#in~size#1| (select |#length| |ldv_zalloc_#t~malloc13#1.base|)) (= |ldv_zalloc_#t~malloc13#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,335 INFO L290 TraceCheckUtils]: 19: Hoare triple {17631#(and (= |ldv_zalloc_#in~size#1| (select |#length| |ldv_zalloc_#t~malloc13#1.base|)) (= |ldv_zalloc_#t~malloc13#1.offset| (_ bv0 32)))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {17635#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,335 INFO L290 TraceCheckUtils]: 20: Hoare triple {17635#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} assume true; {17635#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,336 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {17635#(and (= (select |#length| |ldv_zalloc_#res#1.base|) |ldv_zalloc_#in~size#1|) (= |ldv_zalloc_#res#1.offset| (_ bv0 32)))} {17572#true} #280#return; {17642#(and (= |ULTIMATE.start_hid_open_report_#t~ret52#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)))} is VALID [2022-02-20 23:53:19,336 INFO L290 TraceCheckUtils]: 22: Hoare triple {17642#(and (= |ULTIMATE.start_hid_open_report_#t~ret52#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,336 INFO L290 TraceCheckUtils]: 23: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,337 INFO L290 TraceCheckUtils]: 24: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,337 INFO L290 TraceCheckUtils]: 25: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,338 INFO L290 TraceCheckUtils]: 26: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,338 INFO L290 TraceCheckUtils]: 27: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,339 INFO L290 TraceCheckUtils]: 28: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,339 INFO L290 TraceCheckUtils]: 29: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} havoc hid_open_report_#t~ret53#1; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,340 INFO L290 TraceCheckUtils]: 30: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,340 INFO L290 TraceCheckUtils]: 31: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !(0bv32 != fetch_item_#t~nondet38#1);havoc fetch_item_#t~nondet38#1; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,341 INFO L290 TraceCheckUtils]: 32: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(0bv32, fetch_item_~item#1.base, fetch_item_~item#1.offset, 4bv32); srcloc: L781 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,341 INFO L290 TraceCheckUtils]: 33: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet39#1, fetch_item_~item#1.base, ~bvadd32(4bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L781-1 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,342 INFO L290 TraceCheckUtils]: 34: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} havoc fetch_item_#t~nondet39#1; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,343 INFO L290 TraceCheckUtils]: 35: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet40#1, fetch_item_~item#1.base, ~bvadd32(8bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L783 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,343 INFO L290 TraceCheckUtils]: 36: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} havoc fetch_item_#t~nondet40#1; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,344 INFO L290 TraceCheckUtils]: 37: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} SUMMARY for call write~intINTTYPE4(fetch_item_#t~nondet41#1, fetch_item_~item#1.base, ~bvadd32(12bv32, fetch_item_~item#1.offset), 4bv32); srcloc: L784 {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,344 INFO L290 TraceCheckUtils]: 38: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} havoc fetch_item_#t~nondet41#1;fetch_item_#res#1 := 0bv32; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,344 INFO L290 TraceCheckUtils]: 39: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} is VALID [2022-02-20 23:53:19,345 INFO L290 TraceCheckUtils]: 40: Hoare triple {17646#(and (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= |ULTIMATE.start_hid_open_report_~parser~0#1.offset| (_ bv0 32)))} assume !!(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1;assume { :begin_inline_hid_parser_main } true;hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset, hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset := hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc hid_parser_main_#res#1;havoc hid_parser_main_#t~mem46#1.base, hid_parser_main_#t~mem46#1.offset, hid_parser_main_#t~mem47#1, hid_parser_main_#t~ret48#1.base, hid_parser_main_#t~ret48#1.offset, hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset, hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset, hid_parser_main_~report~1#1.base, hid_parser_main_~report~1#1.offset;hid_parser_main_~parser#1.base, hid_parser_main_~parser#1.offset := hid_parser_main_#in~parser#1.base, hid_parser_main_#in~parser#1.offset;hid_parser_main_~item#1.base, hid_parser_main_~item#1.offset := hid_parser_main_#in~item#1.base, hid_parser_main_#in~item#1.offset; {17701#(and (= |ULTIMATE.start_hid_parser_main_~parser#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_parser_main_~parser#1.base|)))} is VALID [2022-02-20 23:53:19,345 INFO L290 TraceCheckUtils]: 41: Hoare triple {17701#(and (= |ULTIMATE.start_hid_parser_main_~parser#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_parser_main_~parser#1.base|)))} assume !((~bvule32(~bvadd32(4bv32, hid_parser_main_~parser#1.offset), #length[hid_parser_main_~parser#1.base]) && ~bvule32(hid_parser_main_~parser#1.offset, ~bvadd32(4bv32, hid_parser_main_~parser#1.offset))) && ~bvule32(0bv32, hid_parser_main_~parser#1.offset)); {17573#false} is VALID [2022-02-20 23:53:19,345 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:19,346 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:19,346 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:19,346 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1532980183] [2022-02-20 23:53:19,346 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1532980183] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:19,346 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:19,346 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:53:19,346 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1563180840] [2022-02-20 23:53:19,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:19,346 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 23:53:19,346 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:19,347 