./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/memsafety-ext2/split_list_test05-1.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/memsafety-ext2/split_list_test05-1.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 753b20bc59ec3e8b11fc0f1b54dadf2ece41f6cecc7eda05bde7d4413de53136 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:47:32,481 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:47:32,483 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:47:32,520 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:47:32,521 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:47:32,523 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:47:32,524 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:47:32,526 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:47:32,528 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:47:32,532 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:47:32,532 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:47:32,533 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:47:32,534 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:47:32,536 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:47:32,537 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:47:32,539 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:47:32,540 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:47:32,541 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:47:32,542 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:47:32,547 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:47:32,548 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:47:32,548 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:47:32,550 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:47:32,551 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:47:32,556 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:47:32,556 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:47:32,556 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:47:32,558 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:47:32,558 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:47:32,559 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:47:32,559 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:47:32,560 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:47:32,561 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:47:32,562 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:47:32,563 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:47:32,563 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:47:32,564 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:47:32,564 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:47:32,564 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:47:32,565 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:47:32,565 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:47:32,567 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:47:32,591 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:47:32,592 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:47:32,592 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:47:32,592 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:47:32,593 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:47:32,593 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:47:32,594 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:47:32,594 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:47:32,594 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:47:32,594 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:47:32,595 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:47:32,595 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:47:32,595 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:47:32,595 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:47:32,596 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:47:32,597 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:47:32,597 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:47:32,597 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:47:32,597 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:47:32,597 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:47:32,597 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:47:32,598 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:47:32,598 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:47:32,598 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:47:32,598 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 753b20bc59ec3e8b11fc0f1b54dadf2ece41f6cecc7eda05bde7d4413de53136 [2022-02-20 23:47:32,805 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:47:32,826 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:47:32,828 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:47:32,830 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:47:32,830 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:47:32,831 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/memsafety-ext2/split_list_test05-1.i [2022-02-20 23:47:32,891 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c54e21e32/b2260ce536a64edcbdb9596ed47ad903/FLAGab9edd7b9 [2022-02-20 23:47:33,246 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:47:33,247 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/memsafety-ext2/split_list_test05-1.i [2022-02-20 23:47:33,261 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c54e21e32/b2260ce536a64edcbdb9596ed47ad903/FLAGab9edd7b9 [2022-02-20 23:47:33,632 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c54e21e32/b2260ce536a64edcbdb9596ed47ad903 [2022-02-20 23:47:33,634 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:47:33,635 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:47:33,637 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:47:33,637 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:47:33,639 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:47:33,640 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:47:33" (1/1) ... [2022-02-20 23:47:33,641 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@14508c9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:33, skipping insertion in model container [2022-02-20 23:47:33,641 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:47:33" (1/1) ... [2022-02-20 23:47:33,646 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:47:33,668 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:47:33,990 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:47:34,002 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:47:34,041 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:47:34,074 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:47:34,077 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34 WrapperNode [2022-02-20 23:47:34,077 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:47:34,078 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:47:34,078 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:47:34,079 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:47:34,085 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,115 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,161 INFO L137 Inliner]: procedures = 125, calls = 94, calls flagged for inlining = 4, calls inlined = 4, statements flattened = 304 [2022-02-20 23:47:34,165 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:47:34,166 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:47:34,166 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:47:34,167 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:47:34,173 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,173 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,188 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,189 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,201 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,213 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,215 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,218 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:47:34,219 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:47:34,219 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:47:34,219 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:47:34,222 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (1/1) ... [2022-02-20 23:47:34,228 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:47:34,237 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:47:34,248 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:47:34,255 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:47:34,285 INFO L130 BoogieDeclarations]: Found specification of procedure read~int [2022-02-20 23:47:34,285 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2022-02-20 23:47:34,285 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:47:34,286 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:47:34,286 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:47:34,287 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:47:34,287 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:47:34,287 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 23:47:34,287 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:47:34,287 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:47:34,288 INFO L130 BoogieDeclarations]: Found specification of procedure append [2022-02-20 23:47:34,288 INFO L138 BoogieDeclarations]: Found implementation of procedure append [2022-02-20 23:47:34,366 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:47:34,367 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:47:35,138 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:47:35,158 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:47:35,159 INFO L299 CfgBuilder]: Removed 11 assume(true) statements. [2022-02-20 23:47:35,161 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:47:35 BoogieIcfgContainer [2022-02-20 23:47:35,161 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:47:35,162 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:47:35,162 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:47:35,165 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:47:35,165 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:47:33" (1/3) ... [2022-02-20 23:47:35,166 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@feedf87 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:47:35, skipping insertion in model container [2022-02-20 23:47:35,166 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:47:34" (2/3) ... [2022-02-20 23:47:35,166 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@feedf87 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:47:35, skipping insertion in model container [2022-02-20 23:47:35,167 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:47:35" (3/3) ... [2022-02-20 23:47:35,168 INFO L111 eAbstractionObserver]: Analyzing ICFG split_list_test05-1.i [2022-02-20 23:47:35,173 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:47:35,173 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 147 error locations. [2022-02-20 23:47:35,208 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:47:35,213 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:47:35,213 INFO L340 AbstractCegarLoop]: Starting to check reachability of 147 error locations. [2022-02-20 23:47:35,233 INFO L276 IsEmpty]: Start isEmpty. Operand has 323 states, 160 states have (on average 2.1375) internal successors, (342), 309 states have internal predecessors, (342), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:35,237 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2022-02-20 23:47:35,237 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:35,237 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1] [2022-02-20 23:47:35,238 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:35,241 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:35,242 INFO L85 PathProgramCache]: Analyzing trace with hash 29857, now seen corresponding path program 1 times [2022-02-20 23:47:35,249 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:35,249 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [110204463] [2022-02-20 23:47:35,250 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:35,251 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:35,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:35,388 INFO L290 TraceCheckUtils]: 0: Hoare triple {326#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {326#true} is VALID [2022-02-20 23:47:35,390 INFO L290 TraceCheckUtils]: 1: Hoare triple {326#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {328#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:35,391 INFO L290 TraceCheckUtils]: 2: Hoare triple {328#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} assume !(1 == #valid[main_~list~0#1.base]); {327#false} is VALID [2022-02-20 23:47:35,401 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:35,401 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:35,401 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [110204463] [2022-02-20 23:47:35,402 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [110204463] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:35,402 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:35,403 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:47:35,405 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [279548803] [2022-02-20 23:47:35,406 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:35,410 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2022-02-20 23:47:35,411 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:35,413 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:35,418 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 3 edges. 3 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:35,419 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:47:35,419 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:35,437 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:47:35,438 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:35,447 INFO L87 Difference]: Start difference. First operand has 323 states, 160 states have (on average 2.1375) internal successors, (342), 309 states have internal predecessors, (342), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:36,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:36,203 INFO L93 Difference]: Finished difference Result 548 states and 601 transitions. [2022-02-20 23:47:36,203 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:47:36,203 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2022-02-20 23:47:36,203 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:36,204 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:36,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 622 transitions. [2022-02-20 23:47:36,223 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:36,234 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 622 transitions. [2022-02-20 23:47:36,234 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 622 transitions. [2022-02-20 23:47:36,664 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 622 edges. 622 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:36,696 INFO L225 Difference]: With dead ends: 548 [2022-02-20 23:47:36,697 INFO L226 Difference]: Without dead ends: 546 [2022-02-20 23:47:36,698 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:36,712 INFO L933 BasicCegarLoop]: 245 mSDtfsCounter, 246 mSDsluCounter, 204 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 246 SdHoareTripleChecker+Valid, 449 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:36,713 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [246 Valid, 449 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:47:36,729 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 546 states. [2022-02-20 23:47:36,756 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 546 to 407. [2022-02-20 23:47:36,756 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:36,758 INFO L82 GeneralOperation]: Start isEquivalent. First operand 546 states. Second operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:36,761 INFO L74 IsIncluded]: Start isIncluded. First operand 546 states. Second operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:36,763 INFO L87 Difference]: Start difference. First operand 546 states. Second operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:36,783 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:36,783 INFO L93 Difference]: Finished difference Result 546 states and 599 transitions. [2022-02-20 23:47:36,783 INFO L276 IsEmpty]: Start isEmpty. Operand 546 states and 599 transitions. [2022-02-20 23:47:36,788 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:36,789 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:36,790 INFO L74 IsIncluded]: Start isIncluded. First operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 546 states. [2022-02-20 23:47:36,791 INFO L87 Difference]: Start difference. First operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 546 states. [2022-02-20 23:47:36,810 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:36,810 INFO L93 Difference]: Finished difference Result 546 states and 599 transitions. [2022-02-20 23:47:36,810 INFO L276 IsEmpty]: Start isEmpty. Operand 546 states and 599 transitions. [2022-02-20 23:47:36,812 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:36,813 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:36,813 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:36,813 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:36,814 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 407 states, 247 states have (on average 2.0890688259109313) internal successors, (516), 393 states have internal predecessors, (516), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:36,826 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 407 states to 407 states and 544 transitions. [2022-02-20 23:47:36,828 INFO L78 Accepts]: Start accepts. Automaton has 407 states and 544 transitions. Word has length 3 [2022-02-20 23:47:36,828 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:36,828 INFO L470 AbstractCegarLoop]: Abstraction has 407 states and 544 transitions. [2022-02-20 23:47:36,828 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:36,829 INFO L276 IsEmpty]: Start isEmpty. Operand 407 states and 544 transitions. [2022-02-20 23:47:36,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2022-02-20 23:47:36,829 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:36,829 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1] [2022-02-20 23:47:36,829 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 23:47:36,830 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:36,830 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:36,830 INFO L85 PathProgramCache]: Analyzing trace with hash 29858, now seen corresponding path program 1 times [2022-02-20 23:47:36,831 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:36,831 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2079531090] [2022-02-20 23:47:36,831 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:36,831 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:36,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:36,862 INFO L290 TraceCheckUtils]: 0: Hoare triple {2378#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {2378#true} is VALID [2022-02-20 23:47:36,863 INFO L290 TraceCheckUtils]: 1: Hoare triple {2378#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {2380#(and (= (+ (select |#length| |ULTIMATE.start_main_~list~0#1.base|) (- 8)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:36,865 INFO L290 TraceCheckUtils]: 2: Hoare triple {2380#(and (= (+ (select |#length| |ULTIMATE.start_main_~list~0#1.base|) (- 8)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(4 + main_~list~0#1.offset <= #length[main_~list~0#1.base] && 0 <= main_~list~0#1.offset); {2379#false} is VALID [2022-02-20 23:47:36,866 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:36,866 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:36,866 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2079531090] [2022-02-20 23:47:36,866 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2079531090] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:36,866 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:36,866 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:47:36,867 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1119984334] [2022-02-20 23:47:36,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:36,868 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2022-02-20 23:47:36,868 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:36,868 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:36,871 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 3 edges. 3 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:36,871 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:47:36,871 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:36,872 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:47:36,872 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:36,872 INFO L87 Difference]: Start difference. First operand 407 states and 544 transitions. Second operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:37,272 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:37,272 INFO L93 Difference]: Finished difference Result 408 states and 547 transitions. [2022-02-20 23:47:37,272 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:47:37,272 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2022-02-20 23:47:37,273 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:37,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:37,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 360 transitions. [2022-02-20 23:47:37,277 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:37,279 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 360 transitions. [2022-02-20 23:47:37,280 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 360 transitions. [2022-02-20 23:47:37,499 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 360 edges. 360 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:37,507 INFO L225 Difference]: With dead ends: 408 [2022-02-20 23:47:37,507 INFO L226 Difference]: Without dead ends: 408 [2022-02-20 23:47:37,508 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:37,508 INFO L933 BasicCegarLoop]: 352 mSDtfsCounter, 6 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 137 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 567 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 137 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:37,509 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [6 Valid, 567 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 137 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:47:37,510 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 408 states. [2022-02-20 23:47:37,517 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 408 to 405. [2022-02-20 23:47:37,517 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:37,518 INFO L82 GeneralOperation]: Start isEquivalent. First operand 408 states. Second operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:37,519 INFO L74 IsIncluded]: Start isIncluded. First operand 408 states. Second operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:37,519 INFO L87 Difference]: Start difference. First operand 408 states. Second operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:37,533 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:37,533 INFO L93 Difference]: Finished difference Result 408 states and 547 transitions. [2022-02-20 23:47:37,533 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 547 transitions. [2022-02-20 23:47:37,534 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:37,534 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:37,535 INFO L74 IsIncluded]: Start isIncluded. First operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 408 states. [2022-02-20 23:47:37,536 INFO L87 Difference]: Start difference. First operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 408 states. [2022-02-20 23:47:37,549 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:37,549 INFO L93 Difference]: Finished difference Result 408 states and 547 transitions. [2022-02-20 23:47:37,549 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 547 transitions. [2022-02-20 23:47:37,550 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:37,550 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:37,550 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:37,550 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:37,551 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 247 states have (on average 2.080971659919028) internal successors, (514), 391 states have internal predecessors, (514), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:37,564 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 542 transitions. [2022-02-20 23:47:37,564 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 542 transitions. Word has length 3 [2022-02-20 23:47:37,564 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:37,564 INFO L470 AbstractCegarLoop]: Abstraction has 405 states and 542 transitions. [2022-02-20 23:47:37,565 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 1.5) internal successors, (3), 3 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:37,565 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 542 transitions. [2022-02-20 23:47:37,565 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2022-02-20 23:47:37,565 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:37,565 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:37,565 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 23:47:37,565 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting appendErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:37,566 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:37,566 INFO L85 PathProgramCache]: Analyzing trace with hash 1117390162, now seen corresponding path program 1 times [2022-02-20 23:47:37,566 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:37,566 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [279674517] [2022-02-20 23:47:37,566 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:37,566 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:37,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 0: Hoare triple {4012#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {4012#true} is VALID [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 1: Hoare triple {4012#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {4012#true} is VALID [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 2: Hoare triple {4012#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {4012#true} is VALID [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 3: Hoare triple {4012#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {4012#true} is VALID [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 4: Hoare triple {4012#true} havoc main_~userInput~0#1; {4012#true} is VALID [2022-02-20 23:47:37,613 INFO L290 TraceCheckUtils]: 5: Hoare triple {4012#true} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {4012#true} is VALID [2022-02-20 23:47:37,614 INFO L290 TraceCheckUtils]: 6: Hoare triple {4012#true} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {4012#true} is VALID [2022-02-20 23:47:37,614 INFO L272 TraceCheckUtils]: 7: Hoare triple {4012#true} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {4012#true} is VALID [2022-02-20 23:47:37,615 INFO L290 TraceCheckUtils]: 8: Hoare triple {4012#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {4014#(= (select |#valid| append_~node~0.base) 1)} is VALID [2022-02-20 23:47:37,615 INFO L290 TraceCheckUtils]: 9: Hoare triple {4014#(= (select |#valid| append_~node~0.base) 1)} assume !(1 == #valid[~node~0.base]); {4013#false} is VALID [2022-02-20 23:47:37,615 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:37,615 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:37,615 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [279674517] [2022-02-20 23:47:37,615 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [279674517] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:37,616 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:37,616 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:47:37,616 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1973861892] [2022-02-20 23:47:37,616 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:37,617 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:47:37,617 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:37,617 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:37,623 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:37,623 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:47:37,623 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:37,624 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:47:37,624 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:37,624 INFO L87 Difference]: Start difference. First operand 405 states and 542 transitions. Second operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:38,016 INFO L93 Difference]: Finished difference Result 400 states and 537 transitions. [2022-02-20 23:47:38,016 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:47:38,016 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:47:38,016 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:38,017 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 353 transitions. [2022-02-20 23:47:38,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 353 transitions. [2022-02-20 23:47:38,023 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 353 transitions. [2022-02-20 23:47:38,232 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 353 edges. 353 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:38,249 INFO L225 Difference]: With dead ends: 400 [2022-02-20 23:47:38,249 INFO L226 Difference]: Without dead ends: 400 [2022-02-20 23:47:38,250 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:38,250 INFO L933 BasicCegarLoop]: 322 mSDtfsCounter, 43 mSDsluCounter, 175 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 497 SdHoareTripleChecker+Invalid, 159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:38,251 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [43 Valid, 497 Invalid, 159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:47:38,252 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 400 states. [2022-02-20 23:47:38,257 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 400 to 400. [2022-02-20 23:47:38,257 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:38,258 INFO L82 GeneralOperation]: Start isEquivalent. First operand 400 states. Second operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:38,259 INFO L74 IsIncluded]: Start isIncluded. First operand 400 states. Second operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:38,259 INFO L87 Difference]: Start difference. First operand 400 states. Second operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:38,281 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:38,281 INFO L93 Difference]: Finished difference Result 400 states and 537 transitions. [2022-02-20 23:47:38,282 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 537 transitions. [2022-02-20 23:47:38,283 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:38,283 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:38,284 INFO L74 IsIncluded]: Start isIncluded. First operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 400 states. [2022-02-20 23:47:38,285 INFO L87 Difference]: Start difference. First operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 400 states. [2022-02-20 23:47:38,299 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:38,300 INFO L93 Difference]: Finished difference Result 400 states and 537 transitions. [2022-02-20 23:47:38,300 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 537 transitions. [2022-02-20 23:47:38,301 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:38,301 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:38,301 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:38,301 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:38,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 247 states have (on average 2.0607287449392713) internal successors, (509), 386 states have internal predecessors, (509), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:38,310 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 537 transitions. [2022-02-20 23:47:38,310 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 537 transitions. Word has length 10 [2022-02-20 23:47:38,311 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:38,311 INFO L470 AbstractCegarLoop]: Abstraction has 400 states and 537 transitions. [2022-02-20 23:47:38,311 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,311 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 537 transitions. [2022-02-20 23:47:38,311 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2022-02-20 23:47:38,311 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:38,312 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:38,312 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 23:47:38,312 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting appendErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:38,312 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:38,313 INFO L85 PathProgramCache]: Analyzing trace with hash 1117390163, now seen corresponding path program 1 times [2022-02-20 23:47:38,313 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:38,313 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1594005683] [2022-02-20 23:47:38,313 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:38,313 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:38,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:38,365 INFO L290 TraceCheckUtils]: 0: Hoare triple {5617#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {5617#true} is VALID [2022-02-20 23:47:38,365 INFO L290 TraceCheckUtils]: 1: Hoare triple {5617#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {5617#true} is VALID [2022-02-20 23:47:38,365 INFO L290 TraceCheckUtils]: 2: Hoare triple {5617#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {5617#true} is VALID [2022-02-20 23:47:38,366 INFO L290 TraceCheckUtils]: 3: Hoare triple {5617#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {5617#true} is VALID [2022-02-20 23:47:38,366 INFO L290 TraceCheckUtils]: 4: Hoare triple {5617#true} havoc main_~userInput~0#1; {5617#true} is VALID [2022-02-20 23:47:38,366 INFO L290 TraceCheckUtils]: 5: Hoare triple {5617#true} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {5617#true} is VALID [2022-02-20 23:47:38,366 INFO L290 TraceCheckUtils]: 6: Hoare triple {5617#true} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {5617#true} is VALID [2022-02-20 23:47:38,366 INFO L272 TraceCheckUtils]: 7: Hoare triple {5617#true} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {5617#true} is VALID [2022-02-20 23:47:38,367 INFO L290 TraceCheckUtils]: 8: Hoare triple {5617#true} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {5619#(and (= (+ (- 9) (select |#length| append_~node~0.base)) 0) (= append_~node~0.offset 0))} is VALID [2022-02-20 23:47:38,368 INFO L290 TraceCheckUtils]: 9: Hoare triple {5619#(and (= (+ (- 9) (select |#length| append_~node~0.base)) 0) (= append_~node~0.offset 0))} assume !(1 + ~node~0.offset <= #length[~node~0.base] && 0 <= ~node~0.offset); {5618#false} is VALID [2022-02-20 23:47:38,368 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:38,368 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:38,368 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1594005683] [2022-02-20 23:47:38,368 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1594005683] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:38,368 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:38,368 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:47:38,369 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1947013529] [2022-02-20 23:47:38,369 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:38,369 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:47:38,369 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:38,369 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,375 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:38,375 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:47:38,376 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:38,376 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:47:38,376 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:38,376 INFO L87 Difference]: Start difference. First operand 400 states and 537 transitions. Second operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:38,781 INFO L93 Difference]: Finished difference Result 395 states and 532 transitions. [2022-02-20 23:47:38,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:47:38,781 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:47:38,781 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:38,781 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,783 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 348 transitions. [2022-02-20 23:47:38,783 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:38,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 348 transitions. [2022-02-20 23:47:38,785 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 348 transitions. [2022-02-20 23:47:38,991 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 348 edges. 348 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:38,997 INFO L225 Difference]: With dead ends: 395 [2022-02-20 23:47:38,998 INFO L226 Difference]: Without dead ends: 395 [2022-02-20 23:47:38,998 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:47:38,999 INFO L933 BasicCegarLoop]: 322 mSDtfsCounter, 38 mSDsluCounter, 188 mSDsCounter, 0 mSdLazyCounter, 137 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 510 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 137 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:38,999 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [38 Valid, 510 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 137 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:47:39,000 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 395 states. [2022-02-20 23:47:39,004 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 395 to 395. [2022-02-20 23:47:39,004 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:39,005 INFO L82 GeneralOperation]: Start isEquivalent. First operand 395 states. Second operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:39,006 INFO L74 IsIncluded]: Start isIncluded. First operand 395 states. Second operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:39,006 INFO L87 Difference]: Start difference. First operand 395 states. Second operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:39,014 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:39,014 INFO L93 Difference]: Finished difference Result 395 states and 532 transitions. [2022-02-20 23:47:39,014 INFO L276 IsEmpty]: Start isEmpty. Operand 395 states and 532 transitions. [2022-02-20 23:47:39,015 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:39,016 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:39,016 INFO L74 IsIncluded]: Start isIncluded. First operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 395 states. [2022-02-20 23:47:39,017 INFO L87 Difference]: Start difference. First operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 395 states. [2022-02-20 23:47:39,025 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:39,025 INFO L93 Difference]: Finished difference Result 395 states and 532 transitions. [2022-02-20 23:47:39,025 INFO L276 IsEmpty]: Start isEmpty. Operand 395 states and 532 transitions. [2022-02-20 23:47:39,026 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:39,026 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:39,026 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:39,026 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:39,027 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 395 states, 247 states have (on average 2.0404858299595143) internal successors, (504), 381 states have internal predecessors, (504), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:39,034 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 395 states to 395 states and 532 transitions. [2022-02-20 23:47:39,035 INFO L78 Accepts]: Start accepts. Automaton has 395 states and 532 transitions. Word has length 10 [2022-02-20 23:47:39,035 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:39,035 INFO L470 AbstractCegarLoop]: Abstraction has 395 states and 532 transitions. [2022-02-20 23:47:39,035 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 4.5) internal successors, (9), 3 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:39,035 INFO L276 IsEmpty]: Start isEmpty. Operand 395 states and 532 transitions. [2022-02-20 23:47:39,035 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:47:39,035 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:39,035 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:39,035 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 23:47:39,036 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting appendErr2REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:39,036 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:39,036 INFO L85 PathProgramCache]: Analyzing trace with hash 279357079, now seen corresponding path program 1 times [2022-02-20 23:47:39,036 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:39,036 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [91626875] [2022-02-20 23:47:39,036 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:39,036 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:39,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:39,091 INFO L290 TraceCheckUtils]: 0: Hoare triple {7202#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {7202#true} is VALID [2022-02-20 23:47:39,091 INFO L290 TraceCheckUtils]: 1: Hoare triple {7202#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {7202#true} is VALID [2022-02-20 23:47:39,092 INFO L290 TraceCheckUtils]: 2: Hoare triple {7202#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:39,092 INFO L290 TraceCheckUtils]: 3: Hoare triple {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:39,092 INFO L290 TraceCheckUtils]: 4: Hoare triple {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} havoc main_~userInput~0#1; {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:39,093 INFO L290 TraceCheckUtils]: 5: Hoare triple {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:39,093 INFO L290 TraceCheckUtils]: 6: Hoare triple {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} is VALID [2022-02-20 23:47:39,094 INFO L272 TraceCheckUtils]: 7: Hoare triple {7204#(= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1)} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {7205#(= (select |#valid| |append_#in~head.base|) 1)} is VALID [2022-02-20 23:47:39,094 INFO L290 TraceCheckUtils]: 8: Hoare triple {7205#(= (select |#valid| |append_#in~head.base|) 1)} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {7206#(or (= append_~node~0.base append_~head.base) (= (select |#valid| append_~head.base) 1))} is VALID [2022-02-20 23:47:39,095 INFO L290 TraceCheckUtils]: 9: Hoare triple {7206#(or (= append_~node~0.base append_~head.base) (= (select |#valid| append_~head.base) 1))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {7207#(= (select |#valid| append_~head.base) 1)} is VALID [2022-02-20 23:47:39,095 INFO L290 TraceCheckUtils]: 10: Hoare triple {7207#(= (select |#valid| append_~head.base) 1)} assume !(1 == #valid[~head.base]); {7203#false} is VALID [2022-02-20 23:47:39,095 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:39,096 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:39,096 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [91626875] [2022-02-20 23:47:39,096 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [91626875] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:39,096 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:39,096 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:47:39,096 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [429755813] [2022-02-20 23:47:39,096 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:39,096 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:47:39,096 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:39,097 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:39,105 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:39,105 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:47:39,105 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:39,105 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:47:39,105 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:47:39,106 INFO L87 Difference]: Start difference. First operand 395 states and 532 transitions. Second operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:40,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:40,442 INFO L93 Difference]: Finished difference Result 523 states and 574 transitions. [2022-02-20 23:47:40,442 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:47:40,442 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:47:40,442 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:40,442 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:40,445 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 582 transitions. [2022-02-20 23:47:40,446 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:40,448 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 582 transitions. [2022-02-20 23:47:40,449 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 582 transitions. [2022-02-20 23:47:40,794 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 582 edges. 