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:19,394 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:19,394 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:53:19,395 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:19,395 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:53:19,395 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:53:19,395 INFO L87 Difference]: Start difference. First operand 249 states and 285 transitions. Second operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:22,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:22,322 INFO L93 Difference]: Finished difference Result 318 states and 349 transitions. [2022-02-20 23:53:22,322 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:53:22,323 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 42 [2022-02-20 23:53:22,323 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:22,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:22,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 318 transitions. [2022-02-20 23:53:22,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:22,326 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 318 transitions. [2022-02-20 23:53:22,326 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 318 transitions. [2022-02-20 23:53:22,598 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 318 edges. 318 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:22,601 INFO L225 Difference]: With dead ends: 318 [2022-02-20 23:53:22,601 INFO L226 Difference]: Without dead ends: 318 [2022-02-20 23:53:22,602 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 36 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:53:22,602 INFO L933 BasicCegarLoop]: 188 mSDtfsCounter, 146 mSDsluCounter, 651 mSDsCounter, 0 mSdLazyCounter, 481 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 839 SdHoareTripleChecker+Invalid, 486 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 481 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:22,602 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [147 Valid, 839 Invalid, 486 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 481 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-02-20 23:53:22,603 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 318 states. [2022-02-20 23:53:22,605 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 318 to 249. [2022-02-20 23:53:22,605 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:22,606 INFO L82 GeneralOperation]: Start isEquivalent. First operand 318 states. Second operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:22,606 INFO L74 IsIncluded]: Start isIncluded. First operand 318 states. Second operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:22,606 INFO L87 Difference]: Start difference. First operand 318 states. Second operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:22,610 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:22,610 INFO L93 Difference]: Finished difference Result 318 states and 349 transitions. [2022-02-20 23:53:22,610 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 349 transitions. [2022-02-20 23:53:22,611 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:22,611 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:22,611 INFO L74 IsIncluded]: Start isIncluded. First operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 318 states. [2022-02-20 23:53:22,612 INFO L87 Difference]: Start difference. First operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) Second operand 318 states. [2022-02-20 23:53:22,615 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:22,615 INFO L93 Difference]: Finished difference Result 318 states and 349 transitions. [2022-02-20 23:53:22,616 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 349 transitions. [2022-02-20 23:53:22,616 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:22,616 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:22,616 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:22,617 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:22,617 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 249 states, 170 states have (on average 1.5411764705882354) internal successors, (262), 231 states have internal predecessors, (262), 9 states have call successors, (9), 8 states have call predecessors, (9), 9 states have return successors, (12), 9 states have call predecessors, (12), 9 states have call successors, (12) [2022-02-20 23:53:22,619 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 249 states to 249 states and 283 transitions. [2022-02-20 23:53:22,619 INFO L78 Accepts]: Start accepts. Automaton has 249 states and 283 transitions. Word has length 42 [2022-02-20 23:53:22,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:22,620 INFO L470 AbstractCegarLoop]: Abstraction has 249 states and 283 transitions. [2022-02-20 23:53:22,620 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 6.0) internal successors, (36), 6 states have internal predecessors, (36), 1 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-02-20 23:53:22,620 INFO L276 IsEmpty]: Start isEmpty. Operand 249 states and 283 transitions. [2022-02-20 23:53:22,620 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 23:53:22,620 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:22,620 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:22,631 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (19)] Ended with exit code 0 [2022-02-20 23:53:22,828 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 19 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:22,828 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:22,829 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:22,829 INFO L85 PathProgramCache]: Analyzing trace with hash -2001953137, now seen corresponding path program 1 times [2022-02-20 23:53:22,829 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:22,829 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [382080625] [2022-02-20 23:53:22,829 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:22,829 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:22,829 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:22,830 INFO L229 MonitoredProcess]: Starting monitored process 20 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:22,833 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Waiting until timeout for monitored process [2022-02-20 23:53:22,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:22,966 INFO L263 TraceCheckSpWp]: Trace formula consists of 213 conjuncts, 25 conjunts are in the unsatisfiable core [2022-02-20 23:53:22,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:22,981 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:23,145 INFO L356 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2022-02-20 23:53:23,145 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2022-02-20 23:53:23,651 INFO L356 Elim1Store]: treesize reduction 8, result has 60.0 percent of original size [2022-02-20 23:53:23,651 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 21 [2022-02-20 23:53:23,740 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2022-02-20 23:53:23,876 INFO L356 Elim1Store]: treesize reduction 15, result has 46.4 percent of original size [2022-02-20 23:53:23,876 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 26 [2022-02-20 23:53:25,075 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:53:25,088 INFO L356 Elim1Store]: treesize reduction 8, result has 60.0 percent of original size [2022-02-20 23:53:25,089 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 17 treesize of output 28 [2022-02-20 23:53:25,518 INFO L290 TraceCheckUtils]: 0: Hoare triple {18911#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {18916#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,518 INFO L290 TraceCheckUtils]: 1: Hoare triple {18916#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {18920#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,519 INFO L272 TraceCheckUtils]: 2: Hoare triple {18920#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv2 32) |~#dev~0.base|))} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,519 INFO L290 TraceCheckUtils]: 3: Hoare triple {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} ~size := #in~size; {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,520 INFO L290 TraceCheckUtils]: 4: Hoare triple {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {18931#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,521 INFO L290 TraceCheckUtils]: 5: Hoare triple {18931#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} assume true; {18931#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,524 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {18931#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} {18920#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv2 32) |~#dev~0.base|))} #276#return; {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,526 INFO L290 TraceCheckUtils]: 7: Hoare triple {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,528 INFO L290 TraceCheckUtils]: 8: Hoare triple {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,529 INFO L272 TraceCheckUtils]: 9: Hoare triple {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,531 INFO L290 TraceCheckUtils]: 10: Hoare triple {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,536 INFO L290 TraceCheckUtils]: 11: Hoare triple {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,540 INFO L290 TraceCheckUtils]: 12: Hoare triple {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,542 INFO L290 TraceCheckUtils]: 13: Hoare triple {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} assume true; {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,543 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {18948#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} #278#return; {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,547 INFO L290 TraceCheckUtils]: 15: Hoare triple {18938#(and (= |ULTIMATE.start_probe_23_~dev#1.base| |~#dev~0.base|) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {18967#(and (= (select |#valid| |~#dev~0.base|) (_ bv1 1)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,551 INFO L290 TraceCheckUtils]: 16: Hoare triple {18967#(and (= (select |#valid| |~#dev~0.base|) (_ bv1 1)) (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {18971#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,552 INFO L272 TraceCheckUtils]: 17: Hoare triple {18971#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (= (_ bv2 32) |~#dev~0.base|))} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,553 INFO L290 TraceCheckUtils]: 18: Hoare triple {18924#(and (= |old(#valid)| |#valid|) (= (_ bv2 32) |~#dev~0.base|))} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {18978#(and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,553 INFO L290 TraceCheckUtils]: 19: Hoare triple {18978#(and (= (_ bv0 1) (select |old(#valid)| |ldv_zalloc_#t~malloc13#1.base|)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#t~malloc13#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {18982#(and (= (select |old(#valid)| |ldv_zalloc_#res#1.base|) (_ bv0 1)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#res#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,554 INFO L290 TraceCheckUtils]: 20: Hoare triple {18982#(and (= (select |old(#valid)| |ldv_zalloc_#res#1.base|) (_ bv0 1)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#res#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} assume true; {18982#(and (= (select |old(#valid)| |ldv_zalloc_#res#1.base|) (_ bv0 1)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#res#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,556 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {18982#(and (= (select |old(#valid)| |ldv_zalloc_#res#1.base|) (_ bv0 1)) (exists ((v_ArrVal_617 (_ BitVec 1))) (= (store |old(#valid)| |ldv_zalloc_#res#1.base| v_ArrVal_617) |#valid|)) (= (_ bv2 32) |~#dev~0.base|))} {18971#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (= (_ bv2 32) |~#dev~0.base|))} #280#return; {18989#(and (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)) (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,556 INFO L290 TraceCheckUtils]: 22: Hoare triple {18989#(and (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)) (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,557 INFO L290 TraceCheckUtils]: 23: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,558 INFO L290 TraceCheckUtils]: 24: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,558 INFO L290 TraceCheckUtils]: 25: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,559 INFO L290 TraceCheckUtils]: 26: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,559 INFO L290 TraceCheckUtils]: 27: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,560 INFO L290 TraceCheckUtils]: 28: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,561 INFO L290 TraceCheckUtils]: 29: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} havoc hid_open_report_#t~ret53#1; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,561 INFO L290 TraceCheckUtils]: 30: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,562 INFO L290 TraceCheckUtils]: 31: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 != fetch_item_#t~nondet38#1;havoc fetch_item_#t~nondet38#1;fetch_item_#res#1 := 4294967295bv32; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,562 INFO L290 TraceCheckUtils]: 32: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,563 INFO L290 TraceCheckUtils]: 33: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume !(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,563 INFO L290 TraceCheckUtils]: 34: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == hid_open_report_~parser~0#1.offset; {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,564 INFO L290 TraceCheckUtils]: 35: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume ~bvult32(hid_open_report_~parser~0#1.base, #StackHeapBarrier); {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,565 INFO L290 TraceCheckUtils]: 36: Hoare triple {18993#(and (exists ((|#StackHeapBarrier| (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (bvult |#StackHeapBarrier| |ULTIMATE.start_hid_open_report_~#item~0#1.base|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv0 1) (bvadd (select |#valid| |~#dev~0.base|) (_ bv1 1))) (not (= |~#dev~0.base| |ULTIMATE.start_hid_open_report_~parser~0#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == hid_open_report_~parser~0#1.base || 1bv1 == #valid[hid_open_report_~parser~0#1.base];call ULTIMATE.dealloc(hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset);hid_open_report_#res#1 := 0bv32;call ULTIMATE.dealloc(hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset);havoc hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset; {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,565 INFO L290 TraceCheckUtils]: 37: Hoare triple {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} probe_23_#t~ret60#1 := hid_open_report_#res#1;assume { :end_inline_hid_open_report } true;probe_23_~ret~0#1 := probe_23_#t~ret60#1;havoc probe_23_#t~ret60#1; {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,566 INFO L290 TraceCheckUtils]: 38: Hoare triple {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} assume !~bvslt32(probe_23_~ret~0#1, 0bv32);probe_23_#res#1 := 0bv32; {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,566 INFO L290 TraceCheckUtils]: 39: Hoare triple {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} entry_point_#t~ret61#1 := probe_23_#res#1;assume { :end_inline_probe_23 } true;entry_point_~ret~1#1 := entry_point_#t~ret61#1;havoc entry_point_#t~ret61#1; {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:25,567 INFO L290 TraceCheckUtils]: 40: Hoare triple {19036#(and (= (bvadd (bvneg (select |#valid| |~#dev~0.base|)) (_ bv1 1)) (_ bv0 1)) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_23 } true;disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset := disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset;assume { :begin_inline_disconnect_device } true;disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset := disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;havoc disconnect_device_#t~mem57#1.base, disconnect_device_#t~mem57#1.offset, disconnect_device_#t~mem58#1.base, disconnect_device_#t~mem58#1.offset, disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset;disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset := disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset; {19049#(and (= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1))) (= |ULTIMATE.start_disconnect_device_~dev#1.base| (_ bv2 32)))} is VALID [2022-02-20 23:53:25,567 INFO L290 TraceCheckUtils]: 41: Hoare triple {19049#(and (= (_ bv0 1) (bvadd (bvneg (select |#valid| (_ bv2 32))) (_ bv1 1))) (= |ULTIMATE.start_disconnect_device_~dev#1.base| (_ bv2 32)))} assume !(1bv1 == #valid[disconnect_device_~dev#1.base]); {18912#false} is VALID [2022-02-20 23:53:25,567 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:25,568 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:25,568 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:25,568 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [382080625] [2022-02-20 23:53:25,568 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [382080625] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:25,568 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:25,568 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [14] imperfect sequences [] total 14 [2022-02-20 23:53:25,568 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [715917712] [2022-02-20 23:53:25,568 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:25,568 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 42 [2022-02-20 23:53:25,569 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:25,569 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:25,680 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:25,680 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-02-20 23:53:25,680 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:25,681 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-02-20 23:53:25,681 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2022-02-20 23:53:25,681 INFO L87 Difference]: Start difference. First operand 249 states and 283 transitions. Second operand has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:30,774 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:30,775 INFO L93 Difference]: Finished difference Result 307 states and 343 transitions. [2022-02-20 23:53:30,775 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2022-02-20 23:53:30,775 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 42 [2022-02-20 23:53:30,775 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:30,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:30,777 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 264 transitions. [2022-02-20 23:53:30,777 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:30,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 264 transitions. [2022-02-20 23:53:30,778 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 18 states and 264 transitions. [2022-02-20 23:53:31,074 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 264 edges. 