582 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:40,803 INFO L225 Difference]: With dead ends: 523 [2022-02-20 23:47:40,803 INFO L226 Difference]: Without dead ends: 523 [2022-02-20 23:47:40,804 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:47:40,804 INFO L933 BasicCegarLoop]: 186 mSDtfsCounter, 318 mSDsluCounter, 620 mSDsCounter, 0 mSdLazyCounter, 716 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 318 SdHoareTripleChecker+Valid, 806 SdHoareTripleChecker+Invalid, 753 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 716 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:40,804 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [318 Valid, 806 Invalid, 753 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 716 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-02-20 23:47:40,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 523 states. [2022-02-20 23:47:40,813 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 523 to 387. [2022-02-20 23:47:40,814 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:40,815 INFO L82 GeneralOperation]: Start isEquivalent. First operand 523 states. Second operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:40,817 INFO L74 IsIncluded]: Start isIncluded. First operand 523 states. Second operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:40,818 INFO L87 Difference]: Start difference. First operand 523 states. Second operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:40,830 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:40,830 INFO L93 Difference]: Finished difference Result 523 states and 574 transitions. [2022-02-20 23:47:40,830 INFO L276 IsEmpty]: Start isEmpty. Operand 523 states and 574 transitions. [2022-02-20 23:47:40,832 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:40,832 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:40,833 INFO L74 IsIncluded]: Start isIncluded. First operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 523 states. [2022-02-20 23:47:40,834 INFO L87 Difference]: Start difference. First operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 523 states. [2022-02-20 23:47:40,845 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:40,845 INFO L93 Difference]: Finished difference Result 523 states and 574 transitions. [2022-02-20 23:47:40,846 INFO L276 IsEmpty]: Start isEmpty. Operand 523 states and 574 transitions. [2022-02-20 23:47:40,847 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:40,847 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:40,847 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:40,847 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:40,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 387 states, 247 states have (on average 2.0080971659919027) internal successors, (496), 373 states have internal predecessors, (496), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:40,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 387 states to 387 states and 524 transitions. [2022-02-20 23:47:40,856 INFO L78 Accepts]: Start accepts. Automaton has 387 states and 524 transitions. Word has length 11 [2022-02-20 23:47:40,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:40,856 INFO L470 AbstractCegarLoop]: Abstraction has 387 states and 524 transitions. [2022-02-20 23:47:40,856 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:40,856 INFO L276 IsEmpty]: Start isEmpty. Operand 387 states and 524 transitions. [2022-02-20 23:47:40,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:47:40,857 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:40,857 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:40,857 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 23:47:40,857 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting appendErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:40,858 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:40,858 INFO L85 PathProgramCache]: Analyzing trace with hash 279357080, now seen corresponding path program 1 times [2022-02-20 23:47:40,858 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:40,858 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [285469504] [2022-02-20 23:47:40,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:40,858 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:40,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:40,964 INFO L290 TraceCheckUtils]: 0: Hoare triple {9168#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {9168#true} is VALID [2022-02-20 23:47:40,966 INFO L290 TraceCheckUtils]: 1: Hoare triple {9168#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {9170#(and (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,966 INFO L290 TraceCheckUtils]: 2: Hoare triple {9170#(and (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,967 INFO L290 TraceCheckUtils]: 3: Hoare triple {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,967 INFO L290 TraceCheckUtils]: 4: Hoare triple {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,968 INFO L290 TraceCheckUtils]: 5: Hoare triple {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,968 INFO L290 TraceCheckUtils]: 6: Hoare triple {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:40,969 INFO L272 TraceCheckUtils]: 7: Hoare triple {9171#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 8 (select |#length| |ULTIMATE.start_main_~list~0#1.base|)) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {9172#(and (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0) (= 8 (select |#length| |append_#in~head.base|)))} is VALID [2022-02-20 23:47:40,970 INFO L290 TraceCheckUtils]: 8: Hoare triple {9172#(and (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0) (= 8 (select |#length| |append_#in~head.base|)))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {9173#(and (= (select |#length| append_~head.base) 8) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:40,971 INFO L290 TraceCheckUtils]: 9: Hoare triple {9173#(and (= (select |#length| append_~head.base) 8) (= append_~head.offset 0))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {9173#(and (= (select |#length| append_~head.base) 8) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:40,971 INFO L290 TraceCheckUtils]: 10: Hoare triple {9173#(and (= (select |#length| append_~head.base) 8) (= append_~head.offset 0))} assume !(4 + ~head.offset <= #length[~head.base] && 0 <= ~head.offset); {9169#false} is VALID [2022-02-20 23:47:40,972 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:40,972 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:40,972 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [285469504] [2022-02-20 23:47:40,972 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [285469504] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:40,972 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:40,972 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:47:40,973 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [830130697] [2022-02-20 23:47:40,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:40,973 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:47:40,973 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:40,974 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:40,981 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:40,982 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:47:40,982 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:40,983 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:47:40,983 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:47:40,983 INFO L87 Difference]: Start difference. First operand 387 states and 524 transitions. Second operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:42,457 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:42,457 INFO L93 Difference]: Finished difference Result 513 states and 564 transitions. [2022-02-20 23:47:42,458 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:47:42,458 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:47:42,458 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:42,458 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:42,461 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 574 transitions. [2022-02-20 23:47:42,461 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:42,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 574 transitions. [2022-02-20 23:47:42,464 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 574 transitions. [2022-02-20 23:47:42,840 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 574 edges. 574 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:42,848 INFO L225 Difference]: With dead ends: 513 [2022-02-20 23:47:42,848 INFO L226 Difference]: Without dead ends: 513 [2022-02-20 23:47:42,848 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=14, Invalid=28, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:47:42,849 INFO L933 BasicCegarLoop]: 134 mSDtfsCounter, 550 mSDsluCounter, 322 mSDsCounter, 0 mSdLazyCounter, 782 mSolverCounterSat, 44 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 550 SdHoareTripleChecker+Valid, 456 SdHoareTripleChecker+Invalid, 826 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 44 IncrementalHoareTripleChecker+Valid, 782 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:42,849 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [550 Valid, 456 Invalid, 826 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [44 Valid, 782 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-02-20 23:47:42,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 513 states. [2022-02-20 23:47:42,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 513 to 378. [2022-02-20 23:47:42,853 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:42,854 INFO L82 GeneralOperation]: Start isEquivalent. First operand 513 states. Second operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:42,855 INFO L74 IsIncluded]: Start isIncluded. First operand 513 states. Second operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:42,855 INFO L87 Difference]: Start difference. First operand 513 states. Second operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:42,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:42,865 INFO L93 Difference]: Finished difference Result 513 states and 564 transitions. [2022-02-20 23:47:42,865 INFO L276 IsEmpty]: Start isEmpty. Operand 513 states and 564 transitions. [2022-02-20 23:47:42,871 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:42,871 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:42,872 INFO L74 IsIncluded]: Start isIncluded. First operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 513 states. [2022-02-20 23:47:42,872 INFO L87 Difference]: Start difference. First operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) Second operand 513 states. [2022-02-20 23:47:42,882 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:42,882 INFO L93 Difference]: Finished difference Result 513 states and 564 transitions. [2022-02-20 23:47:42,882 INFO L276 IsEmpty]: Start isEmpty. Operand 513 states and 564 transitions. [2022-02-20 23:47:42,883 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:42,883 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:42,883 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:42,883 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:42,884 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 247 states have (on average 1.9676113360323886) internal successors, (486), 364 states have internal predecessors, (486), 14 states have call successors, (14), 1 states have call predecessors, (14), 1 states have return successors, (14), 14 states have call predecessors, (14), 14 states have call successors, (14) [2022-02-20 23:47:42,890 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 514 transitions. [2022-02-20 23:47:42,890 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 514 transitions. Word has length 11 [2022-02-20 23:47:42,890 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:42,890 INFO L470 AbstractCegarLoop]: Abstraction has 378 states and 514 transitions. [2022-02-20 23:47:42,890 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 2.0) internal successors, (10), 5 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:42,891 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 514 transitions. [2022-02-20 23:47:42,891 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:47:42,891 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:42,891 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:42,891 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 23:47:42,891 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting appendErr22REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:42,892 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:42,892 INFO L85 PathProgramCache]: Analyzing trace with hash 693745101, now seen corresponding path program 1 times [2022-02-20 23:47:42,892 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:42,892 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1801805280] [2022-02-20 23:47:42,892 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:42,892 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:42,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:42,985 INFO L290 TraceCheckUtils]: 0: Hoare triple {11095#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {11095#true} is VALID [2022-02-20 23:47:42,986 INFO L290 TraceCheckUtils]: 1: Hoare triple {11095#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {11095#true} is VALID [2022-02-20 23:47:42,989 INFO L290 TraceCheckUtils]: 2: Hoare triple {11095#true} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} is VALID [2022-02-20 23:47:42,989 INFO L290 TraceCheckUtils]: 3: Hoare triple {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} is VALID [2022-02-20 23:47:42,990 INFO L290 TraceCheckUtils]: 4: Hoare triple {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} havoc main_~userInput~0#1; {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} is VALID [2022-02-20 23:47:42,990 INFO L290 TraceCheckUtils]: 5: Hoare triple {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} is VALID [2022-02-20 23:47:42,991 INFO L290 TraceCheckUtils]: 6: Hoare triple {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} is VALID [2022-02-20 23:47:42,992 INFO L272 TraceCheckUtils]: 7: Hoare triple {11097#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) |ULTIMATE.start_main_~list~0#1.offset|) 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {11098#(and (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) |append_#in~head.offset|) 0) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) |append_#in~head.offset|) 0))} is VALID [2022-02-20 23:47:42,993 INFO L290 TraceCheckUtils]: 8: Hoare triple {11098#(and (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) |append_#in~head.offset|) 0) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) |append_#in~head.offset|) 0))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {11099#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) append_~head.offset) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) append_~head.offset) 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:42,994 INFO L290 TraceCheckUtils]: 9: Hoare triple {11099#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) append_~head.offset) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) append_~head.offset) 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {11100#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) append_~head.offset) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) append_~head.offset) 0))} is VALID [2022-02-20 23:47:42,995 INFO L290 TraceCheckUtils]: 10: Hoare triple {11100#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) append_~head.offset) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) append_~head.offset) 0))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {11101#(and (= |append_#t~mem56.offset| 0) (= |append_#t~mem56.base| 0))} is VALID [2022-02-20 23:47:42,995 INFO L290 TraceCheckUtils]: 11: Hoare triple {11101#(and (= |append_#t~mem56.offset| 0) (= |append_#t~mem56.base| 0))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {11102#|append_#t~short58|} is VALID [2022-02-20 23:47:42,995 INFO L290 TraceCheckUtils]: 12: Hoare triple {11102#|append_#t~short58|} assume !#t~short58; {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 13: Hoare triple {11096#false} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 14: Hoare triple {11096#false} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 15: Hoare triple {11096#false} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 16: Hoare triple {11096#false} havoc #t~mem59.base, #t~mem59.offset; {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 17: Hoare triple {11096#false} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {11096#false} is VALID [2022-02-20 23:47:42,996 INFO L290 TraceCheckUtils]: 18: Hoare triple {11096#false} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {11096#false} is VALID [2022-02-20 23:47:42,997 INFO L290 TraceCheckUtils]: 19: Hoare triple {11096#false} assume !(1 == #valid[#t~mem60.base]); {11096#false} is VALID [2022-02-20 23:47:42,997 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:42,997 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:42,997 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1801805280] [2022-02-20 23:47:42,997 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1801805280] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:42,997 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:42,997 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 23:47:42,997 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2086468795] [2022-02-20 23:47:42,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:42,998 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-02-20 23:47:42,998 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:42,998 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:43,011 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:43,012 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:47:43,012 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:43,012 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:47:43,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:47:43,012 INFO L87 Difference]: Start difference. First operand 378 states and 514 transitions. Second operand has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:44,246 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:44,246 INFO L93 Difference]: Finished difference Result 398 states and 537 transitions. [2022-02-20 23:47:44,246 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:47:44,247 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2022-02-20 23:47:44,247 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:44,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:44,249 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 350 transitions. [2022-02-20 23:47:44,250 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:44,252 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 350 transitions. [2022-02-20 23:47:44,252 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 350 transitions. [2022-02-20 23:47:44,458 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 350 edges. 