264 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:31,077 INFO L225 Difference]: With dead ends: 307 [2022-02-20 23:53:31,077 INFO L226 Difference]: Without dead ends: 307 [2022-02-20 23:53:31,078 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 47 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 66 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=69, Invalid=393, Unknown=0, NotChecked=0, Total=462 [2022-02-20 23:53:31,078 INFO L933 BasicCegarLoop]: 154 mSDtfsCounter, 116 mSDsluCounter, 1243 mSDsCounter, 0 mSdLazyCounter, 382 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 1397 SdHoareTripleChecker+Invalid, 979 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 382 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 583 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:53:31,078 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [116 Valid, 1397 Invalid, 979 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 382 Invalid, 0 Unknown, 583 Unchecked, 0.6s Time] [2022-02-20 23:53:31,079 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2022-02-20 23:53:31,081 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 268. [2022-02-20 23:53:31,081 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:53:31,082 INFO L82 GeneralOperation]: Start isEquivalent. First operand 307 states. Second operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2022-02-20 23:53:31,082 INFO L74 IsIncluded]: Start isIncluded. First operand 307 states. Second operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2022-02-20 23:53:31,082 INFO L87 Difference]: Start difference. First operand 307 states. Second operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2022-02-20 23:53:31,086 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:31,086 INFO L93 Difference]: Finished difference Result 307 states and 343 transitions. [2022-02-20 23:53:31,086 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 343 transitions. [2022-02-20 23:53:31,086 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:31,087 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:31,087 INFO L74 IsIncluded]: Start isIncluded. First operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) Second operand 307 states. [2022-02-20 23:53:31,087 INFO L87 Difference]: Start difference. First operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) Second operand 307 states. [2022-02-20 23:53:31,091 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:31,091 INFO L93 Difference]: Finished difference Result 307 states and 343 transitions. [2022-02-20 23:53:31,091 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 343 transitions. [2022-02-20 23:53:31,091 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:53:31,091 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:53:31,092 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:53:31,092 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:53:31,092 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 187 states have (on average 1.53475935828877) internal successors, (287), 248 states have internal predecessors, (287), 10 states have call successors, (10), 9 states have call predecessors, (10), 10 states have return successors, (14), 10 states have call predecessors, (14), 10 states have call successors, (14) [2022-02-20 23:53:31,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 311 transitions. [2022-02-20 23:53:31,095 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 311 transitions. Word has length 42 [2022-02-20 23:53:31,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:53:31,095 INFO L470 AbstractCegarLoop]: Abstraction has 268 states and 311 transitions. [2022-02-20 23:53:31,095 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 13 states have (on average 2.769230769230769) internal successors, (36), 14 states have internal predecessors, (36), 3 states have call successors, (3), 2 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:31,095 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 311 transitions. [2022-02-20 23:53:31,096 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-02-20 23:53:31,096 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:53:31,096 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:53:31,103 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (20)] Forceful destruction successful, exit code 0 [2022-02-20 23:53:31,303 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 20 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 [2022-02-20 23:53:31,303 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting ULTIMATE.startErr40REQUIRES_VIOLATION === [free_reportsErr0REQUIRES_VIOLATION, free_reportsErr1REQUIRES_VIOLATION, free_reportsErr2REQUIRES_VIOLATION, free_reportsErr3REQUIRES_VIOLATION (and 72 more)] === [2022-02-20 23:53:31,304 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:53:31,304 INFO L85 PathProgramCache]: Analyzing trace with hash -2001953136, now seen corresponding path program 1 times [2022-02-20 23:53:31,304 INFO L126 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-02-20 23:53:31,304 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [866417827] [2022-02-20 23:53:31,304 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:53:31,304 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -unsat_core_generation=3 [2022-02-20 23:53:31,304 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat [2022-02-20 23:53:31,305 INFO L229 MonitoredProcess]: Starting monitored process 21 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-02-20 23:53:31,306 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/mathsat -unsat_core_generation=3 (21)] Waiting until timeout for monitored process [2022-02-20 23:53:31,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:31,433 INFO L263 TraceCheckSpWp]: Trace formula consists of 213 conjuncts, 35 conjunts are in the unsatisfiable core [2022-02-20 23:53:31,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:53:31,448 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:53:31,664 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:53:31,665 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:53:31,686 INFO L356 Elim1Store]: treesize reduction 8, result has 52.9 percent of