350 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:44,469 INFO L225 Difference]: With dead ends: 398 [2022-02-20 23:47:44,470 INFO L226 Difference]: Without dead ends: 398 [2022-02-20 23:47:44,471 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=31, Invalid=79, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:47:44,473 INFO L933 BasicCegarLoop]: 314 mSDtfsCounter, 20 mSDsluCounter, 1542 mSDsCounter, 0 mSdLazyCounter, 428 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 1856 SdHoareTripleChecker+Invalid, 434 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 428 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:44,473 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 1856 Invalid, 434 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 428 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:47:44,474 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 398 states. [2022-02-20 23:47:44,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 398 to 386. [2022-02-20 23:47:44,479 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:44,480 INFO L82 GeneralOperation]: Start isEquivalent. First operand 398 states. Second operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:44,480 INFO L74 IsIncluded]: Start isIncluded. First operand 398 states. Second operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:44,481 INFO L87 Difference]: Start difference. First operand 398 states. Second operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:44,492 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:44,492 INFO L93 Difference]: Finished difference Result 398 states and 537 transitions. [2022-02-20 23:47:44,492 INFO L276 IsEmpty]: Start isEmpty. Operand 398 states and 537 transitions. [2022-02-20 23:47:44,493 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:44,493 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:44,494 INFO L74 IsIncluded]: Start isIncluded. First operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) Second operand 398 states. [2022-02-20 23:47:44,494 INFO L87 Difference]: Start difference. First operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) Second operand 398 states. [2022-02-20 23:47:44,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:44,502 INFO L93 Difference]: Finished difference Result 398 states and 537 transitions. [2022-02-20 23:47:44,502 INFO L276 IsEmpty]: Start isEmpty. Operand 398 states and 537 transitions. [2022-02-20 23:47:44,503 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:44,503 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:44,503 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:44,503 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:44,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 386 states, 254 states have (on average 1.9448818897637796) internal successors, (494), 371 states have internal predecessors, (494), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:44,511 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 386 states to 386 states and 524 transitions. [2022-02-20 23:47:44,512 INFO L78 Accepts]: Start accepts. Automaton has 386 states and 524 transitions. Word has length 20 [2022-02-20 23:47:44,512 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:44,512 INFO L470 AbstractCegarLoop]: Abstraction has 386 states and 524 transitions. [2022-02-20 23:47:44,512 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 2.375) internal successors, (19), 7 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:44,512 INFO L276 IsEmpty]: Start isEmpty. Operand 386 states and 524 transitions. [2022-02-20 23:47:44,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-02-20 23:47:44,513 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:44,513 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:44,513 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-02-20 23:47:44,513 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting appendErr22REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:44,514 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:44,514 INFO L85 PathProgramCache]: Analyzing trace with hash -964577360, now seen corresponding path program 1 times [2022-02-20 23:47:44,514 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:44,514 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [576798587] [2022-02-20 23:47:44,515 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:44,515 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:44,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:44,714 INFO L290 TraceCheckUtils]: 0: Hoare triple {12691#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {12691#true} is VALID [2022-02-20 23:47:44,714 INFO L290 TraceCheckUtils]: 1: Hoare triple {12691#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {12693#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} is VALID [2022-02-20 23:47:44,715 INFO L290 TraceCheckUtils]: 2: Hoare triple {12693#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {12694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:44,716 INFO L290 TraceCheckUtils]: 3: Hoare triple {12694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:44,716 INFO L290 TraceCheckUtils]: 4: Hoare triple {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} havoc main_~userInput~0#1; {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:44,717 INFO L290 TraceCheckUtils]: 5: Hoare triple {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:44,717 INFO L290 TraceCheckUtils]: 6: Hoare triple {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:44,718 INFO L272 TraceCheckUtils]: 7: Hoare triple {12695#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {12696#(and (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4) 0) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} is VALID [2022-02-20 23:47:44,719 INFO L290 TraceCheckUtils]: 8: Hoare triple {12696#(and (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4) 0) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {12697#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:44,720 INFO L290 TraceCheckUtils]: 9: Hoare triple {12697#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:44,720 INFO L290 TraceCheckUtils]: 10: Hoare triple {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:44,721 INFO L290 TraceCheckUtils]: 11: Hoare triple {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:44,721 INFO L290 TraceCheckUtils]: 12: Hoare triple {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} assume #t~short58; {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:44,721 INFO L290 TraceCheckUtils]: 13: Hoare triple {12698#(and (= (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)) 0) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {12699#(and (= |append_#t~mem57.base| 0) (= append_~head.offset 0) (= |append_#t~mem57.offset| 0))} is VALID [2022-02-20 23:47:44,722 INFO L290 TraceCheckUtils]: 14: Hoare triple {12699#(and (= |append_#t~mem57.base| 0) (= append_~head.offset 0) (= |append_#t~mem57.offset| 0))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {12700#(and |append_#t~short58| (= append_~head.offset 0))} is VALID [2022-02-20 23:47:44,722 INFO L290 TraceCheckUtils]: 15: Hoare triple {12700#(and |append_#t~short58| (= append_~head.offset 0))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {12692#false} is VALID [2022-02-20 23:47:44,722 INFO L290 TraceCheckUtils]: 16: Hoare triple {12692#false} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {12692#false} is VALID [2022-02-20 23:47:44,722 INFO L290 TraceCheckUtils]: 17: Hoare triple {12692#false} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {12692#false} is VALID [2022-02-20 23:47:44,723 INFO L290 TraceCheckUtils]: 18: Hoare triple {12692#false} havoc #t~mem59.base, #t~mem59.offset; {12692#false} is VALID [2022-02-20 23:47:44,723 INFO L290 TraceCheckUtils]: 19: Hoare triple {12692#false} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {12692#false} is VALID [2022-02-20 23:47:44,723 INFO L290 TraceCheckUtils]: 20: Hoare triple {12692#false} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {12692#false} is VALID [2022-02-20 23:47:44,723 INFO L290 TraceCheckUtils]: 21: Hoare triple {12692#false} assume !(1 == #valid[#t~mem60.base]); {12692#false} is VALID [2022-02-20 23:47:44,723 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:44,723 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:44,723 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [576798587] [2022-02-20 23:47:44,724 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [576798587] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:47:44,724 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:47:44,724 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-02-20 23:47:44,724 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1349133003] [2022-02-20 23:47:44,724 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:47:44,724 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 22 [2022-02-20 23:47:44,724 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:44,725 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:44,740 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 22 edges. 22 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:44,740 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-02-20 23:47:44,740 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:44,741 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-02-20 23:47:44,741 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:47:44,741 INFO L87 Difference]: Start difference. First operand 386 states and 524 transitions. Second operand has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:46,489 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:46,489 INFO L93 Difference]: Finished difference Result 526 states and 579 transitions. [2022-02-20 23:47:46,489 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:47:46,490 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 22 [2022-02-20 23:47:46,490 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:46,490 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:46,493 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 580 transitions. [2022-02-20 23:47:46,493 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:46,495 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 580 transitions. [2022-02-20 23:47:46,496 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 580 transitions. [2022-02-20 23:47:46,864 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 580 edges. 580 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:46,873 INFO L225 Difference]: With dead ends: 526 [2022-02-20 23:47:46,873 INFO L226 Difference]: Without dead ends: 526 [2022-02-20 23:47:46,874 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=118, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:47:46,874 INFO L933 BasicCegarLoop]: 206 mSDtfsCounter, 512 mSDsluCounter, 1117 mSDsCounter, 0 mSdLazyCounter, 909 mSolverCounterSat, 20 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 526 SdHoareTripleChecker+Valid, 1323 SdHoareTripleChecker+Invalid, 929 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 909 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:46,874 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [526 Valid, 1323 Invalid, 929 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 909 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-02-20 23:47:46,875 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 526 states. [2022-02-20 23:47:46,879 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 526 to 389. [2022-02-20 23:47:46,879 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:46,880 INFO L82 GeneralOperation]: Start isEquivalent. First operand 526 states. Second operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:46,880 INFO L74 IsIncluded]: Start isIncluded. First operand 526 states. Second operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:46,881 INFO L87 Difference]: Start difference. First operand 526 states. Second operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:46,894 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:46,895 INFO L93 Difference]: Finished difference Result 526 states and 579 transitions. [2022-02-20 23:47:46,895 INFO L276 IsEmpty]: Start isEmpty. Operand 526 states and 579 transitions. [2022-02-20 23:47:46,895 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:46,896 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:46,896 INFO L74 IsIncluded]: Start isIncluded. First operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) Second operand 526 states. [2022-02-20 23:47:46,897 INFO L87 Difference]: Start difference. First operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) Second operand 526 states. [2022-02-20 23:47:46,907 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:46,907 INFO L93 Difference]: Finished difference Result 526 states and 579 transitions. [2022-02-20 23:47:46,907 INFO L276 IsEmpty]: Start isEmpty. Operand 526 states and 579 transitions. [2022-02-20 23:47:46,908 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:46,908 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:46,908 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:46,908 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:46,909 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 389 states, 257 states have (on average 1.933852140077821) internal successors, (497), 374 states have internal predecessors, (497), 15 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (15), 14 states have call predecessors, (15), 15 states have call successors, (15) [2022-02-20 23:47:46,915 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 389 states to 389 states and 527 transitions. [2022-02-20 23:47:46,915 INFO L78 Accepts]: Start accepts. Automaton has 389 states and 527 transitions. Word has length 22 [2022-02-20 23:47:46,916 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:46,916 INFO L470 AbstractCegarLoop]: Abstraction has 389 states and 527 transitions. [2022-02-20 23:47:46,916 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 2.1) internal successors, (21), 9 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:47:46,916 INFO L276 IsEmpty]: Start isEmpty. Operand 389 states and 527 transitions. [2022-02-20 23:47:46,916 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 23:47:46,916 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:46,917 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:46,917 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-02-20 23:47:46,917 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting appendErr22REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:46,917 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:46,917 INFO L85 PathProgramCache]: Analyzing trace with hash -339455757, now seen corresponding path program 1 times [2022-02-20 23:47:46,917 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:46,918 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [475819904] [2022-02-20 23:47:46,918 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:46,918 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:46,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:47,134 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-02-20 23:47:47,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:47,334 INFO L290 TraceCheckUtils]: 0: Hoare triple {14700#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {14701#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} is VALID [2022-02-20 23:47:47,335 INFO L290 TraceCheckUtils]: 1: Hoare triple {14701#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {14702#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,336 INFO L290 TraceCheckUtils]: 2: Hoare triple {14702#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,337 INFO L290 TraceCheckUtils]: 3: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,338 INFO L290 TraceCheckUtils]: 4: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,339 INFO L290 TraceCheckUtils]: 5: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,340 INFO L290 TraceCheckUtils]: 6: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,340 INFO L290 TraceCheckUtils]: 7: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,341 INFO L290 TraceCheckUtils]: 8: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,342 INFO L290 TraceCheckUtils]: 9: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:47,343 INFO L290 TraceCheckUtils]: 10: Hoare triple {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:47,344 INFO L290 TraceCheckUtils]: 11: Hoare triple {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:47:47,345 INFO L290 TraceCheckUtils]: 12: Hoare triple {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} assume true; {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:47:47,346 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,346 INFO L290 TraceCheckUtils]: 0: Hoare triple {14676#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {14676#true} is VALID [2022-02-20 23:47:47,348 INFO L290 TraceCheckUtils]: 1: Hoare triple {14676#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {14678#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} is VALID [2022-02-20 23:47:47,349 INFO L290 TraceCheckUtils]: 2: Hoare triple {14678#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,350 INFO L290 TraceCheckUtils]: 3: Hoare triple {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,350 INFO L290 TraceCheckUtils]: 4: Hoare triple {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,351 INFO L290 TraceCheckUtils]: 5: Hoare triple {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,351 INFO L290 TraceCheckUtils]: 6: Hoare triple {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,353 INFO L272 TraceCheckUtils]: 7: Hoare triple {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {14700#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:47:47,353 INFO L290 TraceCheckUtils]: 8: Hoare triple {14700#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {14701#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} is VALID [2022-02-20 23:47:47,354 INFO L290 TraceCheckUtils]: 9: Hoare triple {14701#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {14702#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,356 INFO L290 TraceCheckUtils]: 10: Hoare triple {14702#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,356 INFO L290 TraceCheckUtils]: 11: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,357 INFO L290 TraceCheckUtils]: 12: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,359 INFO L290 TraceCheckUtils]: 13: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,360 INFO L290 TraceCheckUtils]: 14: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,367 INFO L290 TraceCheckUtils]: 15: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,370 INFO L290 TraceCheckUtils]: 16: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:47:47,372 INFO L290 TraceCheckUtils]: 17: Hoare triple {14703#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:47,373 INFO L290 TraceCheckUtils]: 18: Hoare triple {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:47,374 INFO L290 TraceCheckUtils]: 19: Hoare triple {14704#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:47:47,374 INFO L290 TraceCheckUtils]: 20: Hoare triple {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} assume true; {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:47:47,375 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {14705#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} {14679#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,376 INFO L290 TraceCheckUtils]: 22: Hoare triple {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,377 INFO L290 TraceCheckUtils]: 23: Hoare triple {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:47,378 INFO L272 TraceCheckUtils]: 24: Hoare triple {14694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, 60); {14695#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} is VALID [2022-02-20 23:47:47,379 INFO L290 TraceCheckUtils]: 25: Hoare triple {14695#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {14696#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,380 INFO L290 TraceCheckUtils]: 26: Hoare triple {14696#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,380 INFO L290 TraceCheckUtils]: 27: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,381 INFO L290 TraceCheckUtils]: 28: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,381 INFO L290 TraceCheckUtils]: 29: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,381 INFO L290 TraceCheckUtils]: 30: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,382 INFO L290 TraceCheckUtils]: 31: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,383 INFO L290 TraceCheckUtils]: 32: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,383 INFO L290 TraceCheckUtils]: 33: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:47,384 INFO L290 TraceCheckUtils]: 34: Hoare triple {14697#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {14698#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:47,385 INFO L290 TraceCheckUtils]: 35: Hoare triple {14698#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {14699#(= (select |#valid| |append_#t~mem60.base|) 1)} is VALID [2022-02-20 23:47:47,385 INFO L290 TraceCheckUtils]: 36: Hoare triple {14699#(= (select |#valid| |append_#t~mem60.base|) 1)} assume !(1 == #valid[#t~mem60.base]); {14677#false} is VALID [2022-02-20 23:47:47,385 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:47,386 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:47,386 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [475819904] [2022-02-20 23:47:47,386 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [475819904] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:47:47,386 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [593409058] [2022-02-20 23:47:47,386 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:47,386 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:47:47,386 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:47:47,388 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:47:47,446 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-02-20 23:47:47,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:47,531 INFO L263 TraceCheckSpWp]: Trace formula consists of 324 conjuncts, 49 conjunts are in the unsatisfiable core [2022-02-20 23:47:47,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:47,564 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:47:47,601 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:47:47,940 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:47:48,064 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:47:48,064 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:47:48,101 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:47:48,259 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:47:48,259 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:47:48,568 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:47:48,574 INFO L356 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2022-02-20 23:47:48,574 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 29 treesize of output 28 [2022-02-20 23:47:48,988 INFO L356 Elim1Store]: treesize reduction 54, result has 36.5 percent of original size [2022-02-20 23:47:48,989 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 4 case distinctions, treesize of input 28 treesize of output 45 [2022-02-20 23:47:49,142 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:47:49,689 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:47:50,030 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:47:50,507 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:47:50,507 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 41 treesize of output 17 [2022-02-20 23:47:50,672 INFO L290 TraceCheckUtils]: 0: Hoare triple {14676#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {14676#true} is VALID [2022-02-20 23:47:50,674 INFO L290 TraceCheckUtils]: 1: Hoare triple {14676#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,674 INFO L290 TraceCheckUtils]: 2: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,675 INFO L290 TraceCheckUtils]: 3: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,675 INFO L290 TraceCheckUtils]: 4: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,676 INFO L290 TraceCheckUtils]: 5: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,676 INFO L290 TraceCheckUtils]: 6: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:50,677 INFO L272 TraceCheckUtils]: 7: Hoare triple {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {14731#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:47:50,677 INFO L290 TraceCheckUtils]: 8: Hoare triple {14731#(= |old(#valid)| |#valid|)} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {14735#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,678 INFO L290 TraceCheckUtils]: 9: Hoare triple {14735#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {14735#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,678 INFO L290 TraceCheckUtils]: 10: Hoare triple {14735#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,679 INFO L290 TraceCheckUtils]: 11: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,679 INFO L290 TraceCheckUtils]: 12: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} assume #t~short58; {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,680 INFO L290 TraceCheckUtils]: 13: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,695 INFO L290 TraceCheckUtils]: 14: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,696 INFO L290 TraceCheckUtils]: 15: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,697 INFO L290 TraceCheckUtils]: 16: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,698 INFO L290 TraceCheckUtils]: 17: Hoare triple {14742#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {14764#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,699 INFO L290 TraceCheckUtils]: 18: Hoare triple {14764#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {14768#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:47:50,701 INFO L290 TraceCheckUtils]: 19: Hoare triple {14768#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {14772#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)))))))} is VALID [2022-02-20 23:47:50,702 INFO L290 TraceCheckUtils]: 20: Hoare triple {14772#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)))))))} assume true; {14772#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)))))))} is VALID [2022-02-20 23:47:50,703 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {14772#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)))))))} {14712#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} is VALID [2022-02-20 23:47:50,704 INFO L290 TraceCheckUtils]: 22: Hoare triple {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} is VALID [2022-02-20 23:47:50,704 INFO L290 TraceCheckUtils]: 23: Hoare triple {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} assume !(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} is VALID [2022-02-20 23:47:50,705 INFO L272 TraceCheckUtils]: 24: Hoare triple {14779#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))))} call append(main_~list~0#1.base, main_~list~0#1.offset, 60); {14789#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} is VALID [2022-02-20 23:47:50,707 INFO L290 TraceCheckUtils]: 25: Hoare triple {14789#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,708 INFO L290 TraceCheckUtils]: 26: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,709 INFO L290 TraceCheckUtils]: 27: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,710 INFO L290 TraceCheckUtils]: 28: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,710 INFO L290 TraceCheckUtils]: 29: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,711 INFO L290 TraceCheckUtils]: 30: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,712 INFO L290 TraceCheckUtils]: 31: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,713 INFO L290 TraceCheckUtils]: 32: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,714 INFO L290 TraceCheckUtils]: 33: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:50,715 INFO L290 TraceCheckUtils]: 34: Hoare triple {14793#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_16 Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {14821#(and (<= append_~head.offset 0) (= (select |#valid| append_~head.base) 1) (exists ((v_append_~head.offset_16 Int) (append_~node~0.base Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (= (select |#valid| append_~node~0.base) 1) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~node~0.base append_~head.base)) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))))} is VALID [2022-02-20 23:47:50,716 INFO L290 TraceCheckUtils]: 35: Hoare triple {14821#(and (<= append_~head.offset 0) (= (select |#valid| append_~head.base) 1) (exists ((v_append_~head.offset_16 Int) (append_~node~0.base Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4))) 1) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))) (= (select |#valid| append_~node~0.base) 1) (<= 0 v_append_~head.offset_16) (<= v_append_~head.offset_16 append_~head.offset) (not (= append_~node~0.base append_~head.base)) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_16 4)))))))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {14825#(and (= (select |#valid| |append_#t~mem60.base|) 1) (exists ((append_~head.base Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base |append_#t~mem60.base|)) (not (= append_~head.base |append_#t~mem60.base|)) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))))} is VALID [2022-02-20 23:47:50,717 INFO L290 TraceCheckUtils]: 36: Hoare triple {14825#(and (= (select |#valid| |append_#t~mem60.base|) 1) (exists ((append_~head.base Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base |append_#t~mem60.base|)) (not (= append_~head.base |append_#t~mem60.base|)) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))))} assume !(1 == #valid[#t~mem60.base]); {14677#false} is VALID [2022-02-20 23:47:50,717 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:50,717 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:47:50,749 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_ArrVal_322 (Array Int Int))) (= (select |c_#valid| (select (select (store |c_#memory_$Pointer$.base| c_append_~node~0.base v_ArrVal_322) c_append_~head.base) (+ c_append_~head.offset 4))) 1)) is different from false [2022-02-20 23:47:50,849 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_append_~node~0.base_21 Int) (v_ArrVal_322 (Array Int Int))) (or (= (select (store |c_#valid| v_append_~node~0.base_21 1) (select (select (store |c_#memory_$Pointer$.base| v_append_~node~0.base_21 v_ArrVal_322) |c_append_#in~head.base|) (+ 4 |c_append_#in~head.offset|))) 1) (not (= (select |c_#valid| v_append_~node~0.base_21) 0)))) is different from false [2022-02-20 23:47:50,874 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_append_~node~0.base_21 Int) (v_ArrVal_322 (Array Int Int))) (or (not (= (select |c_#valid| v_append_~node~0.base_21) 0)) (= (select (store |c_#valid| v_append_~node~0.base_21 1) (select (select (store |c_#memory_$Pointer$.base| v_append_~node~0.base_21 v_ArrVal_322) |c_ULTIMATE.start_main_~list~0#1.base|) (+ |c_ULTIMATE.start_main_~list~0#1.offset| 4))) 1))) is different from false [2022-02-20 23:47:51,401 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:47:51,401 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 33 treesize of output 34 [2022-02-20 23:47:51,440 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:47:51,440 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 332 treesize of output 218 [2022-02-20 23:47:51,473 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 91 treesize of output 83 [2022-02-20 23:47:51,505 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 174 treesize of output 158 [2022-02-20 23:47:54,949 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_append_~node~0.base_21 Int) (v_arrayElimCell_14 Int) (v_arrayElimCell_13 Int)) (let ((.cse1 (= |c_ULTIMATE.start_main_~list~0#1.base| v_arrayElimCell_13)) (.cse0 (store |c_#valid| v_arrayElimCell_13 1))) (or (not (= (select .cse0 v_append_~node~0.base_21) 0)) (not (= (select |c_#valid| v_arrayElimCell_13) 0)) (and (not .cse1) (= (select (store .cse0 v_append_~node~0.base_21 1) v_arrayElimCell_14) 1)) (and .cse1 (forall ((v_arrayElimCell_15 Int)) (= (select (store (store |c_#valid| v_arrayElimCell_13 1) v_append_~node~0.base_21 1) v_arrayElimCell_15) 1))) (not (= (select .cse0 |c_ULTIMATE.start_main_~list~0#1.base|) 1)) (and (<= |c_ULTIMATE.start_main_~list~0#1.offset| 0) (or (< |c_ULTIMATE.start_main_~list~0#1.offset| 0) (not (= v_arrayElimCell_14 v_arrayElimCell_13))))))) is different from false [2022-02-20 23:47:54,952 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [593409058] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:47:54,952 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:47:54,952 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 13] total 27 [2022-02-20 23:47:54,952 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [301373076] [2022-02-20 23:47:54,952 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:47:54,953 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-02-20 23:47:54,953 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:47:54,953 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:47:55,022 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 73 edges. 73 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:55,022 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2022-02-20 23:47:55,022 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:47:55,023 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2022-02-20 23:47:55,023 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=96, Invalid=728, Unknown=4, NotChecked=228, Total=1056 [2022-02-20 23:47:55,024 INFO L87 Difference]: Start difference. First operand 389 states and 527 transitions. Second operand has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:47:57,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:57,999 INFO L93 Difference]: Finished difference Result 425 states and 577 transitions. [2022-02-20 23:47:57,999 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2022-02-20 23:47:57,999 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-02-20 23:47:58,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:47:58,000 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:47:58,003 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 17 states to 17 states and 382 transitions. [2022-02-20 23:47:58,003 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:47:58,006 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 17 states to 17 states and 382 transitions. [2022-02-20 23:47:58,006 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 17 states and 382 transitions. [2022-02-20 23:47:58,257 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 382 edges. 382 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:47:58,264 INFO L225 Difference]: With dead ends: 425 [2022-02-20 23:47:58,264 INFO L226 Difference]: Without dead ends: 425 [2022-02-20 23:47:58,264 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 78 GetRequests, 38 SyntacticMatches, 2 SemanticMatches, 38 ConstructedPredicates, 4 IntricatePredicates, 0 DeprecatedPredicates, 282 ImplicationChecksByTransitivity, 2.7s TimeCoverageRelationStatistics Valid=162, Invalid=1110, Unknown=4, NotChecked=284, Total=1560 [2022-02-20 23:47:58,264 INFO L933 BasicCegarLoop]: 310 mSDtfsCounter, 114 mSDsluCounter, 2775 mSDsCounter, 0 mSdLazyCounter, 1128 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 114 SdHoareTripleChecker+Valid, 3085 SdHoareTripleChecker+Invalid, 1617 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 1128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 459 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-02-20 23:47:58,265 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [114 Valid, 3085 Invalid, 1617 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 1128 Invalid, 0 Unknown, 459 Unchecked, 0.7s Time] [2022-02-20 23:47:58,265 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 425 states. [2022-02-20 23:47:58,271 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 425 to 420. [2022-02-20 23:47:58,271 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:47:58,271 INFO L82 GeneralOperation]: Start isEquivalent. First operand 425 states. Second operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) [2022-02-20 23:47:58,272 INFO L74 IsIncluded]: Start isIncluded. First operand 425 states. Second operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) [2022-02-20 23:47:58,272 INFO L87 Difference]: Start difference. First operand 425 states. Second operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) [2022-02-20 23:47:58,280 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:58,281 INFO L93 Difference]: Finished difference Result 425 states and 577 transitions. [2022-02-20 23:47:58,281 INFO L276 IsEmpty]: Start isEmpty. Operand 425 states and 577 transitions. [2022-02-20 23:47:58,282 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:58,282 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:58,282 INFO L74 IsIncluded]: Start isIncluded. First operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) Second operand 425 states. [2022-02-20 23:47:58,283 INFO L87 Difference]: Start difference. First operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) Second operand 425 states. [2022-02-20 23:47:58,304 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:47:58,305 INFO L93 Difference]: Finished difference Result 425 states and 577 transitions. [2022-02-20 23:47:58,305 INFO L276 IsEmpty]: Start isEmpty. Operand 425 states and 577 transitions. [2022-02-20 23:47:58,307 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:47:58,307 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:47:58,307 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:47:58,307 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:47:58,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 420 states, 286 states have (on average 1.8601398601398602) internal successors, (532), 404 states have internal predecessors, (532), 15 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (28), 14 states have call predecessors, (28), 15 states have call successors, (28) [2022-02-20 23:47:58,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 420 states to 420 states and 575 transitions. [2022-02-20 23:47:58,319 INFO L78 Accepts]: Start accepts. Automaton has 420 states and 575 transitions. Word has length 37 [2022-02-20 23:47:58,320 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:47:58,320 INFO L470 AbstractCegarLoop]: Abstraction has 420 states and 575 transitions. [2022-02-20 23:47:58,320 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 28 states, 27 states have (on average 2.4814814814814814) internal successors, (67), 24 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:47:58,320 INFO L276 IsEmpty]: Start isEmpty. Operand 420 states and 575 transitions. [2022-02-20 23:47:58,321 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-02-20 23:47:58,321 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:47:58,321 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:47:58,355 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:47:58,543 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:47:58,543 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting appendErr23REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:47:58,543 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:47:58,543 INFO L85 PathProgramCache]: Analyzing trace with hash -339455756, now seen corresponding path program 1 times [2022-02-20 23:47:58,543 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:47:58,544 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1367611605] [2022-02-20 23:47:58,544 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:58,544 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:47:58,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:58,780 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-02-20 23:47:58,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:58,998 INFO L290 TraceCheckUtils]: 0: Hoare triple {16615#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {16616#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:58,999 INFO L290 TraceCheckUtils]: 1: Hoare triple {16616#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {16617#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,000 INFO L290 TraceCheckUtils]: 2: Hoare triple {16617#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,000 INFO L290 TraceCheckUtils]: 3: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,001 INFO L290 TraceCheckUtils]: 4: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,002 INFO L290 TraceCheckUtils]: 5: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,003 INFO L290 TraceCheckUtils]: 6: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,004 INFO L290 TraceCheckUtils]: 7: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,004 INFO L290 TraceCheckUtils]: 8: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,020 INFO L290 TraceCheckUtils]: 9: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:59,021 INFO L290 TraceCheckUtils]: 10: Hoare triple {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:59,022 INFO L290 TraceCheckUtils]: 11: Hoare triple {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} is VALID [2022-02-20 23:47:59,023 INFO L290 TraceCheckUtils]: 12: Hoare triple {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} assume true; {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} is VALID [2022-02-20 23:47:59,024 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:59,025 INFO L290 TraceCheckUtils]: 0: Hoare triple {16592#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {16592#true} is VALID [2022-02-20 23:47:59,025 INFO L290 TraceCheckUtils]: 1: Hoare triple {16592#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {16594#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} is VALID [2022-02-20 23:47:59,026 INFO L290 TraceCheckUtils]: 2: Hoare triple {16594#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:59,026 INFO L290 TraceCheckUtils]: 3: Hoare triple {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:59,027 INFO L290 TraceCheckUtils]: 4: Hoare triple {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:59,027 INFO L290 TraceCheckUtils]: 5: Hoare triple {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:59,028 INFO L290 TraceCheckUtils]: 6: Hoare triple {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:47:59,028 INFO L272 TraceCheckUtils]: 7: Hoare triple {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {16615#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:47:59,029 INFO L290 TraceCheckUtils]: 8: Hoare triple {16615#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {16616#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,030 INFO L290 TraceCheckUtils]: 9: Hoare triple {16616#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {16617#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,034 INFO L290 TraceCheckUtils]: 10: Hoare triple {16617#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,035 INFO L290 TraceCheckUtils]: 11: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,036 INFO L290 TraceCheckUtils]: 12: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,037 INFO L290 TraceCheckUtils]: 13: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,038 INFO L290 TraceCheckUtils]: 14: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,039 INFO L290 TraceCheckUtils]: 15: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,040 INFO L290 TraceCheckUtils]: 16: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:47:59,041 INFO L290 TraceCheckUtils]: 17: Hoare triple {16618#(and (= |append_#in~head.offset| append_~head.offset) (or (= append_~node~0.base append_~head.base) (and (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:59,042 INFO L290 TraceCheckUtils]: 18: Hoare triple {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:47:59,043 INFO L290 TraceCheckUtils]: 19: Hoare triple {16619#(or (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} is VALID [2022-02-20 23:47:59,044 INFO L290 TraceCheckUtils]: 20: Hoare triple {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} assume true; {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} is VALID [2022-02-20 23:47:59,045 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {16620#(or (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))) (= (select |old(#valid)| |append_#in~head.base|) 0))} {16595#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:59,046 INFO L290 TraceCheckUtils]: 22: Hoare triple {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:59,046 INFO L290 TraceCheckUtils]: 23: Hoare triple {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume !(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:47:59,048 INFO L272 TraceCheckUtils]: 24: Hoare triple {16610#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, 60); {16611#(and (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4))))} is VALID [2022-02-20 23:47:59,049 INFO L290 TraceCheckUtils]: 25: Hoare triple {16611#(and (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0) (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,050 INFO L290 TraceCheckUtils]: 26: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,051 INFO L290 TraceCheckUtils]: 27: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,051 INFO L290 TraceCheckUtils]: 28: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,052 INFO L290 TraceCheckUtils]: 29: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,052 INFO L290 TraceCheckUtils]: 30: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,053 INFO L290 TraceCheckUtils]: 31: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,054 INFO L290 TraceCheckUtils]: 32: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,054 INFO L290 TraceCheckUtils]: 33: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:47:59,055 INFO L290 TraceCheckUtils]: 34: Hoare triple {16612#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {16613#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} is VALID [2022-02-20 23:47:59,056 INFO L290 TraceCheckUtils]: 35: Hoare triple {16613#(and (<= 9 (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= append_~head.offset 0))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {16614#(and (= |append_#t~mem60.offset| 0) (<= 9 (select |#length| |append_#t~mem60.base|)))} is VALID [2022-02-20 23:47:59,057 INFO L290 TraceCheckUtils]: 36: Hoare triple {16614#(and (= |append_#t~mem60.offset| 0) (<= 9 (select |#length| |append_#t~mem60.base|)))} assume !