original size [2022-02-20 23:53:31,687 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 2 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 16 treesize of output 18 [2022-02-20 23:53:32,336 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:53:32,337 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:53:32,481 INFO L356 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2022-02-20 23:53:32,481 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2022-02-20 23:53:32,730 INFO L290 TraceCheckUtils]: 0: Hoare triple {20253#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0bv32, 0bv32;assume 0bv1 == #valid[0bv32];assume ~bvult32(0bv32, #StackHeapBarrier);currentRoundingMode := ~roundNearestTiesToEven;~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset := 1bv32, 0bv32;call #Ultimate.allocInit(8bv32, 1bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, 4bv32);call write~init~$Pointer$(~#ldv_global_msg_list~0.base, ~#ldv_global_msg_list~0.offset, ~#ldv_global_msg_list~0.base, ~bvadd32(4bv32, ~#ldv_global_msg_list~0.offset), 4bv32);~#dev~0.base, ~#dev~0.offset := 2bv32, 0bv32;call #Ultimate.allocInit(8bv32, 2bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~#dev~0.offset, 4bv32);call write~init~$Pointer$(0bv32, 0bv32, ~#dev~0.base, ~bvadd32(4bv32, ~#dev~0.offset), 4bv32); {20258#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,731 INFO L290 TraceCheckUtils]: 1: Hoare triple {20258#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;assume { :begin_inline_entry_point } true;havoc entry_point_#t~ret61#1, entry_point_~ret~1#1;assume { :begin_inline_probe_23 } true;probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc probe_23_#res#1;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset, probe_23_#t~ret60#1, probe_23_~dev#1.base, probe_23_~dev#1.offset, probe_23_~ret~0#1, probe_23_~p~1#1.base, probe_23_~p~1#1.offset;probe_23_~dev#1.base, probe_23_~dev#1.offset := probe_23_#in~dev#1.base, probe_23_#in~dev#1.offset;probe_23_~ret~0#1 := 3bv32; {20258#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,732 INFO L272 TraceCheckUtils]: 2: Hoare triple {20258#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} call probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset := ldv_malloc(1036bv32); {20265#(and (= (_ bv0 32) |~#dev~0.offset|) (= |old(#valid)| |#valid|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,732 INFO L290 TraceCheckUtils]: 3: Hoare triple {20265#(and (= (_ bv0 32) |~#dev~0.offset|) (= |old(#valid)| |#valid|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} ~size := #in~size; {20265#(and (= (_ bv0 32) |~#dev~0.offset|) (= |old(#valid)| |#valid|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,733 INFO L290 TraceCheckUtils]: 4: Hoare triple {20265#(and (= (_ bv0 32) |~#dev~0.offset|) (= |old(#valid)| |#valid|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 != #t~nondet11;havoc #t~nondet11;call #t~malloc12.base, #t~malloc12.offset := #Ultimate.allocOnHeap(~size);#res.base, #res.offset := #t~malloc12.base, #t~malloc12.offset;havoc #t~malloc12.base, #t~malloc12.offset; {20272#(and (= (_ bv0 32) |~#dev~0.offset|) (exists ((v_ArrVal_668 (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_668)) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,735 INFO L290 TraceCheckUtils]: 5: Hoare triple {20272#(and (= (_ bv0 32) |~#dev~0.offset|) (exists ((v_ArrVal_668 (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_668)) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} assume true; {20272#(and (= (_ bv0 32) |~#dev~0.offset|) (exists ((v_ArrVal_668 (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_668)) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,739 INFO L284 TraceCheckUtils]: 6: Hoare quadruple {20272#(and (= (_ bv0 32) |~#dev~0.offset|) (exists ((v_ArrVal_668 (_ BitVec 32)) (|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (= |#length| (store |old(#length)| |ldv_malloc_#res.base| v_ArrVal_668)) (= (_ bv0 1) (select |old(#valid)| |ldv_malloc_#res.base|)) (not (= |ldv_malloc_#res.base| (_ bv0 32))))) (= (_ bv2 32) |~#dev~0.base|))} {20258#(and (= (_ bv1 1) (select |#valid| (_ bv1 32))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (select |#valid| (_ bv2 32)) (_ bv1 1)) (= (_ bv2 32) |~#dev~0.base|))} #276#return; {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,741 INFO L290 TraceCheckUtils]: 7: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} probe_23_~p~1#1.base, probe_23_~p~1#1.offset := probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset;havoc probe_23_#t~ret59#1.base, probe_23_#t~ret59#1.offset; {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,744 INFO L290 TraceCheckUtils]: 8: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume !(probe_23_~p~1#1.base == 0bv32 && probe_23_~p~1#1.offset == 0bv32); {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,745 INFO L272 TraceCheckUtils]: 9: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} call LDV_INIT_LIST_HEAD(probe_23_~p~1#1.base, ~bvadd32(4bv32, probe_23_~p~1#1.offset)); {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,747 INFO L290 TraceCheckUtils]: 10: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} ~list.base, ~list.offset := #in~list.base, #in~list.offset; {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,752 INFO L290 TraceCheckUtils]: 11: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~list.offset, 4bv32); srcloc: L540 {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,757 INFO L290 TraceCheckUtils]: 12: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(~list.base, ~list.offset, ~list.base, ~bvadd32(4bv32, ~list.offset), 4bv32); srcloc: L540-1 {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,760 INFO L290 TraceCheckUtils]: 13: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume true; {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,761 INFO L284 TraceCheckUtils]: 14: Hoare quadruple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} #278#return; {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,766 INFO L290 TraceCheckUtils]: 15: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(probe_23_~p~1#1.base, probe_23_~p~1#1.offset, probe_23_~dev#1.base, probe_23_~dev#1.offset, 4bv32); srcloc: L844-1 {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,767 INFO L290 TraceCheckUtils]: 16: Hoare triple {20279#(and (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (bvult |ldv_malloc_#res.base| |#StackHeapBarrier|) (not (= |ldv_malloc_#res.base| (_ bv1 32))) (not (= |ldv_malloc_#res.base| (_ bv0 32))) (not (= (_ bv2 32) |ldv_malloc_#res.base|)))) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_hid_open_report } true;hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset := probe_23_~dev#1.base, probe_23_~dev#1.offset;havoc hid_open_report_#res#1;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset, hid_open_report_#t~ret53#1, hid_open_report_#t~ret55#1, hid_open_report_#t~ret54#1, hid_open_report_#t~mem56#1.base, hid_open_report_#t~mem56#1.offset, hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;hid_open_report_~device#1.base, hid_open_report_~device#1.offset := hid_open_report_#in~device#1.base, hid_open_report_#in~device#1.offset;havoc hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset;call hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset := #Ultimate.allocOnStack(16bv32); {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,768 INFO L272 TraceCheckUtils]: 17: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} call hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset := ldv_zalloc(8bv32); {20314#(and (= (_ bv0 32) |~#dev~0.offset|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,769 INFO L290 TraceCheckUtils]: 18: Hoare triple {20314#(and (= (_ bv0 32) |~#dev~0.offset|) (= |#length| |old(#length)|) (= (_ bv2 32) |~#dev~0.base|))} ~size#1 := #in~size#1;call #t~malloc13#1.base, #t~malloc13#1.offset := #Ultimate.allocOnHeap(~size#1);assume { :begin_inline_#Ultimate.meminit } true;#Ultimate.meminit_#ptr#1.base, #Ultimate.meminit_#ptr#1.offset, #Ultimate.meminit_#amountOfFields#1, #Ultimate.meminit_#sizeOfFields#1, #Ultimate.meminit_#product#1 := #t~malloc13#1.base, #t~malloc13#1.offset, ~size#1, 1bv32, ~size#1;#memory_int := ~initToZeroAtPointerBaseAddress~int(#memory_int, #Ultimate.meminit_#ptr#1.base); {20318#(and (= (_ bv0 32) |~#dev~0.offset|) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| |ldv_zalloc_#in~size#1|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,769 INFO L290 TraceCheckUtils]: 19: Hoare triple {20318#(and (= (_ bv0 32) |~#dev~0.offset|) (= |#length| (store |old(#length)| |ldv_zalloc_#t~malloc13#1.base| |ldv_zalloc_#in~size#1|)) (= (_ bv2 32) |~#dev~0.base|))} assume { :end_inline_#Ultimate.meminit } true;#res#1.base, #res#1.offset := #t~malloc13#1.base, #t~malloc13#1.offset; {20322#(and (= (store |old(#length)| |ldv_zalloc_#res#1.base| |ldv_zalloc_#in~size#1|) |#length|) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,770 INFO L290 TraceCheckUtils]: 20: Hoare triple {20322#(and (= (store |old(#length)| |ldv_zalloc_#res#1.base| |ldv_zalloc_#in~size#1|) |#length|) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv2 32) |~#dev~0.base|))} assume true; {20322#(and (= (store |old(#length)| |ldv_zalloc_#res#1.base| |ldv_zalloc_#in~size#1|) |#length|) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,771 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {20322#(and (= (store |old(#length)| |ldv_zalloc_#res#1.base| |ldv_zalloc_#in~size#1|) |#length|) (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv2 32) |~#dev~0.base|))} {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} #280#return; {20329#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,771 INFO L290 TraceCheckUtils]: 22: Hoare triple {20329#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv8 32) (select |#length| |ULTIMATE.start_hid_open_report_#t~ret52#1.base|)) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset := hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset;havoc hid_open_report_#t~ret52#1.base, hid_open_report_#t~ret52#1.offset; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,772 INFO L290 TraceCheckUtils]: 23: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume !(hid_open_report_~parser~0#1.base == 0bv32 && hid_open_report_~parser~0#1.offset == 0bv32); {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,772 INFO L290 TraceCheckUtils]: 24: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~$Pointer$(hid_open_report_~device#1.base, hid_open_report_~device#1.offset, hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset, 4bv32); srcloc: L820 {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,773 INFO L290 TraceCheckUtils]: 25: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_ldv_positive } true;havoc ldv_positive_#res#1;havoc ldv_positive_#t~nondet4#1, ldv_positive_~r~1#1;ldv_positive_~r~1#1 := ldv_positive_#t~nondet4#1;havoc ldv_positive_#t~nondet4#1; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,773 INFO L290 TraceCheckUtils]: 26: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume !~bvsgt32(ldv_positive_~r~1#1, 0bv32);ldv_positive_#res#1 := 1bv32; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,773 INFO L290 TraceCheckUtils]: 27: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_#t~ret53#1 := ldv_positive_#res#1;assume { :end_inline_ldv_positive } true; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,774 INFO L290 TraceCheckUtils]: 28: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} SUMMARY for call write~intINTTYPE4(hid_open_report_#t~ret53#1, hid_open_report_~parser~0#1.base, ~bvadd32(4bv32, hid_open_report_~parser~0#1.offset), 4bv32); srcloc: L821 {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,775 INFO L290 TraceCheckUtils]: 29: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} havoc hid_open_report_#t~ret53#1; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,775 INFO L290 TraceCheckUtils]: 30: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume { :begin_inline_fetch_item } true;fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset := hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset;havoc fetch_item_#res#1;havoc fetch_item_#t~nondet38#1, fetch_item_#t~nondet39#1, fetch_item_#t~nondet40#1, fetch_item_#t~nondet41#1, fetch_item_~item#1.base, fetch_item_~item#1.offset;fetch_item_~item#1.base, fetch_item_~item#1.offset := fetch_item_#in~item#1.base, fetch_item_#in~item#1.offset; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,775 INFO L290 TraceCheckUtils]: 31: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 != fetch_item_#t~nondet38#1;havoc fetch_item_#t~nondet38#1;fetch_item_#res#1 := 4294967295bv32; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,776 INFO L290 TraceCheckUtils]: 32: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} hid_open_report_#t~ret54#1 := fetch_item_#res#1;assume { :end_inline_fetch_item } true; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,776 INFO L290 TraceCheckUtils]: 33: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume !(4294967295bv32 != hid_open_report_#t~ret54#1);havoc hid_open_report_#t~ret54#1; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,777 INFO L290 TraceCheckUtils]: 34: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == hid_open_report_~parser~0#1.offset; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,777 INFO L290 TraceCheckUtils]: 35: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume ~bvult32(hid_open_report_~parser~0#1.base, #StackHeapBarrier); {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,777 INFO L290 TraceCheckUtils]: 36: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == hid_open_report_~parser~0#1.base || 1bv1 == #valid[hid_open_report_~parser~0#1.base];call ULTIMATE.dealloc(hid_open_report_~parser~0#1.base, hid_open_report_~parser~0#1.offset);hid_open_report_#res#1 := 0bv32;call ULTIMATE.dealloc(hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset);havoc hid_open_report_~#item~0#1.base, hid_open_report_~#item~0#1.offset; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,778 INFO L290 TraceCheckUtils]: 37: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} probe_23_#t~ret60#1 := hid_open_report_#res#1;assume { :end_inline_hid_open_report } true;probe_23_~ret~0#1 := probe_23_#t~ret60#1;havoc probe_23_#t~ret60#1; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,778 INFO L290 TraceCheckUtils]: 38: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume !~bvslt32(probe_23_~ret~0#1, 0bv32);probe_23_#res#1 := 0bv32; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,779 INFO L290 TraceCheckUtils]: 39: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} entry_point_#t~ret61#1 := probe_23_#res#1;assume { :end_inline_probe_23 } true;entry_point_~ret~1#1 := entry_point_#t~ret61#1;havoc entry_point_#t~ret61#1; {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} is VALID [2022-02-20 23:53:32,779 INFO L290 TraceCheckUtils]: 40: Hoare triple {20310#(and (= (_ bv0 32) |~#dev~0.offset|) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= (_ bv2 32) |~#dev~0.base|))} assume 0bv32 == entry_point_~ret~1#1;assume { :begin_inline_disconnect_23 } true;disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset := ~#dev~0.base, ~#dev~0.offset;havoc disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset := disconnect_23_#in~dev#1.base, disconnect_23_#in~dev#1.offset;assume { :begin_inline_disconnect_device } true;disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset := disconnect_23_~dev#1.base, disconnect_23_~dev#1.offset;havoc disconnect_device_#t~mem57#1.base, disconnect_device_#t~mem57#1.offset, disconnect_device_#t~mem58#1.base, disconnect_device_#t~mem58#1.offset, disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset;disconnect_device_~dev#1.base, disconnect_device_~dev#1.offset := disconnect_device_#in~dev#1.base, disconnect_device_#in~dev#1.offset; {20387#(and (= |ULTIMATE.start_disconnect_device_~dev#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_disconnect_device_~dev#1.base| (_ bv2 32)))} is VALID [2022-02-20 23:53:32,780 INFO L290 TraceCheckUtils]: 41: Hoare triple {20387#(and (= |ULTIMATE.start_disconnect_device_~dev#1.offset| (_ bv0 32)) (= (_ bv8 32) (select |#length| (_ bv2 32))) (= |ULTIMATE.start_disconnect_device_~dev#1.base| (_ bv2 32)))} assume !((~bvule32(~bvadd32(4bv32, disconnect_device_~dev#1.offset), #length[disconnect_device_~dev#1.base]) && ~bvule32(disconnect_device_~dev#1.offset, ~bvadd32(4bv32, disconnect_device_~dev#1.offset))) && ~bvule32(0bv32, disconnect_device_~dev#1.offset)); {20254#false} is VALID [2022-02-20 23:53:32,780 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:53:32,780 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-02-20 23:53:32,780 INFO L144 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-02-20 23:53:32,780 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [866417827] [2022-02-20 23:53:32,780 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleMathsat [866417827] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:53:32,780 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:53:32,780 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-02-20 23:53:32,780 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1156134945] [2022-02-20 23:53:32,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:53:32,781 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 42 [2022-02-20 23:53:32,781 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:53:32,781 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:32,847 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 42 edges. 42 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:53:32,848 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-02-20 23:53:32,848 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-02-20 23:53:32,848 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-02-20 23:53:32,848 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=107, Unknown=0, NotChecked=0, Total=132 [2022-02-20 23:53:32,848 INFO L87 Difference]: Start difference. First operand 268 states and 311 transitions. Second operand has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:36,777 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:53:36,777 INFO L93 Difference]: Finished difference Result 276 states and 317 transitions. [2022-02-20 23:53:36,777 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-02-20 23:53:36,777 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 42 [2022-02-20 23:53:36,777 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:53:36,777 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:36,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 208 transitions. [2022-02-20 23:53:36,779 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 11 states have (on average 3.272727272727273) internal successors, (36), 9 states have internal predecessors, (36), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-02-20 23:53:36,780 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 208 transitions. [2022-02-20 23:53:36,780 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 13 states and 208 transitions.