(4 + (5 + #t~mem60.offset) <= #length[#t~mem60.base] && 0 <= 5 + #t~mem60.offset); {16593#false} is VALID [2022-02-20 23:47:59,057 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:47:59,057 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:47:59,057 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1367611605] [2022-02-20 23:47:59,058 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1367611605] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:47:59,058 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [221297186] [2022-02-20 23:47:59,058 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:47:59,058 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:47:59,058 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:47:59,059 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:47:59,073 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-02-20 23:47:59,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:59,185 INFO L263 TraceCheckSpWp]: Trace formula consists of 324 conjuncts, 64 conjunts are in the unsatisfiable core [2022-02-20 23:47:59,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:47:59,207 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:47:59,217 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:47:59,558 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:47:59,569 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:47:59,704 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:47:59,704 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:47:59,751 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:47:59,751 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:47:59,785 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:47:59,798 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:48:00,064 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:00,065 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:48:00,113 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:00,113 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:48:00,676 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:00,682 INFO L356 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2022-02-20 23:48:00,682 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 29 treesize of output 28 [2022-02-20 23:48:01,291 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:48:01,293 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 26 treesize of output 28 [2022-02-20 23:48:01,342 INFO L356 Elim1Store]: treesize reduction 8, result has 65.2 percent of original size [2022-02-20 23:48:01,343 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 22 treesize of output 24 [2022-02-20 23:48:01,525 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:01,558 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:02,094 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:02,125 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:02,428 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:02,487 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:02,791 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:02,792 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 39 treesize of output 21 [2022-02-20 23:48:02,856 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:02,857 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 14 [2022-02-20 23:48:02,918 INFO L290 TraceCheckUtils]: 0: Hoare triple {16592#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {16592#true} is VALID [2022-02-20 23:48:02,919 INFO L290 TraceCheckUtils]: 1: Hoare triple {16592#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,920 INFO L290 TraceCheckUtils]: 2: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,920 INFO L290 TraceCheckUtils]: 3: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,921 INFO L290 TraceCheckUtils]: 4: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,921 INFO L290 TraceCheckUtils]: 5: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,922 INFO L290 TraceCheckUtils]: 6: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,922 INFO L272 TraceCheckUtils]: 7: Hoare triple {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {16646#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:48:02,923 INFO L290 TraceCheckUtils]: 8: Hoare triple {16646#(= |old(#valid)| |#valid|)} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {16650#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,923 INFO L290 TraceCheckUtils]: 9: Hoare triple {16650#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {16650#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,924 INFO L290 TraceCheckUtils]: 10: Hoare triple {16650#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,924 INFO L290 TraceCheckUtils]: 11: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,925 INFO L290 TraceCheckUtils]: 12: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} assume #t~short58; {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,932 INFO L290 TraceCheckUtils]: 13: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,933 INFO L290 TraceCheckUtils]: 14: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,933 INFO L290 TraceCheckUtils]: 15: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,934 INFO L290 TraceCheckUtils]: 16: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,935 INFO L290 TraceCheckUtils]: 17: Hoare triple {16657#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {16679#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,937 INFO L290 TraceCheckUtils]: 18: Hoare triple {16679#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {16683#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (or (= append_~node~0.base |append_#in~head.base|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:02,940 INFO L290 TraceCheckUtils]: 19: Hoare triple {16683#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (or (= append_~node~0.base |append_#in~head.base|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {16687#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} is VALID [2022-02-20 23:48:02,942 INFO L290 TraceCheckUtils]: 20: Hoare triple {16687#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} assume true; {16687#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} is VALID [2022-02-20 23:48:02,944 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {16687#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} {16627#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,945 INFO L290 TraceCheckUtils]: 22: Hoare triple {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,960 INFO L290 TraceCheckUtils]: 23: Hoare triple {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:02,962 INFO L272 TraceCheckUtils]: 24: Hoare triple {16694#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, 60); {16704#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} is VALID [2022-02-20 23:48:02,963 INFO L290 TraceCheckUtils]: 25: Hoare triple {16704#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,967 INFO L290 TraceCheckUtils]: 26: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,968 INFO L290 TraceCheckUtils]: 27: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,969 INFO L290 TraceCheckUtils]: 28: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,970 INFO L290 TraceCheckUtils]: 29: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,971 INFO L290 TraceCheckUtils]: 30: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,972 INFO L290 TraceCheckUtils]: 31: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,973 INFO L290 TraceCheckUtils]: 32: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,974 INFO L290 TraceCheckUtils]: 33: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:02,976 INFO L290 TraceCheckUtils]: 34: Hoare triple {16708#(and (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))) (<= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {16736#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))))} is VALID [2022-02-20 23:48:02,977 INFO L290 TraceCheckUtils]: 35: Hoare triple {16736#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_21 Int)) (and (<= (+ 9 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_21 4)))) (<= v_append_~head.offset_21 append_~head.offset) (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_21 4))) (<= 0 v_append_~head.offset_21))))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {16740#(and (<= 0 |append_#t~mem60.offset|) (<= (+ |append_#t~mem60.offset| 9) (select |#length| |append_#t~mem60.base|)))} is VALID [2022-02-20 23:48:02,977 INFO L290 TraceCheckUtils]: 36: Hoare triple {16740#(and (<= 0 |append_#t~mem60.offset|) (<= (+ |append_#t~mem60.offset| 9) (select |#length| |append_#t~mem60.base|)))} assume !(4 + (5 + #t~mem60.offset) <= #length[#t~mem60.base] && 0 <= 5 + #t~mem60.offset); {16593#false} is VALID [2022-02-20 23:48:02,977 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:48:02,978 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:48:03,072 WARN L838 $PredicateComparison]: unable to prove that (and (forall ((v_ArrVal_509 (Array Int Int)) (v_ArrVal_510 (Array Int Int))) (let ((.cse0 (+ c_append_~head.offset 4))) (<= (+ (select (select (store |c_#memory_$Pointer$.offset| c_append_~node~0.base v_ArrVal_510) c_append_~head.base) .cse0) 9) (select |c_#length| (select (select (store |c_#memory_$Pointer$.base| c_append_~node~0.base v_ArrVal_509) c_append_~head.base) .cse0))))) (forall ((v_ArrVal_510 (Array Int Int))) (<= 0 (+ (select (select (store |c_#memory_$Pointer$.offset| c_append_~node~0.base v_ArrVal_510) c_append_~head.base) (+ c_append_~head.offset 4)) 5)))) is different from false [2022-02-20 23:48:04,304 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:04,304 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 82 treesize of output 83 [2022-02-20 23:48:04,359 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:04,359 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 83 treesize of output 73 [2022-02-20 23:48:04,421 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:04,434 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:04,435 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 103 treesize of output 103 [2022-02-20 23:48:04,503 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:04,525 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:04,525 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 152 treesize of output 140 [2022-02-20 23:48:04,645 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:04,646 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 216 treesize of output 230 [2022-02-20 23:48:04,735 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 230 treesize of output 206 [2022-02-20 23:48:04,830 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 206 treesize of output 186 [2022-02-20 23:48:07,058 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [221297186] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:48:07,059 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:48:07,059 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 13] total 26 [2022-02-20 23:48:07,059 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [458380204] [2022-02-20 23:48:07,059 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:48:07,059 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-02-20 23:48:07,059 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:48:07,060 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:07,134 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 73 edges. 73 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:48:07,134 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2022-02-20 23:48:07,134 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:48:07,134 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2022-02-20 23:48:07,135 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=95, Invalid=897, Unknown=4, NotChecked=60, Total=1056 [2022-02-20 23:48:07,135 INFO L87 Difference]: Start difference. First operand 420 states and 575 transitions. Second operand has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:12,628 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:12,629 INFO L93 Difference]: Finished difference Result 485 states and 645 transitions. [2022-02-20 23:48:12,629 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2022-02-20 23:48:12,629 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-02-20 23:48:12,629 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:48:12,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:12,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 22 states to 22 states and 418 transitions. [2022-02-20 23:48:12,632 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:12,634 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 22 states to 22 states and 418 transitions. [2022-02-20 23:48:12,634 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 22 states and 418 transitions. [2022-02-20 23:48:12,970 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 418 edges. 418 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:48:12,978 INFO L225 Difference]: With dead ends: 485 [2022-02-20 23:48:12,978 INFO L226 Difference]: Without dead ends: 485 [2022-02-20 23:48:12,979 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 89 GetRequests, 40 SyntacticMatches, 3 SemanticMatches, 46 ConstructedPredicates, 1 IntricatePredicates, 1 DeprecatedPredicates, 380 ImplicationChecksByTransitivity, 2.6s TimeCoverageRelationStatistics Valid=268, Invalid=1894, Unknown=4, NotChecked=90, Total=2256 [2022-02-20 23:48:12,979 INFO L933 BasicCegarLoop]: 318 mSDtfsCounter, 162 mSDsluCounter, 3069 mSDsCounter, 0 mSdLazyCounter, 1924 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 3387 SdHoareTripleChecker+Invalid, 2779 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 1924 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 812 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:48:12,979 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [162 Valid, 3387 Invalid, 2779 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 1924 Invalid, 0 Unknown, 812 Unchecked, 1.4s Time] [2022-02-20 23:48:12,980 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 485 states. [2022-02-20 23:48:12,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 485 to 473. [2022-02-20 23:48:12,988 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:48:12,989 INFO L82 GeneralOperation]: Start isEquivalent. First operand 485 states. Second operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:12,990 INFO L74 IsIncluded]: Start isIncluded. First operand 485 states. Second operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:12,990 INFO L87 Difference]: Start difference. First operand 485 states. Second operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:12,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:12,999 INFO L93 Difference]: Finished difference Result 485 states and 645 transitions. [2022-02-20 23:48:12,999 INFO L276 IsEmpty]: Start isEmpty. Operand 485 states and 645 transitions. [2022-02-20 23:48:13,000 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:48:13,000 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:48:13,001 INFO L74 IsIncluded]: Start isIncluded. First operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) Second operand 485 states. [2022-02-20 23:48:13,001 INFO L87 Difference]: Start difference. First operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) Second operand 485 states. [2022-02-20 23:48:13,010 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:13,010 INFO L93 Difference]: Finished difference Result 485 states and 645 transitions. [2022-02-20 23:48:13,010 INFO L276 IsEmpty]: Start isEmpty. Operand 485 states and 645 transitions. [2022-02-20 23:48:13,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:48:13,011 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:48:13,011 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:48:13,011 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:48:13,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 473 states, 335 states have (on average 1.7582089552238807) internal successors, (589), 454 states have internal predecessors, (589), 17 states have call successors, (17), 5 states have call predecessors, (17), 5 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:13,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 473 states to 473 states and 637 transitions. [2022-02-20 23:48:13,020 INFO L78 Accepts]: Start accepts. Automaton has 473 states and 637 transitions. Word has length 37 [2022-02-20 23:48:13,020 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:48:13,020 INFO L470 AbstractCegarLoop]: Abstraction has 473 states and 637 transitions. [2022-02-20 23:48:13,020 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 26 states have (on average 2.576923076923077) internal successors, (67), 23 states have internal predecessors, (67), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:13,020 INFO L276 IsEmpty]: Start isEmpty. Operand 473 states and 637 transitions. [2022-02-20 23:48:13,021 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 23:48:13,021 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:48:13,021 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:48:13,040 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-02-20 23:48:13,235 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-02-20 23:48:13,236 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting appendErr22REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:48:13,236 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:48:13,236 INFO L85 PathProgramCache]: Analyzing trace with hash -794458392, now seen corresponding path program 1 times [2022-02-20 23:48:13,236 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:48:13,236 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1324151882] [2022-02-20 23:48:13,236 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:48:13,236 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:48:13,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:13,437 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-02-20 23:48:13,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:13,593 INFO L290 TraceCheckUtils]: 0: Hoare triple {18784#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {18785#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} is VALID [2022-02-20 23:48:13,594 INFO L290 TraceCheckUtils]: 1: Hoare triple {18785#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {18786#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,595 INFO L290 TraceCheckUtils]: 2: Hoare triple {18786#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,595 INFO L290 TraceCheckUtils]: 3: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,596 INFO L290 TraceCheckUtils]: 4: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,597 INFO L290 TraceCheckUtils]: 5: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,597 INFO L290 TraceCheckUtils]: 6: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,598 INFO L290 TraceCheckUtils]: 7: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,599 INFO L290 TraceCheckUtils]: 8: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,599 INFO L290 TraceCheckUtils]: 9: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:48:13,600 INFO L290 TraceCheckUtils]: 10: Hoare triple {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:48:13,601 INFO L290 TraceCheckUtils]: 11: Hoare triple {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:48:13,602 INFO L290 TraceCheckUtils]: 12: Hoare triple {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} assume true; {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:48:13,602 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,604 INFO L290 TraceCheckUtils]: 0: Hoare triple {18760#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {18760#true} is VALID [2022-02-20 23:48:13,605 INFO L290 TraceCheckUtils]: 1: Hoare triple {18760#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {18762#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} is VALID [2022-02-20 23:48:13,605 INFO L290 TraceCheckUtils]: 2: Hoare triple {18762#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,607 INFO L290 TraceCheckUtils]: 3: Hoare triple {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,607 INFO L290 TraceCheckUtils]: 4: Hoare triple {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,607 INFO L290 TraceCheckUtils]: 5: Hoare triple {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,608 INFO L290 TraceCheckUtils]: 6: Hoare triple {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,609 INFO L272 TraceCheckUtils]: 7: Hoare triple {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {18784#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:48:13,609 INFO L290 TraceCheckUtils]: 8: Hoare triple {18784#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {18785#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} is VALID [2022-02-20 23:48:13,610 INFO L290 TraceCheckUtils]: 9: Hoare triple {18785#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {18786#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,611 INFO L290 TraceCheckUtils]: 10: Hoare triple {18786#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,611 INFO L290 TraceCheckUtils]: 11: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,612 INFO L290 TraceCheckUtils]: 12: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,613 INFO L290 TraceCheckUtils]: 13: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,613 INFO L290 TraceCheckUtils]: 14: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,614 INFO L290 TraceCheckUtils]: 15: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,615 INFO L290 TraceCheckUtils]: 16: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} is VALID [2022-02-20 23:48:13,615 INFO L290 TraceCheckUtils]: 17: Hoare triple {18787#(and (= |append_#in~head.offset| append_~head.offset) (or (= 0 (select |old(#valid)| append_~node~0.base)) (not (= append_~node~0.base append_~head.base))) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:48:13,616 INFO L290 TraceCheckUtils]: 18: Hoare triple {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} is VALID [2022-02-20 23:48:13,617 INFO L290 TraceCheckUtils]: 19: Hoare triple {18788#(or (and (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| append_~node~0.base) 1)) (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:48:13,617 INFO L290 TraceCheckUtils]: 20: Hoare triple {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} assume true; {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} is VALID [2022-02-20 23:48:13,618 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {18789#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 1)))} {18763#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,619 INFO L290 TraceCheckUtils]: 22: Hoare triple {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,619 INFO L290 TraceCheckUtils]: 23: Hoare triple {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !!(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,620 INFO L290 TraceCheckUtils]: 24: Hoare triple {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,621 INFO L290 TraceCheckUtils]: 25: Hoare triple {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:13,622 INFO L272 TraceCheckUtils]: 26: Hoare triple {18778#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {18779#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} is VALID [2022-02-20 23:48:13,622 INFO L290 TraceCheckUtils]: 27: Hoare triple {18779#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4)) 1) (= (select |#valid| |append_#in~head.base|) 1) (= |append_#in~head.offset| 0))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {18780#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,623 INFO L290 TraceCheckUtils]: 28: Hoare triple {18780#(and (or (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4)))) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,624 INFO L290 TraceCheckUtils]: 29: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,624 INFO L290 TraceCheckUtils]: 30: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,625 INFO L290 TraceCheckUtils]: 31: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,625 INFO L290 TraceCheckUtils]: 32: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,625 INFO L290 TraceCheckUtils]: 33: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,626 INFO L290 TraceCheckUtils]: 34: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,627 INFO L290 TraceCheckUtils]: 35: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:13,627 INFO L290 TraceCheckUtils]: 36: Hoare triple {18781#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {18782#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0))} is VALID [2022-02-20 23:48:13,628 INFO L290 TraceCheckUtils]: 37: Hoare triple {18782#(and (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 1) (= append_~head.offset 0))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {18783#(= (select |#valid| |append_#t~mem60.base|) 1)} is VALID [2022-02-20 23:48:13,629 INFO L290 TraceCheckUtils]: 38: Hoare triple {18783#(= (select |#valid| |append_#t~mem60.base|) 1)} assume !(1 == #valid[#t~mem60.base]); {18761#false} is VALID [2022-02-20 23:48:13,629 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:48:13,629 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:48:13,629 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1324151882] [2022-02-20 23:48:13,630 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1324151882] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:48:13,630 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1363669281] [2022-02-20 23:48:13,630 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:48:13,630 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:48:13,630 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:48:13,631 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:48:13,632 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-02-20 23:48:13,738 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:13,740 INFO L263 TraceCheckSpWp]: Trace formula consists of 329 conjuncts, 51 conjunts are in the unsatisfiable core [2022-02-20 23:48:13,756 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:13,758 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:48:13,765 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:48:13,999 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:48:14,036 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:14,037 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:48:14,051 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:48:14,100 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:14,101 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:48:14,173 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:14,178 INFO L356 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2022-02-20 23:48:14,179 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 29 treesize of output 28 [2022-02-20 23:48:14,488 INFO L356 Elim1Store]: treesize reduction 54, result has 36.5 percent of original size [2022-02-20 23:48:14,488 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 4 case distinctions, treesize of input 28 treesize of output 45 [2022-02-20 23:48:14,612 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:48:15,164 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:48:15,464 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 38 treesize of output 36 [2022-02-20 23:48:15,928 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:15,929 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 41 treesize of output 17 [2022-02-20 23:48:16,081 INFO L290 TraceCheckUtils]: 0: Hoare triple {18760#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {18760#true} is VALID [2022-02-20 23:48:16,082 INFO L290 TraceCheckUtils]: 1: Hoare triple {18760#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,082 INFO L290 TraceCheckUtils]: 2: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,083 INFO L290 TraceCheckUtils]: 3: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,083 INFO L290 TraceCheckUtils]: 4: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,083 INFO L290 TraceCheckUtils]: 5: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,084 INFO L290 TraceCheckUtils]: 6: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,084 INFO L272 TraceCheckUtils]: 7: Hoare triple {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {18815#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:48:16,085 INFO L290 TraceCheckUtils]: 8: Hoare triple {18815#(= |old(#valid)| |#valid|)} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {18819#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,085 INFO L290 TraceCheckUtils]: 9: Hoare triple {18819#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {18819#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,086 INFO L290 TraceCheckUtils]: 10: Hoare triple {18819#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,086 INFO L290 TraceCheckUtils]: 11: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,086 INFO L290 TraceCheckUtils]: 12: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} assume #t~short58; {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,087 INFO L290 TraceCheckUtils]: 13: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,087 INFO L290 TraceCheckUtils]: 14: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,090 INFO L290 TraceCheckUtils]: 15: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,090 INFO L290 TraceCheckUtils]: 16: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,091 INFO L290 TraceCheckUtils]: 17: Hoare triple {18826#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= |append_#in~head.offset| append_~head.offset) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {18848#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,092 INFO L290 TraceCheckUtils]: 18: Hoare triple {18848#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {18852#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} is VALID [2022-02-20 23:48:16,093 INFO L290 TraceCheckUtils]: 19: Hoare triple {18852#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {18856#(and (= (select |#valid| |append_#in~head.base|) 1) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 1) |#valid|) (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 0))))} is VALID [2022-02-20 23:48:16,093 INFO L290 TraceCheckUtils]: 20: Hoare triple {18856#(and (= (select |#valid| |append_#in~head.base|) 1) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 1) |#valid|) (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 0))))} assume true; {18856#(and (= (select |#valid| |append_#in~head.base|) 1) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 1) |#valid|) (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 0))))} is VALID [2022-02-20 23:48:16,095 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {18856#(and (= (select |#valid| |append_#in~head.base|) 1) (or (and (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0)) (and (= (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 1) |#valid|) (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) 0))))} {18796#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,095 INFO L290 TraceCheckUtils]: 22: Hoare triple {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,095 INFO L290 TraceCheckUtils]: 23: Hoare triple {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !!(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,096 INFO L290 TraceCheckUtils]: 24: Hoare triple {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,096 INFO L290 TraceCheckUtils]: 25: Hoare triple {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:16,097 INFO L272 TraceCheckUtils]: 26: Hoare triple {18863#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) |ULTIMATE.start_main_~list~0#1.base|)) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {18879#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (<= |append_#in~head.offset| |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)) |append_#in~head.base|)) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))))} is VALID [2022-02-20 23:48:16,098 INFO L290 TraceCheckUtils]: 27: Hoare triple {18879#(and (= (select |#valid| |append_#in~head.base|) 1) (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (<= |append_#in~head.offset| |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)) |append_#in~head.base|)) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {18883#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,099 INFO L290 TraceCheckUtils]: 28: Hoare triple {18883#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {18883#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,100 INFO L290 TraceCheckUtils]: 29: Hoare triple {18883#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,101 INFO L290 TraceCheckUtils]: 30: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,102 INFO L290 TraceCheckUtils]: 31: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,103 INFO L290 TraceCheckUtils]: 32: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,103 INFO L290 TraceCheckUtils]: 33: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,105 INFO L290 TraceCheckUtils]: 34: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,105 INFO L290 TraceCheckUtils]: 35: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:16,107 INFO L290 TraceCheckUtils]: 36: Hoare triple {18890#(and (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))) (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {18912#(and (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (= (select |#valid| append_~node~0.base) 1) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (not (= append_~node~0.base append_~head.base)) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))))} is VALID [2022-02-20 23:48:16,108 INFO L290 TraceCheckUtils]: 37: Hoare triple {18912#(and (<= 0 append_~head.offset) (= (select |#valid| append_~head.base) 1) (exists ((|v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4))) 1) (<= append_~head.offset |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8|) (= (select |#valid| append_~node~0.base) 1) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 4)))) (not (= append_~node~0.base append_~head.base)) (<= |v_ULTIMATE.start_main_~list~0#1.offset_BEFORE_CALL_8| 0))))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {18916#(and (= (select |#valid| |append_#t~mem60.base|) 1) (exists ((append_~head.base Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base |append_#t~mem60.base|)) (not (= append_~head.base |append_#t~mem60.base|)) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))))} is VALID [2022-02-20 23:48:16,109 INFO L290 TraceCheckUtils]: 38: Hoare triple {18916#(and (= (select |#valid| |append_#t~mem60.base|) 1) (exists ((append_~head.base Int) (append_~node~0.base Int)) (and (not (= append_~node~0.base |append_#t~mem60.base|)) (not (= append_~head.base |append_#t~mem60.base|)) (= (select |#valid| append_~head.base) 1) (= (select |#valid| append_~node~0.base) 1) (not (= append_~node~0.base append_~head.base)))))} assume !(1 == #valid[#t~mem60.base]); {18761#false} is VALID [2022-02-20 23:48:16,109 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:48:16,109 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:48:17,188 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:17,188 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 33 treesize of output 34 [2022-02-20 23:48:17,231 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:17,231 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 332 treesize of output 218 [2022-02-20 23:48:17,261 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 91 treesize of output 83 [2022-02-20 23:48:17,295 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 174 treesize of output 158 [2022-02-20 23:48:18,192 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1363669281] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:48:18,193 INFO L191 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-02-20 23:48:18,193 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 14] total 28 [2022-02-20 23:48:18,193 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1810493137] [2022-02-20 23:48:18,193 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-02-20 23:48:18,193 INFO L78 Accepts]: Start accepts. Automaton has has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 39 [2022-02-20 23:48:18,193 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:48:18,194 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:18,261 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 77 edges. 77 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:48:18,261 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 29 states [2022-02-20 23:48:18,261 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:48:18,261 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2022-02-20 23:48:18,262 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=120, Invalid=1055, Unknown=15, NotChecked=0, Total=1190 [2022-02-20 23:48:18,262 INFO L87 Difference]: Start difference. First operand 473 states and 637 transitions. Second operand has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:23,757 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:23,758 INFO L93 Difference]: Finished difference Result 634 states and 713 transitions. [2022-02-20 23:48:23,758 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2022-02-20 23:48:23,758 INFO L78 Accepts]: Start accepts. Automaton has has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 39 [2022-02-20 23:48:23,758 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:48:23,758 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:23,763 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 600 transitions. [2022-02-20 23:48:23,763 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:23,767 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 600 transitions. [2022-02-20 23:48:23,767 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 18 states and 600 transitions. [2022-02-20 23:48:24,197 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 600 edges. 600 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:48:24,208 INFO L225 Difference]: With dead ends: 634 [2022-02-20 23:48:24,208 INFO L226 Difference]: Without dead ends: 634 [2022-02-20 23:48:24,209 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 89 GetRequests, 42 SyntacticMatches, 3 SemanticMatches, 44 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 513 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=289, Invalid=1766, Unknown=15, NotChecked=0, Total=2070 [2022-02-20 23:48:24,209 INFO L933 BasicCegarLoop]: 198 mSDtfsCounter, 1092 mSDsluCounter, 2690 mSDsCounter, 0 mSdLazyCounter, 2079 mSolverCounterSat, 136 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1092 SdHoareTripleChecker+Valid, 2888 SdHoareTripleChecker+Invalid, 3120 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 136 IncrementalHoareTripleChecker+Valid, 2079 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 905 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-02-20 23:48:24,209 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [1092 Valid, 2888 Invalid, 3120 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [136 Valid, 2079 Invalid, 0 Unknown, 905 Unchecked, 1.7s Time] [2022-02-20 23:48:24,210 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 634 states. [2022-02-20 23:48:24,215 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 634 to 471. [2022-02-20 23:48:24,215 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:48:24,216 INFO L82 GeneralOperation]: Start isEquivalent. First operand 634 states. Second operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:24,216 INFO L74 IsIncluded]: Start isIncluded. First operand 634 states. Second operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:24,217 INFO L87 Difference]: Start difference. First operand 634 states. Second operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:24,228 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:24,229 INFO L93 Difference]: Finished difference Result 634 states and 713 transitions. [2022-02-20 23:48:24,229 INFO L276 IsEmpty]: Start isEmpty. Operand 634 states and 713 transitions. [2022-02-20 23:48:24,230 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:48:24,230 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:48:24,230 INFO L74 IsIncluded]: Start isIncluded. First operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) Second operand 634 states. [2022-02-20 23:48:24,231 INFO L87 Difference]: Start difference. First operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) Second operand 634 states. [2022-02-20 23:48:24,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:48:24,243 INFO L93 Difference]: Finished difference Result 634 states and 713 transitions. [2022-02-20 23:48:24,243 INFO L276 IsEmpty]: Start isEmpty. Operand 634 states and 713 transitions. [2022-02-20 23:48:24,244 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:48:24,244 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:48:24,244 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:48:24,244 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:48:24,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 471 states, 333 states have (on average 1.7477477477477477) internal successors, (582), 452 states have internal predecessors, (582), 17 states have call successors, (17), 5 states have call predecessors, (17), 6 states have return successors, (31), 15 states have call predecessors, (31), 17 states have call successors, (31) [2022-02-20 23:48:24,252 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 471 states to 471 states and 630 transitions. [2022-02-20 23:48:24,252 INFO L78 Accepts]: Start accepts. Automaton has 471 states and 630 transitions. Word has length 39 [2022-02-20 23:48:24,252 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:48:24,253 INFO L470 AbstractCegarLoop]: Abstraction has 471 states and 630 transitions. [2022-02-20 23:48:24,253 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 29 states, 28 states have (on average 2.5357142857142856) internal successors, (71), 25 states have internal predecessors, (71), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:48:24,253 INFO L276 IsEmpty]: Start isEmpty. Operand 471 states and 630 transitions. [2022-02-20 23:48:24,253 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-02-20 23:48:24,253 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:48:24,253 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:48:24,269 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-02-20 23:48:24,469 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:48:24,470 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting appendErr23REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 143 more)] === [2022-02-20 23:48:24,470 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:48:24,470 INFO L85 PathProgramCache]: Analyzing trace with hash -794458391, now seen corresponding path program 1 times [2022-02-20 23:48:24,470 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:48:24,470 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1774889475] [2022-02-20 23:48:24,470 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:48:24,470 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:48:24,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:24,668 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-02-20 23:48:24,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:24,825 INFO L290 TraceCheckUtils]: 0: Hoare triple {21402#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,826 INFO L290 TraceCheckUtils]: 1: Hoare triple {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,827 INFO L290 TraceCheckUtils]: 2: Hoare triple {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,828 INFO L290 TraceCheckUtils]: 3: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,828 INFO L290 TraceCheckUtils]: 4: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,829 INFO L290 TraceCheckUtils]: 5: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,830 INFO L290 TraceCheckUtils]: 6: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,830 INFO L290 TraceCheckUtils]: 7: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,831 INFO L290 TraceCheckUtils]: 8: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,832 INFO L290 TraceCheckUtils]: 9: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} is VALID [2022-02-20 23:48:24,833 INFO L290 TraceCheckUtils]: 10: Hoare triple {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} is VALID [2022-02-20 23:48:24,834 INFO L290 TraceCheckUtils]: 11: Hoare triple {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} is VALID [2022-02-20 23:48:24,834 INFO L290 TraceCheckUtils]: 12: Hoare triple {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} assume true; {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} is VALID [2022-02-20 23:48:24,836 INFO L284 TraceCheckUtils]: 13: Hoare quadruple {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,836 INFO L290 TraceCheckUtils]: 0: Hoare triple {21379#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {21379#true} is VALID [2022-02-20 23:48:24,836 INFO L290 TraceCheckUtils]: 1: Hoare triple {21379#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {21381#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} is VALID [2022-02-20 23:48:24,837 INFO L290 TraceCheckUtils]: 2: Hoare triple {21381#(= |ULTIMATE.start_main_~list~0#1.offset| 0)} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:24,842 INFO L290 TraceCheckUtils]: 3: Hoare triple {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:24,842 INFO L290 TraceCheckUtils]: 4: Hoare triple {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:24,844 INFO L290 TraceCheckUtils]: 5: Hoare triple {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:24,848 INFO L290 TraceCheckUtils]: 6: Hoare triple {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:24,849 INFO L272 TraceCheckUtils]: 7: Hoare triple {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {21402#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} is VALID [2022-02-20 23:48:24,850 INFO L290 TraceCheckUtils]: 8: Hoare triple {21402#(and (= |old(#length)| |#length|) (= |#memory_int| |old(#memory_int)|) (= |#memory_$Pointer$.base| |old(#memory_$Pointer$.base)|) (= |#memory_$Pointer$.offset| |old(#memory_$Pointer$.offset)|) (= |old(#valid)| |#valid|))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,851 INFO L290 TraceCheckUtils]: 9: Hoare triple {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,851 INFO L290 TraceCheckUtils]: 10: Hoare triple {21403#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,852 INFO L290 TraceCheckUtils]: 11: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,853 INFO L290 TraceCheckUtils]: 12: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,853 INFO L290 TraceCheckUtils]: 13: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,854 INFO L290 TraceCheckUtils]: 14: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,854 INFO L290 TraceCheckUtils]: 15: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,855 INFO L290 TraceCheckUtils]: 16: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} is VALID [2022-02-20 23:48:24,856 INFO L290 TraceCheckUtils]: 17: Hoare triple {21404#(and (or (= append_~node~0.base append_~head.base) (and (= |append_#in~head.offset| append_~head.offset) (= 9 (select |#length| append_~node~0.base)) (= append_~node~0.offset 0) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1))) (or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (not (= append_~node~0.base append_~head.base))))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} is VALID [2022-02-20 23:48:24,857 INFO L290 TraceCheckUtils]: 18: Hoare triple {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} is VALID [2022-02-20 23:48:24,858 INFO L290 TraceCheckUtils]: 19: Hoare triple {21405#(or (and (= 0 (select |old(#valid)| append_~node~0.base)) (= append_~node~0.base |append_#in~head.base|)) (and (= 9 (select |#length| append_~node~0.base)) (not (= append_~node~0.base |append_#in~head.base|)) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))) (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} is VALID [2022-02-20 23:48:24,858 INFO L290 TraceCheckUtils]: 20: Hoare triple {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} assume true; {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} is VALID [2022-02-20 23:48:24,859 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {21406#(or (= (select |old(#valid)| |append_#in~head.base|) 0) (and (= (select |#valid| |append_#in~head.base|) 1) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ |append_#in~head.offset| 4)) 0) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ |append_#in~head.offset| 4))))))} {21382#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,860 INFO L290 TraceCheckUtils]: 22: Hoare triple {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,860 INFO L290 TraceCheckUtils]: 23: Hoare triple {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume !!(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,861 INFO L290 TraceCheckUtils]: 24: Hoare triple {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,861 INFO L290 TraceCheckUtils]: 25: Hoare triple {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} is VALID [2022-02-20 23:48:24,862 INFO L272 TraceCheckUtils]: 26: Hoare triple {21397#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)))) (= |ULTIMATE.start_main_~list~0#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ |ULTIMATE.start_main_~list~0#1.offset| 4)) 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {21398#(and (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| |append_#in~head.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4))) (= |append_#in~head.offset| 0))} is VALID [2022-02-20 23:48:24,863 INFO L290 TraceCheckUtils]: 27: Hoare triple {21398#(and (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) 4) 0) (= (select |#valid| |append_#in~head.base|) 1) (= 9 (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) 4))) (= |append_#in~head.offset| 0))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,864 INFO L290 TraceCheckUtils]: 28: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,864 INFO L290 TraceCheckUtils]: 29: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,864 INFO L290 TraceCheckUtils]: 30: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,865 INFO L290 TraceCheckUtils]: 31: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,865 INFO L290 TraceCheckUtils]: 32: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,866 INFO L290 TraceCheckUtils]: 33: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,867 INFO L290 TraceCheckUtils]: 34: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,867 INFO L290 TraceCheckUtils]: 35: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:24,868 INFO L290 TraceCheckUtils]: 36: Hoare triple {21399#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {21400#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0))} is VALID [2022-02-20 23:48:24,868 INFO L290 TraceCheckUtils]: 37: Hoare triple {21400#(and (= (select (select |#memory_$Pointer$.offset| append_~head.base) (+ append_~head.offset 4)) 0) (= (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ append_~head.offset 4))) 9) (= append_~head.offset 0))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {21401#(and (= |append_#t~mem60.offset| 0) (= 9 (select |#length| |append_#t~mem60.base|)))} is VALID [2022-02-20 23:48:24,869 INFO L290 TraceCheckUtils]: 38: Hoare triple {21401#(and (= |append_#t~mem60.offset| 0) (= 9 (select |#length| |append_#t~mem60.base|)))} assume !(4 + (5 + #t~mem60.offset) <= #length[#t~mem60.base] && 0 <= 5 + #t~mem60.offset); {21380#false} is VALID [2022-02-20 23:48:24,869 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:48:24,869 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:48:24,869 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1774889475] [2022-02-20 23:48:24,869 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1774889475] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:48:24,870 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [829185801] [2022-02-20 23:48:24,870 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:48:24,870 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:48:24,870 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:48:24,871 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:48:24,871 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-02-20 23:48:24,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:24,990 INFO L263 TraceCheckSpWp]: Trace formula consists of 329 conjuncts, 66 conjunts are in the unsatisfiable core [2022-02-20 23:48:25,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:48:25,008 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:48:25,016 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-02-20 23:48:25,345 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:48:25,356 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2022-02-20 23:48:25,477 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:25,477 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:48:25,505 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:25,505 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2022-02-20 23:48:25,537 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:48:25,551 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 3 [2022-02-20 23:48:25,764 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:25,764 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:48:25,822 INFO L356 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-02-20 23:48:25,822 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 20 treesize of output 26 [2022-02-20 23:48:26,321 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:26,327 INFO L356 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2022-02-20 23:48:26,328 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 29 treesize of output 28 [2022-02-20 23:48:27,055 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-02-20 23:48:27,056 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 26 treesize of output 28 [2022-02-20 23:48:27,119 INFO L356 Elim1Store]: treesize reduction 8, result has 65.2 percent of original size [2022-02-20 23:48:27,119 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 22 treesize of output 24 [2022-02-20 23:48:27,293 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:27,330 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:27,876 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:27,916 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:28,174 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 46 treesize of output 44 [2022-02-20 23:48:28,232 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 35 treesize of output 35 [2022-02-20 23:48:28,556 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:28,563 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 39 treesize of output 21 [2022-02-20 23:48:28,637 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:28,638 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 14 [2022-02-20 23:48:28,711 INFO L290 TraceCheckUtils]: 0: Hoare triple {21379#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(22, 2); {21379#true} is VALID [2022-02-20 23:48:28,711 INFO L290 TraceCheckUtils]: 1: Hoare triple {21379#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset, main_#t~nondet63#1, main_#t~nondet64#1, main_~userInput~1#1, main_#t~nondet62#1, main_#t~nondet66#1, main_#t~nondet67#1, main_~userInput~2#1, main_#t~nondet65#1, main_#t~nondet69#1, main_#t~nondet70#1, main_~userInput~3#1, main_#t~nondet68#1, main_#t~mem71#1.base, main_#t~mem71#1.offset, main_#t~mem72#1.base, main_#t~mem72#1.offset, main_#t~mem74#1.base, main_#t~mem74#1.offset, main_#t~ret73#1, main_#t~mem76#1.base, main_#t~mem76#1.offset, main_#t~post75#1, main_#t~mem78#1.base, main_#t~mem78#1.offset, main_#t~ret77#1, main_#t~mem80#1.base, main_#t~mem80#1.offset, main_#t~post79#1, main_#t~mem81#1.base, main_#t~mem81#1.offset, main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset, main_~next~0#1.base, main_~next~0#1.offset, main_~counter~0#1;call main_#t~malloc61#1.base, main_#t~malloc61#1.offset := #Ultimate.allocOnHeap(8);main_~list~0#1.base, main_~list~0#1.offset := main_#t~malloc61#1.base, main_#t~malloc61#1.offset;havoc main_#t~malloc61#1.base, main_#t~malloc61#1.offset; {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,712 INFO L290 TraceCheckUtils]: 2: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, main_~list~0#1.offset, 4); srcloc: L575 {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,712 INFO L290 TraceCheckUtils]: 3: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, main_~list~0#1.base, 4 + main_~list~0#1.offset, 4); srcloc: L575-1 {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,713 INFO L290 TraceCheckUtils]: 4: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} havoc main_~userInput~0#1; {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,713 INFO L290 TraceCheckUtils]: 5: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,713 INFO L290 TraceCheckUtils]: 6: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,714 INFO L272 TraceCheckUtils]: 7: Hoare triple {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {21432#(= |old(#valid)| |#valid|)} is VALID [2022-02-20 23:48:28,714 INFO L290 TraceCheckUtils]: 8: Hoare triple {21432#(= |old(#valid)| |#valid|)} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {21436#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,715 INFO L290 TraceCheckUtils]: 9: Hoare triple {21436#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {21436#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,715 INFO L290 TraceCheckUtils]: 10: Hoare triple {21436#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,716 INFO L290 TraceCheckUtils]: 11: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,716 INFO L290 TraceCheckUtils]: 12: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} assume #t~short58; {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,717 INFO L290 TraceCheckUtils]: 13: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call #t~mem57.base, #t~mem57.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L561-2 {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,717 INFO L290 TraceCheckUtils]: 14: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} #t~short58 := #t~mem57.base == 0 && #t~mem57.offset == 0; {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,717 INFO L290 TraceCheckUtils]: 15: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} assume #t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,718 INFO L290 TraceCheckUtils]: 16: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, ~head.offset, 4); srcloc: L562 {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,719 INFO L290 TraceCheckUtils]: 17: Hoare triple {21443#(and (= 0 (select |old(#valid)| append_~node~0.base)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= append_~head.base |append_#in~head.base|) (= (select |#valid| append_~head.base) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(~node~0.base, ~node~0.offset, ~head.base, 4 + ~head.offset, 4); srcloc: L562-1 {21465#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,721 INFO L290 TraceCheckUtils]: 18: Hoare triple {21465#(and (= 0 (select |old(#valid)| append_~node~0.base)) (= (select |#valid| |append_#in~head.base|) 1) (exists ((append_~head.offset Int)) (and (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset))) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L563 {21469#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (or (= append_~node~0.base |append_#in~head.base|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} is VALID [2022-02-20 23:48:28,723 INFO L290 TraceCheckUtils]: 19: Hoare triple {21469#(and (= 0 (select |old(#valid)| append_~node~0.base)) (exists ((append_~head.offset Int)) (and (or (= append_~node~0.base |append_#in~head.base|) (= append_~node~0.base (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (or (= append_~node~0.base |append_#in~head.base|) (= (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) append_~node~0.offset)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1) (= |#valid| (store |old(#valid)| append_~node~0.base 1)) (<= 0 append_~node~0.offset))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L564 {21473#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} is VALID [2022-02-20 23:48:28,724 INFO L290 TraceCheckUtils]: 20: Hoare triple {21473#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} assume true; {21473#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} is VALID [2022-02-20 23:48:28,725 INFO L284 TraceCheckUtils]: 21: Hoare quadruple {21473#(and (exists ((append_~head.offset Int)) (and (or (and (= (select |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 0) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (= |#valid| (store |old(#valid)| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) 1)) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))))) (and (<= 9 (select |#length| |append_#in~head.base|)) (= (store |old(#valid)| |append_#in~head.base| 1) |#valid|) (= (select |old(#valid)| |append_#in~head.base|) 0))) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|))) (= (select |#valid| |append_#in~head.base|) 1))} {21413#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} #507#return; {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,726 INFO L290 TraceCheckUtils]: 22: Hoare triple {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -2147483648 <= main_#t~nondet62#1 && main_#t~nondet62#1 <= 2147483647; {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,727 INFO L290 TraceCheckUtils]: 23: Hoare triple {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !!(0 != main_#t~nondet62#1);havoc main_#t~nondet62#1; {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,728 INFO L290 TraceCheckUtils]: 24: Hoare triple {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume -128 <= main_#t~nondet63#1 && main_#t~nondet63#1 <= 127;main_~userInput~1#1 := main_#t~nondet63#1;havoc main_#t~nondet63#1; {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,729 INFO L290 TraceCheckUtils]: 25: Hoare triple {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} assume !(60 == main_~userInput~1#1 || 62 == main_~userInput~1#1); {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} is VALID [2022-02-20 23:48:28,730 INFO L272 TraceCheckUtils]: 26: Hoare triple {21480#(and (= (select |#valid| |ULTIMATE.start_main_~list~0#1.base|) 1) (exists ((append_~head.offset Int)) (and (= (select |#valid| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) 1) (<= 0 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (<= (+ 9 (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4))) (select |#length| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= 0 append_~head.offset) (not (= |ULTIMATE.start_main_~list~0#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_main_~list~0#1.base|) (+ append_~head.offset 4)))) (<= append_~head.offset |ULTIMATE.start_main_~list~0#1.offset|))) (<= |ULTIMATE.start_main_~list~0#1.offset| 0))} call append(main_~list~0#1.base, main_~list~0#1.offset, main_~userInput~1#1); {21496#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} is VALID [2022-02-20 23:48:28,731 INFO L290 TraceCheckUtils]: 27: Hoare triple {21496#(and (= (select |#valid| |append_#in~head.base|) 1) (<= |append_#in~head.offset| 0) (exists ((append_~head.offset Int)) (and (not (= (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)) |append_#in~head.base|)) (<= 0 append_~head.offset) (<= append_~head.offset |append_#in~head.offset|) (<= 0 (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4))) (<= (+ (select (select |#memory_$Pointer$.offset| |append_#in~head.base|) (+ append_~head.offset 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |append_#in~head.base|) (+ append_~head.offset 4))) 1))))} ~head.base, ~head.offset := #in~head.base, #in~head.offset;~input := #in~input;call #t~malloc55.base, #t~malloc55.offset := #Ultimate.allocOnHeap(9);~node~0.base, ~node~0.offset := #t~malloc55.base, #t~malloc55.offset;havoc #t~malloc55.base, #t~malloc55.offset; {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,732 INFO L290 TraceCheckUtils]: 28: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~int(~input, ~node~0.base, ~node~0.offset, 1); srcloc: L560 {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,733 INFO L290 TraceCheckUtils]: 29: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem56.base, #t~mem56.offset := read~$Pointer$(~head.base, ~head.offset, 4); srcloc: L560-1 {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,734 INFO L290 TraceCheckUtils]: 30: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} #t~short58 := #t~mem56.base == 0 && #t~mem56.offset == 0; {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,735 INFO L290 TraceCheckUtils]: 31: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58; {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,736 INFO L290 TraceCheckUtils]: 32: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} assume !#t~short58;havoc #t~mem56.base, #t~mem56.offset;havoc #t~mem57.base, #t~mem57.offset;havoc #t~short58; {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,737 INFO L290 TraceCheckUtils]: 33: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call #t~mem59.base, #t~mem59.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L568 {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,738 INFO L290 TraceCheckUtils]: 34: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(#t~mem59.base, #t~mem59.offset, ~node~0.base, 1 + ~node~0.offset, 4); srcloc: L568-1 {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,739 INFO L290 TraceCheckUtils]: 35: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} havoc #t~mem59.base, #t~mem59.offset; {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} is VALID [2022-02-20 23:48:28,741 INFO L290 TraceCheckUtils]: 36: Hoare triple {21500#(and (<= append_~head.offset 0) (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (not (= append_~node~0.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (not (= append_~node~0.base append_~head.base)))} SUMMARY for call write~$Pointer$(0, 0, ~node~0.base, 5 + ~node~0.offset, 4); srcloc: L569 {21528#(and (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (<= append_~head.offset 0))} is VALID [2022-02-20 23:48:28,741 INFO L290 TraceCheckUtils]: 37: Hoare triple {21528#(and (exists ((v_append_~head.offset_30 Int)) (and (<= 0 (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4))) (<= v_append_~head.offset_30 append_~head.offset) (<= 0 v_append_~head.offset_30) (not (= append_~head.base (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))) (<= (+ (select (select |#memory_$Pointer$.offset| append_~head.base) (+ v_append_~head.offset_30 4)) 9) (select |#length| (select (select |#memory_$Pointer$.base| append_~head.base) (+ v_append_~head.offset_30 4)))))) (<= append_~head.offset 0))} SUMMARY for call #t~mem60.base, #t~mem60.offset := read~$Pointer$(~head.base, 4 + ~head.offset, 4); srcloc: L569-1 {21532#(and (<= 0 |append_#t~mem60.offset|) (<= (+ |append_#t~mem60.offset| 9) (select |#length| |append_#t~mem60.base|)))} is VALID [2022-02-20 23:48:28,742 INFO L290 TraceCheckUtils]: 38: Hoare triple {21532#(and (<= 0 |append_#t~mem60.offset|) (<= (+ |append_#t~mem60.offset| 9) (select |#length| |append_#t~mem60.base|)))} assume !(4 + (5 + #t~mem60.offset) <= #length[#t~mem60.base] && 0 <= 5 + #t~mem60.offset); {21380#false} is VALID [2022-02-20 23:48:28,742 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 3 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:48:28,742 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:48:28,839 WARN L838 $PredicateComparison]: unable to prove that (and (forall ((v_ArrVal_887 (Array Int Int)) (v_ArrVal_888 (Array Int Int))) (let ((.cse0 (+ c_append_~head.offset 4))) (<= (+ (select (select (store |c_#memory_$Pointer$.offset| c_append_~node~0.base v_ArrVal_888) c_append_~head.base) .cse0) 9) (select |c_#length| (select (select (store |c_#memory_$Pointer$.base| c_append_~node~0.base v_ArrVal_887) c_append_~head.base) .cse0))))) (forall ((v_ArrVal_888 (Array Int Int))) (<= 0 (+ (select (select (store |c_#memory_$Pointer$.offset| c_append_~node~0.base v_ArrVal_888) c_append_~head.base) (+ c_append_~head.offset 4)) 5)))) is different from false [2022-02-20 23:48:30,122 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:30,123 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 82 treesize of output 83 [2022-02-20 23:48:30,179 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:30,180 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 83 treesize of output 73 [2022-02-20 23:48:30,232 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:30,246 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:30,246 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 103 treesize of output 103 [2022-02-20 23:48:30,337 INFO L173 IndexEqualityManager]: detected equality via solver [2022-02-20 23:48:30,358 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:30,359 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 152 treesize of output 140 [2022-02-20 23:48:30,482 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:48:30,483 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 216 treesize of output 230 [2022-02-20 23:48:30,573 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 230 treesize of output 210 [2022-02-20 23:48:30,683 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 210 treesize of output 186